kdev_common_ioctl+0x9c3/0x1040 [ 102.688188][ T9406] ? selinux_file_ioctl+0x8e0/0x970 [ 102.693438][ T9406] ? lo_release+0x120/0x120 [ 102.697946][ T9406] blkdev_ioctl+0x1d0/0x3c0 [ 102.702456][ T9406] block_ioctl+0x6d/0x80 [ 102.706748][ T9406] ? blkdev_iopoll+0x70/0x70 [ 102.711374][ T9406] __se_sys_ioctl+0xcb/0x140 [ 102.715971][ T9406] __x64_sys_ioctl+0x3f/0x50 [ 102.720571][ T9406] do_syscall_64+0x3d/0x90 [ 102.725055][ T9406] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 102.730965][ T9406] RIP: 0033:0x4663a7 [ 102.734878][ T9406] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 102.754485][ T9406] RSP: 002b:00007f67705dbf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 102.762898][ T9406] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 102.770950][ T9406] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 102.778918][ T9406] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff 00:39:35 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffffffffffe, 0x64, 0xc3, @buffer={0x0, 0x8e, &(0x7f00000003c0)=""/142}, &(0x7f00000004c0)="7026c65050cd1857441d5e1ebe480aab1033c9e5880236fc4639202982e372680ee8e81fe94e5c28cdd6d60976b8d93c009f688f3f1a7bdcc0e45d2dae521dcf9794c0d7b89902cdec93ed6bb7cc531d77c874c7883d656e233281fa2af7ebecd66028c2", &(0x7f0000000540)=""/114, 0x8, 0xd6f598426f0334fa, 0xffffffffffffffff, &(0x7f00000000c0)}) ioctl$SG_IO(r0, 0x2285, 0x0) r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="08000000040000000000000039cad6ac86d5d991a1cfa1c36bc608cd6e5c749da19711cb2a7dfd5b7ba8ca1a702d7936bdc3eba9473e28ff19268adcd6f7c0dc29ee439a9950a3a62f3fe763d62db55d120680a1c3b8182f2548e76ff9fd672c8560d21939e98362be803c0f08c0a7b0354487be9fb25b046278483c09f4d240f7bc5e16269b99098556305188f77ba87d47240a1cb8f501634c19da183859756334a8981961af0dd9dfd862d9509b8d40153687c1a6707fb8f9389abbf4dc49de273976421a91956a180a66e89f5b4af19af680d443cd49c3d963725d8d1654bb0452398a5673f0a9b729c96f7cdb140572866d747d14945df9ef22a572a1ab313d3772291387139d61b0521c6d16a20b15612e3674e2e50be6a29e5e21cf5880c4f451a0cbc42d0ea9d846615fdc430b4b73cef5d064884e0f9e9eda218b7bbce6bf1617c9715a39c3df0d2797988ef6fec9919efacfb1c0c940"]) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x84000, 0x0) openat$cgroup_ro(r6, &(0x7f0000000200)='pids.current\x00', 0x0, 0x0) 00:39:35 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x88080, 0x0) fcntl$setlease(r0, 0x400, 0x0) open(&(0x7f0000000100)='./file0\x00', 0x200, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) creat(&(0x7f00000002c0)='./file0\x00', 0x102) sendmsg$NL80211_CMD_ASSOCIATE(r2, &(0x7f0000000bc0)={&(0x7f0000000ac0), 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB='3\f\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x28}}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x2) r4 = fork() sendmsg$netlink(r3, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r4, 0xee01, 0xee00}}}], 0x20}, 0x0) fallocate(r3, 0x40, 0x4, 0x3) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan1\x00'}) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') 00:39:35 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 102.786891][ T9406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 102.794862][ T9406] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 102.866673][ T9411] loop1: detected capacity change from 0 to 264192 [ 102.877574][ T9415] sg_write: data in/out 1935898123/726 bytes for SCSI command 0x0-- guessing data in; [ 102.877574][ T9415] program syz-executor.4 not setting count and/or reply_len properly [ 102.881274][ T9414] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 102.914827][ T9411] FAT-fs (loop1): bogus number of reserved sectors [ 102.921359][ T9411] FAT-fs (loop1): Can't find a valid FAT filesystem [ 102.938453][ T9406] EXT4-fs (loop2): mounted filesystem without journal. Opts: nolazytime,,errors=continue. Quota mode: none. 00:39:35 executing program 2 (fault-call:0 fault-nth:38): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:35 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffffffffffe, 0x64, 0xc3, @buffer={0x0, 0x8e, &(0x7f00000003c0)=""/142}, &(0x7f00000004c0)="7026c65050cd1857441d5e1ebe480aab1033c9e5880236fc4639202982e372680ee8e81fe94e5c28cdd6d60976b8d93c009f688f3f1a7bdcc0e45d2dae521dcf9794c0d7b89902cdec93ed6bb7cc531d77c874c7883d656e233281fa2af7ebecd66028c2", &(0x7f0000000540)=""/114, 0x8, 0xd6f598426f0334fa, 0xffffffffffffffff, &(0x7f00000000c0)}) ioctl$SG_IO(r0, 0x2285, 0x0) r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="08000000040000000000000039cad6ac86d5d991a1cfa1c36bc608cd6e5c749da19711cb2a7dfd5b7ba8ca1a702d7936bdc3eba9473e28ff19268adcd6f7c0dc29ee439a9950a3a62f3fe763d62db55d120680a1c3b8182f2548e76ff9fd672c8560d21939e98362be803c0f08c0a7b0354487be9fb25b046278483c09f4d240f7bc5e16269b99098556305188f77ba87d47240a1cb8f501634c19da183859756334a8981961af0dd9dfd862d9509b8d40153687c1a6707fb8f9389abbf4dc49de273976421a91956a180a66e89f5b4af19af680d443cd49c3d963725d8d1654bb0452398a5673f0a9b729c96f7cdb140572866d747d14945df9ef22a572a1ab313d3772291387139d61b0521c6d16a20b15612e3674e2e50be6a29e5e21cf5880c4f451a0cbc42d0ea9d846615fdc430b4b73cef5d064884e0f9e9eda218b7bbce6bf1617c9715a39c3df0d2797988ef6fec9919efacfb1c0c940"]) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x84000, 0x0) [ 102.959337][ T9414] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 103.009864][ T9414] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 103.032470][ T9432] sg_write: data in/out 1935898123/726 bytes for SCSI command 0x0-- guessing data in; [ 103.032470][ T9432] program syz-executor.4 not setting count and/or reply_len properly [ 103.051344][ T9435] loop2: detected capacity change from 0 to 512 [ 103.062301][ T9414] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 103.074111][ T9435] FAULT_INJECTION: forcing a failure. [ 103.074111][ T9435] name failslab, interval 1, probability 0, space 0, times 0 [ 103.086827][ T9435] CPU: 1 PID: 9435 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 103.095527][ T9435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.105575][ T9435] Call Trace: 00:39:35 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffffffffffe, 0x64, 0xc3, @buffer={0x0, 0x8e, &(0x7f00000003c0)=""/142}, &(0x7f00000004c0)="7026c65050cd1857441d5e1ebe480aab1033c9e5880236fc4639202982e372680ee8e81fe94e5c28cdd6d60976b8d93c009f688f3f1a7bdcc0e45d2dae521dcf9794c0d7b89902cdec93ed6bb7cc531d77c874c7883d656e233281fa2af7ebecd66028c2", &(0x7f0000000540)=""/114, 0x8, 0xd6f598426f0334fa, 0xffffffffffffffff, &(0x7f00000000c0)}) ioctl$SG_IO(r0, 0x2285, 0x0) r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="08000000040000000000000039cad6ac86d5d991a1cfa1c36bc608cd6e5c749da19711cb2a7dfd5b7ba8ca1a702d7936bdc3eba9473e28ff19268adcd6f7c0dc29ee439a9950a3a62f3fe763d62db55d120680a1c3b8182f2548e76ff9fd672c8560d21939e98362be803c0f08c0a7b0354487be9fb25b046278483c09f4d240f7bc5e16269b99098556305188f77ba87d47240a1cb8f501634c19da183859756334a8981961af0dd9dfd862d9509b8d40153687c1a6707fb8f9389abbf4dc49de273976421a91956a180a66e89f5b4af19af680d443cd49c3d963725d8d1654bb0452398a5673f0a9b729c96f7cdb140572866d747d14945df9ef22a572a1ab313d3772291387139d61b0521c6d16a20b15612e3674e2e50be6a29e5e21cf5880c4f451a0cbc42d0ea9d846615fdc430b4b73cef5d064884e0f9e9eda218b7bbce6bf1617c9715a39c3df0d2797988ef6fec9919efacfb1c0c940"]) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 103.108862][ T9435] dump_stack_lvl+0xb7/0x103 [ 103.113541][ T9435] dump_stack+0x11/0x1a [ 103.117751][ T9435] should_fail+0x23c/0x250 [ 103.122226][ T9435] __should_failslab+0x81/0x90 [ 103.127072][ T9435] ? call_usermodehelper_setup+0x71/0x190 [ 103.132803][ T9435] should_failslab+0x5/0x20 [ 103.137314][ T9435] kmem_cache_alloc_trace+0x49/0x310 [ 103.142724][ T9435] call_usermodehelper_setup+0x71/0x190 [ 103.148349][ T9435] ? add_uevent_var+0x1c0/0x1c0 [ 103.153211][ T9435] kobject_uevent_env+0xb29/0xc40 [ 103.158243][ T9435] ? set_capacity_and_notify+0x1ac/0x1c0 [ 103.163966][ T9435] kobject_uevent+0x18/0x20 [ 103.168504][ T9435] loop_configure+0xcc5/0xeb0 [ 103.173272][ T9435] lo_ioctl+0x59b/0x1340 [ 103.177519][ T9435] ? path_openat+0x18e4/0x1f20 [ 103.182291][ T9435] ? putname+0xa5/0xc0 [ 103.186368][ T9435] ? ___cache_free+0x3c/0x300 [ 103.191054][ T9435] ? blkdev_common_ioctl+0x9c3/0x1040 [ 103.196503][ T9435] ? selinux_file_ioctl+0x8e0/0x970 [ 103.201737][ T9435] ? lo_release+0x120/0x120 [ 103.206246][ T9435] blkdev_ioctl+0x1d0/0x3c0 [ 103.210839][ T9435] block_ioctl+0x6d/0x80 [ 103.210869][ T9435] ? blkdev_iopoll+0x70/0x70 [ 103.219875][ T9435] __se_sys_ioctl+0xcb/0x140 [ 103.224464][ T9435] __x64_sys_ioctl+0x3f/0x50 [ 103.225808][ T9441] sg_write: data in/out 1935898123/726 bytes for SCSI command 0x0-- guessing data in; [ 103.225808][ T9441] program syz-executor.4 not setting count and/or reply_len properly [ 103.229057][ T9435] do_syscall_64+0x3d/0x90 [ 103.229082][ T9435] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 103.257207][ T9435] RIP: 0033:0x4663a7 00:39:35 executing program 0: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x2) r2 = fork() r3 = socket$netlink(0x10, 0x3, 0x2) r4 = fork() sendmsg$netlink(r3, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r4, 0xee01, 0xee00}}}], 0x20}, 0x0) write$binfmt_script(r3, &(0x7f0000000100)={'#! ', './file0', [{0x20, '+:\xab{%{--'}, {}], 0xa, "a7a9c7ca38cd784ed53dc2b94d7e6e5dab696dd8ef436451267788fbc8ebd4b2862e25ea4973919909c23b1998fe4908bb1015a954a4028b91b2f3c2a0733b6ebb12700014fe6e33ff5abc6e209aab0183030f7be45491f536f352d082aeee23d784ecfb9eb0fa778452405c906c2029fa1c3a1c36e25c9e9f4d66bb247b5c96b11fc00e067d966359fc183886b63683122d07bb10f210b1625b384e68f5"}, 0xb3) sendmsg$netlink(r1, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01, 0xee00}}}], 0x20}, 0x0) sendfile(r0, r1, &(0x7f0000000000)=0x1, 0x200) fcntl$setlease(r0, 0x400, 0x0) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') 00:39:35 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x19f840, 0x0) fcntl$setlease(r0, 0x400, 0x0) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') r1 = syz_mount_image$nfs4(&(0x7f0000000100), &(0x7f0000000140)='./bus\x00', 0xcd, 0x4, &(0x7f0000000340)=[{&(0x7f0000000180)="de2ff424d827c3175fd64879c402e693ebe7b5c5b9a00cd48e00e1b0e02e86e2bc99dc41997ab81f025817e73defd06ede1f14be6cf286b10099f9ec989f2c800077e40a575ce6efe7a067768ae28ea37a7e5d51e98a895ee420d1b4f6876cd8478c399cd0867b44e0f610b5c71fdfbab4cde296f5c9ffaef5ef079b6ccee80b903a62ad91c977db4f510e3379e578ed5e7ab1", 0x93, 0x81}, {&(0x7f0000000240)="c427c2fad1bdf45c7bcc04e54047d086347dd80f4811af9c059f4bd2cec758c5694ca345c1ffaf673e5863f55aedc1c823c9241416d682a9370c5b6cda701430780e9e8efa09ab81c2710cf87e5ed81b5418dcd0de913f1d02449e3768cb3e1b16abd81add4756e9e5ae19cffb344926493d10973fb8b173ec3f4e9db730", 0x7e, 0x5}, {&(0x7f00000002c0)="273843afa00add144426d69f52ff", 0xe, 0x8}, {&(0x7f0000000300)="2dd27897470dbffd6831efb363b0ed25e4f00d2ca896ff5cff330a0108e23b5dcb877ca5cb5971c7c143cc5d", 0x2c, 0x9}], 0x306141a, &(0x7f00000003c0)=ANY=[@ANYBLOB='@,]\b\x00\x00\x00\x00\x00\x00\x00,fowner=', @ANYRESDEC, @ANYBLOB=',smackfsfloor=$&:\\@%-,\x00']) sendfile(r0, r1, 0x0, 0x9) [ 103.261112][ T9435] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 103.280713][ T9435] RSP: 002b:00007f67705dbf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 103.289196][ T9435] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 103.297227][ T9435] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 103.305195][ T9435] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 103.313169][ T9435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 103.321158][ T9435] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 103.340527][ T9435] EXT4-fs (loop2): mounted filesystem without journal. Opts: nolazytime,,errors=continue. Quota mode: none. 00:39:35 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000000)="020182ffffff01000000ff07000000ffffffa5000800000000000000004000ffffff8700000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) syz_read_part_table(0x2, 0x2, &(0x7f0000000780)=[{&(0x7f0000000700)="1368646334176870c2538bc565aed790b658f3b8ab0830bbf9632a10e64e66874c965b45655b488a569f", 0x2a, 0x8000}, {&(0x7f0000000740)="db4e634920335bda25b6afe004e65af0eed0233ee0849e07d93e011c9e77b81f6a086cb8de17ecfc1726e4debfea5cf0c07da1fbb1a2178ce9ff055b4b", 0x3d, 0x638f}]) syz_read_part_table(0x68, 0x5, &(0x7f0000001240)=[{&(0x7f0000000040)="715c4e6ba910cb2644877982275ca71c5c029d0ea9b3471d0ec0bdc3", 0x1c, 0x4}, {&(0x7f0000000400)="640c8a7442e62cd54d8d3a6339edcc6b2c098d248522e81714", 0x19, 0x6}, {&(0x7f00000010c0)="603ff369a716937dfab1369845b763c7a5811dd3f9280d1a891bbff52daf2a53ac6c6f8923cc61c0fe99ff7c81913eb4abb36fa5f2fbd1f062192b7131fd956d9d1dcb56b1d1bf7c2bc5a940b02444aca2ec8e2fbc52eeaf7dd98674584ac5bf780aa8fde12f558054c343f03f1ce13d0921853fcc09638dd9d66f91d5382a554af15816d83d2e30c6e379e211dbd9037dd2eaf94673e0d31f65126fb17344cd91117f1afa5c5e04", 0xa8, 0x400}, {&(0x7f0000001180)="8cd4f78e8425cfe178cef761fedef5fc19ea78c5fc4093e35dcf828ffc6b417603665599145d6d6cc5de9358e33e1eb2bc43ad96bc59ad3dc6cc79be4efba413cbf7ac749dc19df9831dd63e4d3d6a8a00a0b87d862f982bdbb3cfe26ca457cc97eeb99586d2905e65c502905969c6a04015ae7da3232dd13e7eb48ebbbf664d4017555a59ec8332136f174c0d33f20fdc12b8afa6f96ca8c218227e964ed41b80482259", 0xa4, 0x3}, {&(0x7f0000000440)="e959144f6e0cc160a6680a3ebe722cca6c8ea2bd3dd3", 0x16, 0x4}]) syz_read_part_table(0x2a4, 0x6, &(0x7f0000000bc0)=[{&(0x7f00000007c0)="3fdcb4065c93128e51631000f97dd7b6404d16de1e98291dcfaa0e08ff91bb91bfcd7ddb7e61372349bcdd600d8e09a0a7bb2d14f4b2cda98ccdb90f640cde11684af1b59d2f8a1749229db8790d8b605919460224c94c16fd5a5053e3df2096d6957b487aa70162b918454ad9f990b367c6d0bd52d29d491b6c2c284bceac9cd723b0ce40532fefcf725bb600d9a88202dd1914879ae63699936453dd7e60cb5dc90448f017f5f30aa57b36e39ddf5ab38fc8c9a5d699d1a55e2c", 0xbb, 0x3}, {&(0x7f0000000880)="f67bf9ddb4c085b657a9f549c9bd7d61a7e7bf212102be83e468aa8daa1e8c7cec6def3c5569aecb3da438a7db6ab957a661c856a5acfb05b7ec55fe056e4c53e5d74c3315bd4f00183749050cfcae69da18ea2bed53618f37231c0751c656806804f5ad9270e6cc67c3ac6a5c601135d242fc41c087c9ac51c7e07779b428a665e50833300a0d855ca240b181d17dd55f4591b6c87ce0d18c53b0e6a68c3ebffcbe7da9e21e3a578ae6decc17d9c5fd38a38171988399829a1403ea278c74402ea4c9852d404d39b0940e4862a86176b8c25cd6f80e4f82", 0xd8, 0x4}, {&(0x7f0000000980)="663b4bf7d76b83514214b5c06d3e79cfa36fcfb7136dd030e9ff761cd102cdb3ea3d31e95109c0462d0c6bcafeb336cbbe79", 0x32, 0x4}, {&(0x7f00000009c0)="1fc76c49d58e222b39379d1714d9aec7b4a0610db7ba05dbe374ba86979ace0914c8fad81d21e7a567dfa00d9481fb5f4ed820b0d82a25fc34eabda723038d733ef8bce80de63baf857890a34a575ccd48163b090469ed3a5f28ee529e53ed87c81966c3f6465f16901d1c67a5f2f56fb9baaebb5314600c5564056ab21c583024827b986cc1ad31dcbcd8a44519dff1d185d1889ce7da549e1a56a7c7", 0x9d, 0x5}, {&(0x7f0000000a80)="5ed6a642d9b704b894e23f77e3a8a30d8bcf48a2542357962eb90e064815a1ed59cbf3522b55f2e7ed4130ed3bf642654cb7f879685f1444ed68dda296f895e103140f4bebea77b87527e87534d970ad84699383a79004869b242d7255583a769b8a5a7b8dba74be51118a505320a114ccd76b3b3fc0d2834eae6d131b911fc2d915840923d38cb079a2404940f766da33d1b1b06e0db63adf", 0x99, 0x6}, {&(0x7f0000000b40)="fc6b021b782ec87267a8bae51d344185a58a47e3964499b2a509db4036f3a3e52790e5d9a84f6444bb4c1e2b2b01c0412eaf9d06785974c214a1f7ad5c0eb8b32aa06845e3a2971b27021d70686e8888951b2a874ac7e8c5f7a6a91714ee8d224ef268", 0x63, 0xc8}]) syz_read_part_table(0x3, 0x5, &(0x7f0000000f80)=[{&(0x7f0000000c80)="5e8f903ec4201cc2b475ad875d5688a13b3f6ba889c722bed6a05297bc0bba63cd13bd40ecdde8f28b76f438e609f76228bf688974c5acbac81247ee6d5b103b", 0x40, 0x3}, {&(0x7f0000000cc0)="39f9a9c228701531c7e85edd0664a09d1efc00123eea906dcca09407852e0bfff3ff3ea78737983d079ff082c8dbff5d3ba8b9f4d9dbe6f980aa8b3fc05cc868a7e6bbeee2585ec0fa2566ec93777e5a99c72a7c3c07900a8a5c45daac897e1613c7b6811b345cad8c54d090e098015b9f2d6bc84e63d6fcde895632f325d9de62165405e5196708440f0046857cbf90dd4f9c9d30a149ba", 0x98, 0x65}, {&(0x7f0000000d80)="d1cbb000db6a321d5374f12e50f8918c3b2dc76b48e7673c0534474973cfeb1a5a869c97a13c9eb636ce484aec80743122c0cb118dc808a4f96c63ee242233e46c087d0f706151d443bfe542127479cfcde0150f8e8ed1a92b711ff1010d2382610aebfef226f0f37b868d2b2e45", 0x6e, 0xd98}, {&(0x7f0000000e00)="d6efa7f3a751fa68124f2b6830d17daffd8ecffec79458b6ec78a7079c7b86a6e542877a5ebc03714af4a4de51935c216820bf1930094dd13b69637fe6dffae42797bc44ceee19e5f342b736b1c6e11c14ad99fa4e9e4aed7f03f541edb8aa5cf967eb22ff5ada7024368f9cda134f9e1fd3962a59000daf13c6c3129c5346422337aec52cdfbbfce06a14cbf813b163d99a9390a9a9fb20b6b462f4998d103bf994aae5d13520227115d617d08ca2b35a305f480ab4fe9ab760fef60c64503fade32a5703a0aa149968a46da8a8f00bc16ad5d176acb74f0ff45244f73658f77e5bd3d4cf34c26b371039", 0xeb, 0x6}, {&(0x7f0000000f00)="7f2be6d608938fda8fc0f7b7664f820bc4514b4a0805dd2f235c3b07a8802a419830baca10d00865e7e874eb354bc2bacfbbdbb086e32de1b08d1093deaf664dcbfb400a77cb8492e2123a61cf6bcbebaaf7dec943477bfd91d495", 0x5b, 0xffffffffffffff01}]) syz_read_part_table(0x400, 0x9, &(0x7f0000000600)=[{&(0x7f00000000c0)="a35ab1463912f64d0a607526cbf7062d443d26fc23268b5532e8b68e72765dc1b2fc42cdb95f7db825a8d0d60a0dcfab1aeb6c58f7068e77ec1a0ecb9bf7d7ef531de2327f13086c92", 0x49, 0x7}, {&(0x7f0000000140)="4ab255450d4f6d5814d876a9a67284e4eb411e9059cede6d87c4825b1beedf631a89958cf68ac9f5bc3cf3a6372b6f3727ee04d646a70cec9ea8b710217e844fe5aef7559dddbbadca879e7ab8749484a5642a6c1db48fce94d3df31bee443fbeef0ff81166f643c7afe94684eeb4a43b1d0e63a3fd0da336e8b805c9b5021de0e24a3b58ac60b434bae3446f702fe486f7166fe823ce9400350ba22f4b2b5cd833569a33a128b287f62bc7183e222ba9114b08118eb256350f8a7bcf69122", 0xbf, 0x200}, {&(0x7f0000000200)="0a263b8419a171b275db8d404a3b855179cf81722ea0e7bc4ca033b13ed436de79581df780a89253976d2d61e2602735cc57e195e368f7b73b683b86cee4d6cf84bd3e5c493658bb3d211ef10a77b53673d21e6fd822dd74ab1d8df00edca9d9cf12328e53d42b4de2cfd8afe296754f08136278a48e61a11f8e4372d66ec65c45892a3e004cdf0c4e4cd687c4b7f7f4002c46a0c02237fe093998edde8b", 0x9e, 0x8}, {&(0x7f00000002c0)="427f835e131c4a871a0b5c8663cca47f0c105699ceb69e54d9982f47e4cbf59bcf74d7eef0776ce72553780a5a43e7dd2b5af785e94bb8b19f7becc66532412bcffa579ac628c611", 0x48, 0x2000000003f}, {&(0x7f0000000340)="9a689100e1ddbe82695e2e7260e087a905291025af362114eff76444c74d913050fbd58e5c858df1266636feb0455e05cbf6ac64e2e9f57cc3da48fcb184531a5081ed457e7da0c76c3d02a59722e3fbb29b11ecae7499c532e130fae40a5350639df964", 0x64, 0xfffffffffffffffe}, {&(0x7f00000003c0)="2a6090e635e39070eeea47508c95ce829fe83c9c228046384e27d0b6700e61", 0x1f, 0xffff}, {&(0x7f0000001000)="02c1c385dfda589d3dca5362810c29bfa392e3d7310f0ccc76d6ed124506223f27caf1bcbcf97553291570f328a5990df3a013d45010c799790904cfee4437459ea5fc4660c636d8fef4ec73201f5986e546144aa2d21d40a8d4fc5b72af005bb055686d416e10bfa697f0256fcbe94899473f3575b87146788fc7de49a74c38783b20ad98b6d8e9aecffb30a887144eb3db39fd2d583aa6988bbf508f78c06c3b8cdec1773229b6f020a4f714d34e2b16071cfc81a4433c056e346775d4", 0xbe, 0x1f}, {&(0x7f0000000480)="35aa628eb305177c7802d4dc923f643d076b7ffeabc503d97886a4687d9de845b7a09d8f30cef23030a49f281b866a0e279f9769e52e7618b366b00930dda6dbb94aacc3666833b91df98990a85cae5f16db9a1389bb3d4a4bdd949d5a8c6883deebe6ae0fefb9b240cc18d8ce6595c88785b769441e758868e6a282a9499f19dbfbf2ae92318f64c689107c6a0cbd0bc0033cf539532c6da65c6d0bcb4196d34a4649941e9370b93af49d33f45bd014ca14abdf33a5f329fd64e3ce59", 0xbd, 0x1}, {&(0x7f0000000540)="401aee168ffa46c8fdbdb5a36bcaa57f7505c520c25f50a56394ea7f69ebaa87fea9b7f43e7d3d63f88fe8314c74f26c6d1554dc1998f2c98869b6f86c9901dd66e2777b8519d2245a30968ae937b92f27a22739f6f08137c882cfb9102efbc0d867d40b325aa3031e4467e6fc94fcc59e95128e95a5de60b30bd823ea8436b0645d32e350d19c1ba881506c90bf180345a6cb6e2255da3de5ee64ed000000", 0x9f, 0x8}]) 00:39:35 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) fcntl$setlease(r0, 0x400, 0x0) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./bus\x00') 00:39:35 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffffffffffe, 0x64, 0xc3, @buffer={0x0, 0x8e, &(0x7f00000003c0)=""/142}, &(0x7f00000004c0)="7026c65050cd1857441d5e1ebe480aab1033c9e5880236fc4639202982e372680ee8e81fe94e5c28cdd6d60976b8d93c009f688f3f1a7bdcc0e45d2dae521dcf9794c0d7b89902cdec93ed6bb7cc531d77c874c7883d656e233281fa2af7ebecd66028c2", &(0x7f0000000540)=""/114, 0x8, 0xd6f598426f0334fa, 0xffffffffffffffff, &(0x7f00000000c0)}) ioctl$SG_IO(r0, 0x2285, 0x0) r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="08000000040000000000000039cad6ac86d5d991a1cfa1c36bc608cd6e5c749da19711cb2a7dfd5b7ba8ca1a702d7936bdc3eba9473e28ff19268adcd6f7c0dc29ee439a9950a3a62f3fe763d62db55d120680a1c3b8182f2548e76ff9fd672c8560d21939e98362be803c0f08c0a7b0354487be9fb25b046278483c09f4d240f7bc5e16269b99098556305188f77ba87d47240a1cb8f501634c19da183859756334a8981961af0dd9dfd862d9509b8d40153687c1a6707fb8f9389abbf4dc49de273976421a91956a180a66e89f5b4af19af680d443cd49c3d963725d8d1654bb0452398a5673f0a9b729c96f7cdb140572866d747d14945df9ef22a572a1ab313d3772291387139d61b0521c6d16a20b15612e3674e2e50be6a29e5e21cf5880c4f451a0cbc42d0ea9d846615fdc430b4b73cef5d064884e0f9e9eda218b7bbce6bf1617c9715a39c3df0d2797988ef6fec9919efacfb1c0c940"]) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:36 executing program 2 (fault-call:0 fault-nth:39): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:36 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x2c2483, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140), 0x72000, 0x0) ioctl$BTRFS_IOC_BALANCE_CTL(r1, 0x40049421, 0x1) ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1, 0x9) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') [ 103.447594][ T9458] loop0: detected capacity change from 0 to 1 [ 103.454159][ T9462] sg_write: data in/out 1935898123/726 bytes for SCSI command 0x0-- guessing data in; [ 103.454159][ T9462] program syz-executor.4 not setting count and/or reply_len properly [ 103.524199][ T9458] loop0: p1 p2 p3 p4 [ 103.526376][ T9473] loop2: detected capacity change from 0 to 512 [ 103.528404][ T9458] loop0: p1 start 1 is beyond EOD, truncated [ 103.540519][ T9458] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 103.560524][ T9473] FAULT_INJECTION: forcing a failure. [ 103.560524][ T9473] name failslab, interval 1, probability 0, space 0, times 0 [ 103.573212][ T9473] CPU: 1 PID: 9473 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 103.582008][ T9473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.588600][ T9458] loop0: p3 size 1912633224 extends beyond EOD, [ 103.592058][ T9473] Call Trace: [ 103.592068][ T9473] dump_stack_lvl+0xb7/0x103 [ 103.592089][ T9473] dump_stack+0x11/0x1a [ 103.592103][ T9473] should_fail+0x23c/0x250 [ 103.592124][ T9473] ? __d_alloc+0x36/0x370 [ 103.592142][ T9473] __should_failslab+0x81/0x90 00:39:36 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) fcntl$setlease(r0, 0x400, 0x0) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x2e1083, 0x0) r1 = socket$netlink(0x10, 0x3, 0x2) r2 = fork() sendmsg$netlink(r1, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01, 0xee00}}}], 0x20}, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001500), 0x60e40, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000100)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000000500)={r4, "6ce4ab19a7733d60e04eb7fd79913809"}) [ 103.598487][ T9458] truncated [ 103.601737][ T9473] should_failslab+0x5/0x20 [ 103.631477][ T9473] kmem_cache_alloc+0x46/0x2e0 [ 103.636273][ T9473] __d_alloc+0x36/0x370 [ 103.640517][ T9473] ? __perf_event_task_sched_in+0x7e7/0x850 [ 103.643389][ T9458] loop0: p4 size 32768 extends beyond EOD, [ 103.646495][ T9473] ? putname+0xa5/0xc0 [ 103.646519][ T9473] d_alloc+0x2a/0x130 [ 103.652417][ T9458] truncated [ 103.656435][ T9473] __lookup_hash+0x8f/0x180 [ 103.656455][ T9473] filename_create+0xdb/0x3c0 [ 103.656474][ T9473] do_mkdirat+0x59/0x200 [ 103.676970][ T9473] __x64_sys_mkdir+0x32/0x40 [ 103.681568][ T9473] do_syscall_64+0x3d/0x90 [ 103.686005][ T9473] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 103.691905][ T9473] RIP: 0033:0x4656f7 [ 103.695791][ T9473] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 103.715397][ T9473] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 00:39:36 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:36 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffffffffffe, 0x64, 0xc3, @buffer={0x0, 0x8e, &(0x7f00000003c0)=""/142}, &(0x7f00000004c0)="7026c65050cd1857441d5e1ebe480aab1033c9e5880236fc4639202982e372680ee8e81fe94e5c28cdd6d60976b8d93c009f688f3f1a7bdcc0e45d2dae521dcf9794c0d7b89902cdec93ed6bb7cc531d77c874c7883d656e233281fa2af7ebecd66028c2", &(0x7f0000000540)=""/114, 0x8, 0xd6f598426f0334fa, 0xffffffffffffffff, &(0x7f00000000c0)}) ioctl$SG_IO(r0, 0x2285, 0x0) r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="08000000040000000000000039cad6ac86d5d991a1cfa1c36bc608cd6e5c749da19711cb2a7dfd5b7ba8ca1a702d7936bdc3eba9473e28ff19268adcd6f7c0dc29ee439a9950a3a62f3fe763d62db55d120680a1c3b8182f2548e76ff9fd672c8560d21939e98362be803c0f08c0a7b0354487be9fb25b046278483c09f4d240f7bc5e16269b99098556305188f77ba87d47240a1cb8f501634c19da183859756334a8981961af0dd9dfd862d9509b8d40153687c1a6707fb8f9389abbf4dc49de273976421a91956a180a66e89f5b4af19af680d443cd49c3d963725d8d1654bb0452398a5673f0a9b729c96f7cdb140572866d747d14945df9ef22a572a1ab313d3772291387139d61b0521c6d16a20b15612e3674e2e50be6a29e5e21cf5880c4f451a0cbc42d0ea9d846615fdc430b4b73cef5d064884e0f9e9eda218b7bbce6bf1617c9715a39c3df0d2797988ef6fec9919efacfb1c0c940"]) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:36 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x21a501, 0x1b1) fcntl$setlease(r0, 0x400, 0x0) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') [ 103.723848][ T9473] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656f7 [ 103.731860][ T9473] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 103.739867][ T9473] RBP: 00007f67705dc040 R08: 0000000000000000 R09: ffffffffffffffff [ 103.747835][ T9473] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 103.755819][ T9473] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 00:39:36 executing program 0: r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="000127bd7000fedbdf250600000006000b000b00000006000b003f00000008000700ac1414aa000000"], 0x34}, 0x1, 0x0, 0x0, 0x2000c880}, 0xc000) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r2 = syz_io_uring_setup(0x7784, &(0x7f0000000140), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000100)=0x0) r5 = syz_io_uring_setup(0x2de5, &(0x7f0000000200), &(0x7f0000002000/0x2000)=nil, &(0x7f00009b3000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000140)) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd=r2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, r5}}, 0x0) io_uring_enter(r2, 0x342, 0x0, 0x0, 0x0, 0x0) 00:39:36 executing program 2 (fault-call:0 fault-nth:40): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 103.795213][ T1040] loop0: p1 p2 p3 p4 [ 103.801689][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 103.807725][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 103.815040][ T9496] loop1: detected capacity change from 0 to 264192 00:39:36 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f0000000100)) fcntl$setlease(r0, 0x400, 0x0) link(&(0x7f0000000140)='./file0/file0\x00', &(0x7f00000000c0)='./bus\x00') syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) openat(r0, &(0x7f0000000080)='./bus\x00', 0x102002, 0x10) [ 103.834128][ T9496] FAT-fs (loop1): bogus number of reserved sectors [ 103.834143][ T9496] FAT-fs (loop1): Can't find a valid FAT filesystem [ 103.845794][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 103.853298][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 103.871965][ T9507] loop2: detected capacity change from 0 to 512 00:39:36 executing program 2 (fault-call:0 fault-nth:41): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:36 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$netlink(0x10, 0x3, 0x2) r1 = fork() sendmsg$netlink(r0, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xee01, 0xee00}}}], 0x20}, 0x0) wait4(r1, &(0x7f0000000000), 0x1, &(0x7f0000000100)) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000380)="6653070000010000e7b126b097eaa769be6d05c41bd34e677d114b654b4993d35f010432c7ea63930ba87321b274a80467807b703ab0c4e13ccb9605708906a13ec7a81417ce7662df0068e5901e20ffb30505dc82930be1c6ade9bfcfaad5804a5badafa0dc39a9d632100b081a6752182ed5963eb2e69bed3330350d4ad585a2b6ca9501a19218c01776c5e1c699de6a8ba0ea27a8fea154e9d9bab4f7535701fae64a38997b91824f59aff08757e5ee4da5626f44e5820f0bb2164a6b9e10b6c1615b6ba2bf7e9e3976ecd70d2ba03299c1070c1b73e9786f1e4a6cc5558df3285a306ed3f8d0d3dc4c6126c4df91e28cf2fccbe3b01768e53ab97deab8f35d52bc00a2759fc735030c6ec8fa4f2d61b3b5f19716295d32b66310dfe38d1c0ad4d68678d31ec4334100832c700f7ef194fba935bd36c733df3154af0e61", 0x13f}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3a) ptrace$cont(0x18, r2, 0x0, 0x0) syz_open_procfs$namespace(r1, &(0x7f0000000040)='ns/mnt\x00') ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x2, 0x4) [ 103.873845][ T9507] FAULT_INJECTION: forcing a failure. [ 103.873845][ T9507] name failslab, interval 1, probability 0, space 0, times 0 00:39:36 executing program 2 (fault-call:0 fault-nth:42): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 103.873866][ T9507] CPU: 1 PID: 9507 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 103.873883][ T9507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 00:39:36 executing program 2 (fault-call:0 fault-nth:43): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 103.873892][ T9507] Call Trace: [ 103.873898][ T9507] dump_stack_lvl+0xb7/0x103 [ 103.873916][ T9507] dump_stack+0x11/0x1a [ 103.873994][ T9507] should_fail+0x23c/0x250 [ 103.874017][ T9507] ? ext4_alloc_inode+0x27/0x300 [ 103.874036][ T9507] __should_failslab+0x81/0x90 [ 103.874054][ T9507] ? set_qf_name+0x230/0x230 [ 103.874073][ T9507] should_failslab+0x5/0x20 [ 103.874148][ T9507] kmem_cache_alloc+0x46/0x2e0 [ 103.874169][ T9507] ? ebitmap_destroy+0x91/0xa0 [ 103.874185][ T9507] ? set_qf_name+0x230/0x230 [ 103.874200][ T9507] ext4_alloc_inode+0x27/0x300 [ 103.874272][ T9507] ? set_qf_name+0x230/0x230 [ 103.874287][ T9507] new_inode_pseudo+0x38/0x1c0 [ 103.874308][ T9507] new_inode+0x21/0x120 [ 103.874380][ T9507] __ext4_new_inode+0x126/0x2f70 [ 103.874398][ T9507] ? __dquot_initialize+0x131/0x7e0 [ 103.874442][ T9507] ext4_mkdir+0x28a/0x760 [ 103.874460][ T9507] vfs_mkdir+0x2a4/0x370 [ 103.874479][ T9507] do_mkdirat+0x11d/0x200 [ 103.874499][ T9507] __x64_sys_mkdir+0x32/0x40 [ 103.874518][ T9507] do_syscall_64+0x3d/0x90 [ 103.874554][ T9507] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 103.874581][ T9507] RIP: 0033:0x4656f7 [ 103.874594][ T9507] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:39:36 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffffffffffe, 0x64, 0xc3, @buffer={0x0, 0x8e, &(0x7f00000003c0)=""/142}, &(0x7f00000004c0)="7026c65050cd1857441d5e1ebe480aab1033c9e5880236fc4639202982e372680ee8e81fe94e5c28cdd6d60976b8d93c009f688f3f1a7bdcc0e45d2dae521dcf9794c0d7b89902cdec93ed6bb7cc531d77c874c7883d656e233281fa2af7ebecd66028c2", &(0x7f0000000540)=""/114, 0x8, 0xd6f598426f0334fa, 0xffffffffffffffff, &(0x7f00000000c0)}) ioctl$SG_IO(r0, 0x2285, 0x0) r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="08000000040000000000000039cad6ac86d5d991a1cfa1c36bc608cd6e5c749da19711cb2a7dfd5b7ba8ca1a702d7936bdc3eba9473e28ff19268adcd6f7c0dc29ee439a9950a3a62f3fe763d62db55d120680a1c3b8182f2548e76ff9fd672c8560d21939e98362be803c0f08c0a7b0354487be9fb25b046278483c09f4d240f7bc5e16269b99098556305188f77ba87d47240a1cb8f501634c19da183859756334a8981961af0dd9dfd862d9509b8d40153687c1a6707fb8f9389abbf4dc49de273976421a91956a180a66e89f5b4af19af680d443cd49c3d963725d8d1654bb0452398a5673f0a9b729c96f7cdb140572866d747d14945df9ef22a572a1ab313d3772291387139d61b0521c6d16a20b15612e3674e2e50be6a29e5e21cf5880c4f451a0cbc42d0ea9d846615fdc430b4b73cef5d064884e0f9e9eda218b7bbce6bf1617c9715a39c3df0d2797988ef6fec9919efacfb1c0c940"]) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 103.874608][ T9507] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 103.874625][ T9507] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656f7 [ 103.874636][ T9507] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 103.874648][ T9507] RBP: 00007f67705dc040 R08: 0000000000000000 R09: ffffffffffffffff [ 103.874658][ T9507] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 103.874669][ T9507] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 103.989425][ T9524] loop2: detected capacity change from 0 to 512 [ 103.989614][ T9524] FAULT_INJECTION: forcing a failure. [ 103.989614][ T9524] name failslab, interval 1, probability 0, space 0, times 0 [ 103.989632][ T9524] CPU: 0 PID: 9524 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 103.989651][ T9524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.989662][ T9524] Call Trace: [ 103.989668][ T9524] dump_stack_lvl+0xb7/0x103 [ 103.989689][ T9524] dump_stack+0x11/0x1a [ 103.989729][ T9524] should_fail+0x23c/0x250 [ 103.989790][ T9524] ? ext4_alloc_inode+0x27/0x300 [ 103.989807][ T9524] __should_failslab+0x81/0x90 [ 103.989822][ T9524] ? set_qf_name+0x230/0x230 [ 103.989837][ T9524] should_failslab+0x5/0x20 [ 103.989853][ T9524] kmem_cache_alloc+0x46/0x2e0 [ 103.989911][ T9524] ? ebitmap_destroy+0x91/0xa0 [ 103.989928][ T9524] ? set_qf_name+0x230/0x230 [ 103.989942][ T9524] ext4_alloc_inode+0x27/0x300 [ 103.989958][ T9524] ? set_qf_name+0x230/0x230 [ 103.990041][ T9524] new_inode_pseudo+0x38/0x1c0 [ 103.990064][ T9524] new_inode+0x21/0x120 [ 103.990089][ T9524] __ext4_new_inode+0x126/0x2f70 [ 103.990106][ T9524] ? __dquot_initialize+0x131/0x7e0 [ 103.990195][ T9524] ext4_mkdir+0x28a/0x760 [ 103.990212][ T9524] vfs_mkdir+0x2a4/0x370 [ 103.990232][ T9524] do_mkdirat+0x11d/0x200 [ 103.990330][ T9524] __x64_sys_mkdir+0x32/0x40 [ 103.990348][ T9524] do_syscall_64+0x3d/0x90 [ 103.990427][ T9524] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 103.990449][ T9524] RIP: 0033:0x4656f7 [ 103.990461][ T9524] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 103.990476][ T9524] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 103.990493][ T9524] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656f7 [ 103.990503][ T9524] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 103.990515][ T9524] RBP: 00007f67705dc040 R08: 0000000000000000 R09: ffffffffffffffff [ 103.990527][ T9524] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 103.990538][ T9524] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 104.000049][ T1040] loop0: p1 p2 p3 p4 [ 104.000112][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 104.000126][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 104.000863][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 104.004513][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 104.068994][ T9543] loop2: detected capacity change from 0 to 512 [ 104.071527][ T9543] FAULT_INJECTION: forcing a failure. [ 104.071527][ T9543] name failslab, interval 1, probability 0, space 0, times 0 [ 104.071547][ T9543] CPU: 0 PID: 9543 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 104.071604][ T9543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.071614][ T9543] Call Trace: [ 104.071620][ T9543] dump_stack_lvl+0xb7/0x103 [ 104.071639][ T9543] dump_stack+0x11/0x1a [ 104.071652][ T9543] should_fail+0x23c/0x250 [ 104.071673][ T9543] ? sidtab_sid2str_get+0x9c/0x130 00:39:37 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 104.071692][ T9543] __should_failslab+0x81/0x90 [ 104.071707][ T9543] should_failslab+0x5/0x20 [ 104.071723][ T9543] __kmalloc_track_caller+0x64/0x340 [ 104.071766][ T9543] kmemdup+0x21/0x50 [ 104.071783][ T9543] sidtab_sid2str_get+0x9c/0x130 [ 104.071802][ T9543] security_sid_to_context_core+0x1cb/0x2d0 [ 104.071829][ T9543] security_sid_to_context_force+0x2f/0x40 [ 104.071886][ T9543] selinux_inode_init_security+0x49e/0x550 [ 104.071906][ T9543] security_inode_init_security+0xd7/0x260 [ 104.071927][ T9543] ? ext4_init_security+0x40/0x40 00:39:37 executing program 5: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_DEV(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="2000115f8624366958ad1b000000100003800c0004000202aaaaaaaaaaaa"], 0x24}}, 0x50) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000003c0), r1) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="fd3b9fad274080686af03166796c623a76cea38f7a20ee5d90db04d9826a5103f3523b0afe6d7eb21b974f33682f04d9855951f489fb81e11501edea43bc96a8f84edc2513f7e194e11ab05b732b3965e362e6b6c873ddfef25f23bc9afe5bcaeb714ca6461ef6b14bf8cf", @ANYRES16=0x0, @ANYBLOB="040025bd7000fbdbdf252b00000008000200", @ANYRES32=0x0, @ANYBLOB="0a0001007770616e340000000a0001007770616e340000000a0001007770616e340000000c0005000201aaaaaaaaaaaa08000200", @ANYRES32=r2, @ANYBLOB="0c0005000201aaaaaaaaaaaa08000200", @ANYRES32=0x0, @ANYBLOB="08000200", @ANYRES32=0x0, @ANYBLOB], 0x70}, 0x1, 0x0, 0x0, 0x1}, 0x4011) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0xc0081220}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r0, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0xe}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24010040}, 0xc000) r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000003c0), r5) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_DEV(r5, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="fd3b9fad274080686af03166796c623a76cea38f7a20ee5d90db04d9826a5103f3523b0afe6d7eb21b974f33682f04d9855951f489fb81e11501edea43bc96a8f84edc2513f7e194e11ab05b732b3965e362e6b6c873ddfef25f23bc9afe5bcaeb714ca6461ef6b14bf8cf", @ANYRES16=0x0, @ANYBLOB="040025bd7000fbdbdf252b00000008000200", @ANYRES32=0x0, @ANYBLOB="0a0001007770616e340000000a0001007770616e340000000a0001007770616e340000000c0005000201aaaaaaaaaaaa08000200", @ANYRES32=r6, @ANYBLOB="0c0005000201aaaaaaaaaaaa08000200", @ANYRES32=0x0, @ANYBLOB="08000200", @ANYRES32=0x0, @ANYBLOB], 0x70}, 0x1, 0x0, 0x0, 0x1}, 0x4011) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000200)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x6000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x78, 0x0, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r6}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r2}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r2}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r7}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x4044804}, 0x10000) keyctl$KEYCTL_MOVE(0x11, r4, r4, r4, 0x0) [ 104.071949][ T9543] ext4_init_security+0x30/0x40 [ 104.071968][ T9543] __ext4_new_inode+0x29a1/0x2f70 [ 104.072048][ T9543] ext4_mkdir+0x28a/0x760 [ 104.072144][ T9543] vfs_mkdir+0x2a4/0x370 [ 104.072164][ T9543] do_mkdirat+0x11d/0x200 [ 104.072185][ T9543] __x64_sys_mkdir+0x32/0x40 [ 104.072241][ T9543] do_syscall_64+0x3d/0x90 [ 104.072261][ T9543] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 104.072284][ T9543] RIP: 0033:0x4656f7 00:39:37 executing program 2 (fault-call:0 fault-nth:44): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 104.072296][ T9543] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 104.072313][ T9543] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 104.072331][ T9543] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656f7 [ 104.072343][ T9543] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 104.072354][ T9543] RBP: 00007f67705dc040 R08: 0000000000000000 R09: ffffffffffffffff [ 104.072366][ T9543] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 00:39:37 executing program 5: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_MOVE(0x11, r0, r0, r0, 0x0) r1 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, r0) r2 = add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc1}, &(0x7f0000000180)={0x0, "989c92186697501eac076f8170f1ceb57ada02836f75d7c591ab0fd6d989f56106ae9f6f1487491382f9d9f04ce5f488de3c997e9d190997542c749db1a37591", 0x14}, 0x48, r1) r3 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, r1) keyctl$search(0xa, r2, &(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x1}, r3) r4 = add_key(&(0x7f0000000380)='.dead\x00', &(0x7f00000003c0)={'syz', 0x1}, &(0x7f0000000400)="c77e9b8cfdc97243c4318795e1615ca7ac12bef5d5186289b878a78e260edcc2cd28851740fb1f29b96bd0613d90b4f455653d9c11141b2249ecddac3d5aac32f8efd42cd1bb2c0c2bde9bb6f16161c2d8659a70cf9d31a2c07ddba1b74499a4c529d8d095c407853a3947cb043e1dd71ed8207cf26f535b", 0x78, r3) add_key$keyring(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x2}, 0x0, 0x0, r4) [ 104.072377][ T9543] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 104.178795][ T9551] loop2: detected capacity change from 0 to 512 [ 104.181139][ T9551] FAULT_INJECTION: forcing a failure. [ 104.181139][ T9551] name failslab, interval 1, probability 0, space 0, times 0 [ 104.181240][ T9551] CPU: 0 PID: 9551 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 104.181258][ T9551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.181267][ T9551] Call Trace: 00:39:37 executing program 5: r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f00000017c0)='./file0\x00', &(0x7f0000001800), 0x0, &(0x7f0000001840)={[{@mpol={'mpol', 0x3d, {'interleave', '=static'}}}]}) ftruncate(r0, 0x7fffffff) [ 104.181273][ T9551] dump_stack_lvl+0xb7/0x103 [ 104.181295][ T9551] dump_stack+0x11/0x1a [ 104.181387][ T9551] should_fail+0x23c/0x250 [ 104.181409][ T9551] ? kcalloc+0x32/0x50 [ 104.181430][ T9551] __should_failslab+0x81/0x90 [ 104.181446][ T9551] should_failslab+0x5/0x20 [ 104.181463][ T9551] __kmalloc+0x66/0x340 [ 104.181525][ T9551] ? chksum_update+0x39/0x50 [ 104.181541][ T9551] kcalloc+0x32/0x50 [ 104.181561][ T9551] ext4_find_extent+0x21c/0x7f0 [ 104.181640][ T9551] ext4_ext_map_blocks+0xd9/0x1f00 [ 104.181773][ T9551] ? __down_read_common+0x16d/0x530 [ 104.181789][ T9551] ? percpu_counter_add_batch+0x69/0xd0 [ 104.181811][ T9551] ? ext4_es_lookup_extent+0x206/0x490 [ 104.181829][ T9551] ext4_map_blocks+0x1be/0xef0 [ 104.181849][ T9551] ext4_getblk+0xb1/0x3d0 [ 104.181867][ T9551] ? __ext4_new_inode+0x2aed/0x2f70 [ 104.181886][ T9551] ext4_bread+0x28/0x100 [ 104.182003][ T9551] ext4_append+0xd1/0x1c0 [ 104.182020][ T9551] ext4_init_new_dir+0x177/0x500 [ 104.182038][ T9551] ext4_mkdir+0x329/0x760 [ 104.182135][ T9551] vfs_mkdir+0x2a4/0x370 [ 104.182167][ T9551] do_mkdirat+0x11d/0x200 [ 104.182186][ T9551] __x64_sys_mkdir+0x32/0x40 [ 104.182205][ T9551] do_syscall_64+0x3d/0x90 [ 104.182226][ T9551] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 104.182275][ T9551] RIP: 0033:0x4656f7 [ 104.182286][ T9551] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 104.182300][ T9551] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 104.182315][ T9551] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656f7 [ 104.182327][ T9551] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 104.182338][ T9551] RBP: 00007f67705dc040 R08: 0000000000000000 R09: ffffffffffffffff [ 104.182349][ T9551] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 104.182385][ T9551] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 00:39:37 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x1, 0x8, 0x4, 0x1}, {0xfffd, 0x9, 0x1, 0x200}, {0x1000, 0xff, 0xff, 0x692}, {0x3, 0x6, 0x4, 0x4}, {0x0, 0x80, 0x9}]}) r0 = socket$netlink(0x10, 0x3, 0x2) r1 = fork() sendmsg$netlink(r0, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xee01, 0xee00}}}], 0x20}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000400)=0x0) tkill(r2, 0x32) tkill(r1, 0x3f) vmsplice(r0, &(0x7f0000000380)=[{&(0x7f0000000080)="58710b4ccc81495e9e0f694135983caddbbacdf40788dc87d30391a5433625ad1cb9c3acbf7f15af49133c62d80e102b9c83e305b6d4ed26aee897075abdf22713008782f9966ca8dc", 0x49}, {&(0x7f0000000100)="fe30c9a3", 0x4}, {&(0x7f0000000140)="109b90b6db8ef98b426b413df98c0dacb79bb398bac4fcf507", 0x19}, {&(0x7f0000000180)="5fd3d5965c9fa93f651e35512792a0026b3b04820b87814ad35221574d177b672f405a11b8a8b44de23db23adc0e05e75ff6adf06be57b3ff6bf269ca08011a6761850a7656e942105d40c80940c6ef540fd11f65e354e0da65e672b318f756c174a7dc8e5a3d3a30bdfd8de0eb940c77e29a8c33c5daba0d2c461a8b142cd4da6ac77e19e4c962bfc2fec7afcfaf65daf8a69c6d51b8d6e47d8e5651a28ab4f23", 0xa1}, {&(0x7f0000000240)="0657d105542dd76acebf8a29c37febf65b684eea4590b6c15c2bf93eca56b90c54cc3f", 0x23}, {&(0x7f0000000280)="60935496f29de3", 0x7}, {&(0x7f00000002c0)="6464e549be302f96462170c759bb9aff682882b319439a74e91067f89fa02cd24c71cadedb53cb09d6e6e43a7ad1e7ede3a6b575646e0b55ccc3dda69c06624bdfe05a8bcb2e9ea2be2fd97fbacf42416f21ff8255f0f6ad93e186726dd85bf5a2bf1aa8ca5c39ba6ff0fc4c339422823c5fcdcda3a351f60c3ab5e1b6ff43ebbfe3a3", 0x83}], 0x7, 0x6) set_mempolicy(0x1, 0x0, 0x2004) 00:39:37 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) fcntl$setlease(r0, 0x400, 0x1) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') ioctl$INCFS_IOC_CREATE_FILE(0xffffffffffffffff, 0xc058671e, &(0x7f0000000400)={{'\x00', 0x1}, {0x2}, 0x8a, 0x0, 0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100)='./bus\x00', &(0x7f0000000140)="7cc0eb2cf144dd7f539d645056b324690c5ea0be28c39220e6e0766945290f61571d25f466da3b190d44714ebc5724131e7117cf17533a95acb165ad1eef0cc27c5990b77233d509b0b97ece0717c7dc9bfcd9fd6129a9dc1e9c5cb99e2e6380227e1752460966eaa4231583d620f48f0e4a290d33a788f402ae017a516415554525705b4abde57617d82ddc5fac507e29de2401a6bbfda929", 0x99, 0x0, &(0x7f0000000200)={0x2, 0xe7, {0x0, 0xc, 0x98, "b23540ac78ffccb963df7eae4c365f147a8a914ff0e562be054573ae87bdc98ec7d2d9b24b72a594b9d637a8eeca98712bc042dd669d05c0789bfaaaf9edf56c39303e61e55b7c467c3531143e1a3d2424294c09c177f84fa4e9964d6142d5dc3215eb407de5e9887383e1dbf77bf073767b89aac144649f121233eac929bb71e3c4643c9aba680c08db68e94b0eefc6ba88c6717e0b1af6", 0x42, "ace8dd85eae537ccff3313156add3e39d09b105045c650344dc209b232d6143dfc6cc7f36d7c15cf308fb894e820f674372b111e35b336050d190149fb833f6acb22"}, 0xf6, "95132cefa3dd7f1489001bf8f9c2e1eeb0286ac3f5fa6dbe924a51d5aa18a54fc1e60589325c0c26feda5a133b690b33c35793f9a92ad863354106d143ad5fa68601bdcce57a99bf5149b7466275dec24c29ef1595b772faf5135126a2f324866da45854919d0323011ff676afd72a02f615844e48b3989cfd72496f792d9bc3508a578d0292a531665a80a0771c5368ecb5c9ff1c106fb9918236f5667ccfa8dafcfccc7a05ce4f3dd9b2da6ae403ea45bf9fdcc523819954d0e9f04a54f5e2eb3ff04a9d823e399efc4d3cd8748cb566385bcec22d913c252c2a4f154db9bd45c2873b603f07e6328574798d5320eb5c7adab68e59"}, 0x1e9}) 00:39:37 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffffffffffe, 0x64, 0xc3, @buffer={0x0, 0x8e, &(0x7f00000003c0)=""/142}, &(0x7f00000004c0)="7026c65050cd1857441d5e1ebe480aab1033c9e5880236fc4639202982e372680ee8e81fe94e5c28cdd6d60976b8d93c009f688f3f1a7bdcc0e45d2dae521dcf9794c0d7b89902cdec93ed6bb7cc531d77c874c7883d656e233281fa2af7ebecd66028c2", &(0x7f0000000540)=""/114, 0x8, 0xd6f598426f0334fa, 0xffffffffffffffff, &(0x7f00000000c0)}) ioctl$SG_IO(r0, 0x2285, 0x0) r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="08000000040000000000000039cad6ac86d5d991a1cfa1c36bc608cd6e5c749da19711cb2a7dfd5b7ba8ca1a702d7936bdc3eba9473e28ff19268adcd6f7c0dc29ee439a9950a3a62f3fe763d62db55d120680a1c3b8182f2548e76ff9fd672c8560d21939e98362be803c0f08c0a7b0354487be9fb25b046278483c09f4d240f7bc5e16269b99098556305188f77ba87d47240a1cb8f501634c19da183859756334a8981961af0dd9dfd862d9509b8d40153687c1a6707fb8f9389abbf4dc49de273976421a91956a180a66e89f5b4af19af680d443cd49c3d963725d8d1654bb0452398a5673f0a9b729c96f7cdb140572866d747d14945df9ef22a572a1ab313d3772291387139d61b0521c6d16a20b15612e3674e2e50be6a29e5e21cf5880c4f451a0cbc42d0ea9d846615fdc430b4b73cef5d064884e0f9e9eda218b7bbce6bf1617c9715a39c3df0d2797988ef6fec9919efacfb1c0c940"]) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 104.209126][ T9551] EXT4-fs (loop2): mounted filesystem without journal. Opts: nolazytime,,errors=continue. Quota mode: none. [ 104.739986][ T9566] loop1: detected capacity change from 0 to 264192 [ 104.922544][ T9587] tmpfs: Bad value for 'mpol' [ 105.127926][ T9605] loop2: detected capacity change from 0 to 512 [ 105.149135][ T9605] FAULT_INJECTION: forcing a failure. [ 105.149135][ T9605] name failslab, interval 1, probability 0, space 0, times 0 [ 105.161812][ T9605] CPU: 0 PID: 9605 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 105.170490][ T9605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 105.180800][ T9605] Call Trace: [ 105.184117][ T9605] dump_stack_lvl+0xb7/0x103 [ 105.188723][ T9605] dump_stack+0x11/0x1a [ 105.192918][ T9605] should_fail+0x23c/0x250 [ 105.197340][ T9605] ? kcalloc+0x32/0x50 [ 105.201423][ T9605] __should_failslab+0x81/0x90 [ 105.206300][ T9605] should_failslab+0x5/0x20 [ 105.210808][ T9605] __kmalloc+0x66/0x340 [ 105.215128][ T9605] ? chksum_update+0x39/0x50 [ 105.219718][ T9605] kcalloc+0x32/0x50 [ 105.223614][ T9605] ext4_find_extent+0x21c/0x7f0 [ 105.228476][ T9605] ext4_ext_map_blocks+0xd9/0x1f00 [ 105.233604][ T9605] ? __down_read_common+0x16d/0x530 [ 105.238807][ T9605] ? percpu_counter_add_batch+0x69/0xd0 [ 105.244353][ T9605] ? ext4_es_lookup_extent+0x206/0x490 [ 105.249801][ T9605] ext4_map_blocks+0x1be/0xef0 [ 105.254597][ T9605] ext4_getblk+0xb1/0x3d0 [ 105.258921][ T9605] ? __ext4_new_inode+0x2aed/0x2f70 [ 105.264111][ T9605] ext4_bread+0x28/0x100 [ 105.268355][ T9605] ext4_append+0xd1/0x1c0 [ 105.272696][ T9605] ext4_init_new_dir+0x177/0x500 [ 105.277640][ T9605] ext4_mkdir+0x329/0x760 [ 105.281993][ T9605] vfs_mkdir+0x2a4/0x370 [ 105.286256][ T9605] do_mkdirat+0x11d/0x200 [ 105.290716][ T9605] __x64_sys_mkdir+0x32/0x40 [ 105.295393][ T9605] do_syscall_64+0x3d/0x90 [ 105.299810][ T9605] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 105.305785][ T9605] RIP: 0033:0x4656f7 [ 105.309669][ T9605] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 105.329277][ T9605] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 105.337732][ T9605] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656f7 [ 105.345689][ T9605] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 105.353649][ T9605] RBP: 00007f67705dc040 R08: 0000000000000000 R09: ffffffffffffffff [ 105.361645][ T9605] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 105.369860][ T9605] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 105.399015][ T9605] EXT4-fs (loop2): mounted filesystem without journal. Opts: nolazytime,,errors=continue. Quota mode: none. 00:39:39 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffffffffffe, 0x64, 0xc3, @buffer={0x0, 0x8e, &(0x7f00000003c0)=""/142}, &(0x7f00000004c0)="7026c65050cd1857441d5e1ebe480aab1033c9e5880236fc4639202982e372680ee8e81fe94e5c28cdd6d60976b8d93c009f688f3f1a7bdcc0e45d2dae521dcf9794c0d7b89902cdec93ed6bb7cc531d77c874c7883d656e233281fa2af7ebecd66028c2", &(0x7f0000000540)=""/114, 0x8, 0xd6f598426f0334fa, 0xffffffffffffffff, &(0x7f00000000c0)}) ioctl$SG_IO(r0, 0x2285, 0x0) openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:39 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x100, 0x101) fcntl$setlease(r0, 0x400, 0x0) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') 00:39:39 executing program 5: sched_setattr(0x0, &(0x7f0000000180)={0x38}, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)={0x0, 0x0}) sched_getattr(r0, &(0x7f0000000140)={0x38}, 0x38, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000000ce0000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="507b26b12ef5d94001001df0f88792a098596801dc15b48b959f8a692309ffb92e2a2487d81f748ad8ca813876def57cb9aaca7844a32fdf2c82bbd18badeed36feaf8938a0015c644ade0ae74b593ba59d623b4b8395654708aa8005811b7d16e4adf5dcc4b774662bd431ee7e122cf6068"]) 00:39:39 executing program 2 (fault-call:0 fault-nth:45): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:39 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xfeffffffffffffff, 0xffffffffffffffff, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00') preadv(r1, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0x2, 0x0) r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) write$selinux_attr(r2, &(0x7f0000000040)='system_u:object_r:var_spool_t:s0\x00', 0x21) fadvise64(r2, 0x81, 0x800, 0x4) mremap(&(0x7f0000425000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) r3 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) preadv(r0, &(0x7f0000000180)=[{&(0x7f0000001440)=""/4096, 0x1000}, {&(0x7f0000000740)=""/255, 0xff}, {&(0x7f0000000840)=""/177, 0xb1}, {&(0x7f0000000900)=""/142, 0x8e}], 0x4, 0xff, 0x16) write$selinux_attr(r3, &(0x7f0000000040)='system_u:object_r:var_spool_t:s0\x00', 0x21) r4 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) write$selinux_attr(r4, &(0x7f0000000040)='system_u:object_r:var_spool_t:s0\x00', 0x21) r5 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) write$selinux_attr(r5, &(0x7f0000000040)='system_u:object_r:var_spool_t:s0\x00', 0x21) r6 = syz_mount_image$nfs4(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x20, 0x1, &(0x7f0000000140)=[{&(0x7f0000000200)="9e13a777993be147f476875c1599d373451dfe5d09430108468038bbd6ae989d8128666736487c2d995316ef6ca1834920e7e1bec64182e5d08dd8af27a83150cd21ac8cbbcd86106d2611ca2155e8c6d123835d0efb8dc32271953b11581b070d7b322210863675283770a21574c9689fcc8c308d955631e582e81c48e6a1c753b67f4595bd3bb52fd6c8e65c48c14a683046be07fd886a65ff68f36e5c4f78a1a44f61e36c39bdc9209476791d1de9668c14c4ed569a4952cfafa6ee0c6280", 0xc0}], 0x800, &(0x7f00000002c0)={[{'|'}], [{@uid_lt={'uid<', 0xee01}}, {@measure}, {@uid_eq={'uid', 0x3d, 0xee01}}, {@dont_appraise}, {@hash}, {@fscontext={'fscontext', 0x3d, 'system_u'}}]}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r6, 0x84009422, &(0x7f0000000340)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) 00:39:39 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 107.032002][ T9632] sg_write: data in/out 1935898123/726 bytes for SCSI command 0x0-- guessing data in; [ 107.032002][ T9632] program syz-executor.4 not setting count and/or reply_len properly [ 107.047670][ T9638] loop5: detected capacity change from 0 to 131456 [ 107.056596][ T1040] loop0: p1 p2 p3 p4 [ 107.060704][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 107.066736][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 107.067599][ T9638] EXT4-fs (loop5): Unrecognized mount option "P{&±.õÙ@" or missing value 00:39:39 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$netlink(0x10, 0x3, 0x2) r2 = fork() sendmsg$netlink(r1, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01, 0xee00}}}], 0x20}, 0x0) ioctl$BTRFS_IOC_SCRUB_CANCEL(r1, 0x941c, 0x0) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') open(&(0x7f0000000000)='./bus\x00', 0x80, 0x182) [ 107.080255][ T9645] loop2: detected capacity change from 0 to 512 [ 107.085967][ T9644] loop1: detected capacity change from 0 to 264192 [ 107.090066][ T9645] FAULT_INJECTION: forcing a failure. [ 107.090066][ T9645] name failslab, interval 1, probability 0, space 0, times 0 [ 107.107014][ T9644] FAT-fs (loop1): bogus number of reserved sectors [ 107.107837][ T9645] CPU: 1 PID: 9645 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 107.114311][ T9644] FAT-fs (loop1): Can't find a valid FAT filesystem [ 107.122936][ T9645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 107.122950][ T9645] Call Trace: [ 107.122956][ T9645] dump_stack_lvl+0xb7/0x103 [ 107.142420][ T1040] loop0: p3 size 1912633224 extends beyond EOD, [ 107.142885][ T9645] dump_stack+0x11/0x1a [ 107.147478][ T1040] truncated [ 107.153757][ T9645] should_fail+0x23c/0x250 [ 107.159367][ T1040] loop0: p4 size 32768 extends beyond EOD, [ 107.161006][ T9645] ? kcalloc+0x32/0x50 [ 107.165443][ T1040] truncated 00:39:39 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffffffffffe, 0x64, 0xc3, @buffer={0x0, 0x8e, &(0x7f00000003c0)=""/142}, &(0x7f00000004c0)="7026c65050cd1857441d5e1ebe480aab1033c9e5880236fc4639202982e372680ee8e81fe94e5c28cdd6d60976b8d93c009f688f3f1a7bdcc0e45d2dae521dcf9794c0d7b89902cdec93ed6bb7cc531d77c874c7883d656e233281fa2af7ebecd66028c2", &(0x7f0000000540)=""/114, 0x8, 0xd6f598426f0334fa, 0xffffffffffffffff, &(0x7f00000000c0)}) ioctl$SG_IO(r0, 0x2285, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 107.171286][ T9645] __should_failslab+0x81/0x90 [ 107.183153][ T9645] should_failslab+0x5/0x20 [ 107.187659][ T9645] __kmalloc+0x66/0x340 [ 107.191826][ T9645] ? kcalloc+0x32/0x50 [ 107.195967][ T9645] kcalloc+0x32/0x50 [ 107.199948][ T9645] ext4_find_extent+0x21c/0x7f0 [ 107.204919][ T9645] ext4_ext_map_blocks+0xd9/0x1f00 [ 107.210138][ T9645] ? __down_write_common+0x42/0x810 [ 107.215369][ T9645] ? __down_read_common+0x16d/0x530 [ 107.220607][ T9645] ? percpu_counter_add_batch+0x69/0xd0 [ 107.226158][ T9645] ? ext4_es_lookup_extent+0x206/0x490 [ 107.231659][ T9645] ext4_map_blocks+0x70d/0xef0 [ 107.236464][ T9645] ext4_getblk+0xb1/0x3d0 [ 107.240799][ T9645] ext4_bread+0x28/0x100 [ 107.245046][ T9645] ext4_append+0xd1/0x1c0 [ 107.249377][ T9645] ext4_init_new_dir+0x177/0x500 [ 107.254321][ T9645] ext4_mkdir+0x329/0x760 [ 107.258726][ T9645] vfs_mkdir+0x2a4/0x370 [ 107.262981][ T9645] do_mkdirat+0x11d/0x200 [ 107.267321][ T9645] __x64_sys_mkdir+0x32/0x40 [ 107.271917][ T9645] do_syscall_64+0x3d/0x90 [ 107.276374][ T9645] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 107.282304][ T9645] RIP: 0033:0x4656f7 [ 107.286179][ T9645] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 107.305854][ T9645] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 107.314267][ T9645] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656f7 [ 107.322223][ T9645] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 107.330179][ T9645] RBP: 00007f67705dc040 R08: 0000000000000000 R09: ffffffffffffffff [ 107.338138][ T9645] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 107.346095][ T9645] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 107.360262][ T1040] loop0: p1 p2 p3 p4 [ 107.375404][ T1040] loop0: p1 start 1 is beyond EOD, truncated 00:39:39 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000280)='\x00') openat(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x40309439, &(0x7f0000000100)={0x0, 0x2, 0x1}) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="0400050900000000666174000404090a020002740ef801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000200)=ANY=[], 0x208e24b) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) open(&(0x7f0000000180)='./file1\x00', 0x2, 0x1a0) sendfile(r3, r2, 0x0, 0x100000004) r4 = socket$netlink(0x10, 0x3, 0x2) r5 = fork() sendmsg$netlink(r4, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r5, 0xee01, 0xee00}}}], 0x20}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x880}, 0xc, &(0x7f0000000200)={&(0x7f0000000400)={0x190, 0x0, 0x1, 0x201, 0x0, 0x0, {0x5}, [@CTA_LABELS_MASK={0x1c, 0x17, [0x9, 0x0, 0x5, 0x8, 0x3, 0x66f]}, @CTA_LABELS_MASK={0x10, 0x17, [0x7, 0x0, 0x40]}, @CTA_SEQ_ADJ_REPLY={0x2c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x401}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xfffffffb}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x7ff}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xb}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x1}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x2}, @CTA_PROTOINFO={0x8, 0x4, 0x0, 0x1, @CTA_PROTOINFO_DCCP={0x4}}, @CTA_HELP={0x14, 0x5, 0x0, 0x1, {0xe, 0x1, 'snmp_trap\x00'}}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x2000}, @CTA_TUPLE_ORIG={0x98, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0xe}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010102}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}]}, @CTA_TUPLE_MASTER={0x58, 0xe, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_ZONE={0x6}]}, 0x190}, 0x1, 0x0, 0x0, 0x24004010}, 0x4000000) 00:39:39 executing program 3: vmsplice(0xffffffffffffffff, &(0x7f00000008c0)=[{&(0x7f0000000640)="e4400f6582c934581505a8e843e88caaa637ff7c8a32d2c7474c407b8b95b133cfbaf775b5cb462a4d2f360c3719b75e5cbc5a1c3f3c8f90a5caa1d1eac399ee9bc7cc1b7ae474d2291e3e5a5b5754de5112ac9ff34d5754cebc0e85937a34810b2e23c17dbe53f31e2d4d61b13abbcb964d626744d360ffa067e59bf4cea8df953d9c1d857a659c364e75c9c37fdbe73e48649fdf5efccf35ca4840796644d6396706c36120910a678acbf55db0800b9f003f35b57b7a195c23b37daca88011a7e95acc1dc0a6aad1f8b4dad0acc4222720b2db473e0c552564de9a3f62f0b6ed523edb66240a1287d26c71d88b", 0xee}, {&(0x7f0000000740)="d91a323dcefe925adf5f5bdb9b90734711f1df86c95025901e1472cd34ec2eb8e108033c252d327c9ed848f24c51b3449c3dc5cae073e741c555ef93528715100a152fe64084bc3198fc6e389b28b66f548c2140d562d26dea9c48284ff03e97ca36b6a39dc2da6c1776cf20c8b889bf5761bc73a9bd1d748c15a110583b3ec8b6471b4527d792905e3437a4db4bbc78fd93c62a91dfa2845e2a03319a7c67a324ac6c656a0ae792b48eb4bcba04acc16d6df5ae62913b23a57dd15de0ca", 0xbe}, {&(0x7f0000000800)="65ddcb8385125455dd9987a9d8fbdf24e751de575dc12374ac8def20c05167bb737127e8baf8c30dd4863d8752bdfbee36cedc611fe05e645a7855059cf66fcc425d282eec7f38c2a91a94b1bc23868b048763d73c2b6a061cf8ed967f85fd90635202ae0d0bbe9f28d1cf34a69fd175a6293d878d0ef2106056218b2f75f8def79bfaf8aabe6dc28ec0b6b6c9ebfef0740acf9854efdecbd3589fa8334aecd06bc96b6bf3867b8eba60d9e63ed47fa730b87fd7", 0xb4}], 0x3, 0xe) r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$netlink(0x10, 0x3, 0x2) r2 = fork() sendmsg$netlink(r1, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01, 0xee00}}}], 0x20}, 0x0) sendmsg$nl_netfilter(r1, &(0x7f00000005c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000100)={0x454, 0xe, 0x2, 0x5, 0x70bd26, 0x25dfdbfb, {0x1, 0x0, 0x4}, [@nested={0x18c, 0xe, 0x0, 0x1, [@generic="83469402ecde9999cbf709d8af5ae6ff32ac7171576998eeaff1aadda7", @generic="30fb03f3aefdb11f6e6661a42f0fdeebfc2f243c2de49a2b220ad19a5629b18941bd82c630e5845503f9cf46d649a468a7e37fbd8503ed534ffcf4138462f00c3381af790a8aed046b", @generic="d734fbd7f5e92adaf9b51218a9391cf824a9fc370fb202cce45c2520576ffc23224252b949b4edcc4a677547ec215259d9f59766738b46bb661c31d0a22cc4dd48f8e040e1bd6ec82136191e8ff4437e1150d6c9ab72b00fafdc38849d78623d373c2b685cd909e1d7d469b85a26e56da6b31f3c215f4aea69b8ddc9d5897d2db69e5c52b416de2cb9c48b97f8065a96453bde903072dc3fa66e6606", @generic="e8c3bd19d09603ad4ea441f7a0bfc39230b2b167bd7cdd842f512083f4e7fd040d747e710a42442b8da08e8451ed513391111e10605cb103a7d81b1f1767a6828f5b93ef3d6e2cab88a6eee5b38716de9d5e33df8addac14196e9b4d7599ac4a8b443e87a1624265e1fb16c939ac55bb48e85249d3f9", @typed={0x4, 0x66}, @typed={0x8, 0xc, 0x0, 0x0, @u32=0xffffffff}, @typed={0x4, 0x54}]}, @typed={0x4, 0x60}, @generic="9e1cbc481be397f9077a9b8a24b1623d074f3c2ad6c5241da116125a4115d2fe892992fe9f0409e1ff4e9546d8009acf97af9eb598f0b6911d10a80be297c402fc8272", @nested={0xb8, 0xa, 0x0, 0x1, [@typed={0xb1, 0x30, 0x0, 0x0, @binary="86b43adfc693cff664c85bcf19a394869861a6a4b8b7b49e9d0f510b69015731f2c8584673c57dc37038aa398ddabb1d0064576fde740970074b62170ab07284032e98674088b1ab91ee8ef8453312374f1e6c830689fd664489f2e96688b79c653613dfac35379f0ef9ea57c63d45021e763a21fd11d68620bd3202266e0fafafca9cd3c28034ef9acc302f74344bbbadb5f9d8cd4399871c1327a50347ed08088c0c142ced999c47dd1b1761"}]}, @typed={0xab, 0x89, 0x0, 0x0, @binary="ab0a467fe74ad1baac03725e6c297f6ed28ee35dc2b65dbe20db836bf4376b7c6d4609fb6209d03cfc5b8ce7ad7830984f8bd8c942fbb553f6400183cc8a1100614ce4700144429e16a4bb86025d326ed4b6678b0f487feef5dbd16f0eee56c4f4d083cb5f82818d3d1bcbc6ef67bbb66d0f1e821dd20bbd831d067de5171d0a2ef9400ac6d5e5bc87e6f00e1f30db47753152d3da5ee047753dc2a13f5f03b0f0bb7e6f8c06fa"}, @typed={0x8, 0xa, 0x0, 0x0, @ipv4=@broadcast}, @generic="0a09682699f606c54e554115797d09af18c6f164dc3b5b38718bb976074bcd382b640ffe11f8d0c724952642dc45d2a757652ca4a92f6ee98722dd659aee5890c56d6035e0054f10d4b570c51fbe59938ac5c00a47ab18f884aa183f9c3f06e942291001ac664663c24d0b4285bec21e96a6adbec48f6ed048e48f81f67d3f3ff3f784d0d92e24910e83333f5370b2891c666383197afdd70822648149ee52", @typed={0x8, 0x34, 0x0, 0x0, @uid=0xffffffffffffffff}, @typed={0x56, 0x25, 0x0, 0x0, @binary="193cdcd163b6a6f9d8c6151b0019e1d4083ff599bac53906b9def01e4cc8c874263ad6ad22d8312b88cd2a6c319a6e2dd7ab3d9991bbe3f489485161232844ba990e0abc5c6771b3a2bcc5213a4a67e1c093"}]}, 0x454}, 0x1, 0x0, 0x0, 0x4000185}, 0x40004) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') [ 107.381447][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 107.396880][ T9676] sg_write: data in/out 1935898123/726 bytes for SCSI command 0x0-- guessing data in; [ 107.396880][ T9676] program syz-executor.4 not setting count and/or reply_len properly [ 107.414992][ T9679] loop5: detected capacity change from 0 to 264192 00:39:39 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffffffffffe, 0x64, 0xc3, @buffer={0x0, 0x8e, &(0x7f00000003c0)=""/142}, &(0x7f00000004c0)="7026c65050cd1857441d5e1ebe480aab1033c9e5880236fc4639202982e372680ee8e81fe94e5c28cdd6d60976b8d93c009f688f3f1a7bdcc0e45d2dae521dcf9794c0d7b89902cdec93ed6bb7cc531d77c874c7883d656e233281fa2af7ebecd66028c2", &(0x7f0000000540)=""/114, 0x8, 0xd6f598426f0334fa, 0xffffffffffffffff, &(0x7f00000000c0)}) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 107.427283][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated 00:39:40 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='net/raw6\x00') openat(r1, &(0x7f0000000240)='./bus\x00', 0x402042, 0x90) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r4, 0x0}, 0x10001) r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r5}, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r8 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r8, 0x0}, 0x10001) r9 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r9}, 0x0) r10 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x408800, 0x0) mknodat(r10, &(0x7f00000001c0)='./bus\x00', 0x800, 0x0) syz_io_uring_submit(r2, r7, &(0x7f0000000140)=@IORING_OP_OPENAT={0x12, 0xccba995f3f0898d0, 0x0, r0, 0x0, &(0x7f0000000100)='./bus\x00', 0x100, 0x101800, 0x12345}, 0x5) fcntl$setlease(0xffffffffffffffff, 0x400, 0x2) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='./file0\x00') sendfile(r0, 0xffffffffffffffff, &(0x7f00000000c0)=0x400, 0x555f) 00:39:40 executing program 0: set_mempolicy(0x3, &(0x7f0000000000)=0x7ff, 0x8) syz_mount_image$tmpfs(&(0x7f00000001c0), &(0x7f0000000100)='./file1\x00', 0x0, 0x28, 0x0, 0x0, &(0x7f0000000080)={[{@mpol={'mpol', 0x3d, {'prefer', '=relative', @void}}}]}) [ 107.480376][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:40 executing program 2 (fault-call:0 fault-nth:46): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:40 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) fcntl$setlease(r0, 0x400, 0x0) link(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000080)='./bus\x00') 00:39:40 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:40 executing program 3: r0 = open(&(0x7f0000000380)='./file0\x00', 0x123802, 0x40) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x44, 0x3, 0x8, 0x101, 0x0, 0x0, {0xc, 0x0, 0x7}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x800}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x6001}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040801) r1 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r1) sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x54, r2, 0x10, 0x70bd2b, 0x25dfdbfd, {}, [@ETHTOOL_A_COALESCE_RX_MAX_FRAMES_LOW={0x8, 0xf, 0x3f}, @ETHTOOL_A_COALESCE_TX_USECS_LOW={0x8, 0x10, 0xffff}, @ETHTOOL_A_COALESCE_PKT_RATE_HIGH={0x8}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW={0x8, 0x11, 0x1ff}, @ETHTOOL_A_COALESCE_RX_USECS_LOW={0x8, 0xe, 0x5}, @ETHTOOL_A_COALESCE_RX_USECS={0x8, 0x2, 0x80}, @ETHTOOL_A_COALESCE_TX_USECS_LOW={0x8, 0x10, 0x400}]}, 0x54}, 0x1, 0x0, 0x0, 0x8004}, 0x40804) fcntl$setlease(r1, 0x400, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x400000, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_ASSOCIATE(r5, &(0x7f0000000bc0)={&(0x7f0000000ac0), 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB='3\f\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x28}}, 0x0) sendmsg$NL80211_CMD_DEL_PMK(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x38, r4, 0x2, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xfff, 0x67}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x38}, 0x1, 0x0, 0x0, 0x40010}, 0x4000010) r6 = socket$netlink(0x10, 0x3, 0x2) r7 = fork() sendmsg$netlink(r6, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r7, 0xee01, 0xee00}}}], 0x20}, 0x0) clock_gettime(0x0, &(0x7f00000064c0)={0x0, 0x0}) recvmmsg$unix(r0, &(0x7f0000006400)=[{{&(0x7f0000000800)=@abs, 0x6e, &(0x7f0000000a00)=[{&(0x7f0000000880)=""/27, 0x1b}, {&(0x7f00000008c0)=""/208, 0xd0}, {&(0x7f0000002c00)=""/4096, 0x1000}, {&(0x7f00000009c0)}], 0x4, &(0x7f0000000a40)=[@cred={{0x1c}}], 0x20}}, {{0x0, 0x0, &(0x7f0000005380)=[{&(0x7f0000004f80)=""/87, 0x57}, {&(0x7f0000005000)=""/82, 0x52}, {&(0x7f0000008680)=""/4096, 0x1000}, {&(0x7f0000000640)}, {&(0x7f0000005080)=""/87, 0x57}, {&(0x7f0000005100)=""/85, 0x55}, {&(0x7f0000005180)=""/160, 0xa0}, {&(0x7f0000005240)=""/152, 0x98}, {&(0x7f0000005300)=""/91, 0x5b}, {&(0x7f00000009c0)=""/50, 0x32}], 0xa}}, {{&(0x7f0000003c00), 0x6e, &(0x7f00000061c0)=[{&(0x7f0000003c80)=""/209, 0xd1}, {&(0x7f0000003d80)=""/4096, 0x1000}, {&(0x7f0000004d80)=""/107, 0x6b}, {&(0x7f0000004e00)=""/238, 0xee}, {&(0x7f0000004f00)=""/66, 0x42}, {&(0x7f0000000b00)=""/53, 0x35}, {&(0x7f0000007640)=""/4103, 0x1007}, {&(0x7f0000005f80)=""/233, 0xe9}, {&(0x7f0000006080)=""/66, 0x42}, {&(0x7f0000006100)=""/133, 0x85}], 0xa, &(0x7f0000006280)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x148}}], 0x3, 0x0, &(0x7f0000006500)={r8, r9+60000000}) r11 = syz_open_dev$loop(&(0x7f0000006580), 0x8001, 0x404500) r12 = eventfd2(0x1a2, 0x41801) [ 107.618738][ T9698] tmpfs: Bad value for 'mpol' [ 107.626446][ T9700] loop2: detected capacity change from 0 to 512 io_submit(0x0, 0x6, &(0x7f0000007600)=[&(0x7f0000000580)={0x0, 0x0, 0x0, 0x6, 0x9, r3, &(0x7f0000000500)="ebf15418cb098244dd622da741cfcc92b28a473477ee554ccb9a2222acaca55d9df578d02e6a0f675b79b182b9a543c6c23929f93ee3ab7ecec1220d8777ff9646c157a2630f79e6c156b3fc4b6e304a9346b767a5298b11", 0x58, 0x3, 0x0, 0x1, r0}, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffffff, &(0x7f00000005c0)="f9b04ac825f5ed47decc495f247a65bd148880a3482515552bbc3d", 0x1b, 0x3, 0x0, 0x1, r0}, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x2, 0x6, 0xffffffffffffffff, &(0x7f0000000c00)="311a0176779bb8a5782d5de466dc5ed53bbd72d0804cfdda61e469ade78cb6823934780cffa0b8be56c2bfb3335dccb98f486133d510d193eeba87d626ac1a9032f4a917ceb7886aa5ffa4eafcd3cd76421f94fbaa44bb87f2cb64d7188daaf411cf6fdd716c748a4aead70b5e85c5bb97bf06cd48215ce3ea828a85def05e999f7276f00510eff45d9e3eb754c6b609a95436d5a2adc2065a003923a18c808e4b0d1aa38f2665b7e1f31ed190a67170b6fb7a6035915beb624a9dee05dfb0b2973fa3ee021266706fbe6d5b6ed8ecfed2fac0f83bf4a412bcee8668fcd84f0a38590720bae502c9920b58a1091da5c8a0e2f55531de6d5ae5f592b7eafdbcc3060ff124c222eea9859e51116a91239e10d26e5a5e1ac3b992cb3f65c0e512c1e2fd843e7be9a54672b472832ad66e04794fd69f9d55c8a6a3a671a78c38644998c0c36c126d3a5bfbc2ba6ee402c96f4462b4d3bdadd71cc40b2ee960ff1ea0bc2f59354d06c2bf99706f782ded2f63ff523ea40a5b2ae4c3733787fb7d3f76e30dce429f658322cfe3d9f5bdce2b80a50d66cb024d163dcc3a8f97a225e1c0779f741d8c248a8f55feeed86509fe177752d7a50cf29cb800994bd909ebc59de5837a74fea4f008c36a6d623f8d4757e175d801d460becb60cd425cd841e1f368078e203a802e6258c8aa6c0b9c1de6d68d29d7ce53d31daf6719b26508fa1955028817fcb5017a209e528f52acd1fdde00c03bede817dbf1636b9b718e0c885c245beefda740d80fbe887c12884a3a3b63c1af377ef4cf14c102ee65fea30e00a421fd8918ebe303dd9717ce5b49b2a010545ffbc9fd21c2e26cb3488943fb8a46d82b6f7653504a21f094c5bed5595d2e00d9814be023a3021d5605e36f6997775e3d44c21a80a783266ae5c836cfbe4441a45270f971dc56baffa1d85f5e754f2534838ab7bb3d70248c6a709c23e00c9a1f6248ab7c5bb9d606650ffe10e6e72f4912807ce7a3d7a5a95fcfa65c5dec50c2965a88db8a4df04b539e27e6ca5865de12c4541c6a9e8496238f4b8a489fdd31cdfd87886291ec4bf88c2a68f4f130b9fe330bb410ce39aa59d778b014cf62bea858a163c4bd8c586e025e683d82efc24d535987995fbfd9745e8dde831d1d97e3a1bafcc7952685556192829443847c943a4786da6d620b0c0bc643f1f5f952dbf672d0d8969581148a1f4fc191351781e97282c013f4d6456b2854cef8a03746322fe61b8986b17ad780b756e26d7bc2279153d81685482d73e7e9b96e17fc930d68bd26182ab2a34911cf8f81b153128dccf43497c59e026b47a3c02922e2e25aa77bc76b59848b881158523942e825250744ecca3203f49472fd62248b3aa53c65405ada5fa1269f4589692c2ef028197c57bf6442ae197f1ecdf43023682b29012156fa3527bc0450c22abcbc6955588ddc87506a5155f7a3a1bbcc963dab9aec0b4e5ba742951e755e338e446062996065ce3220cbe6b65a40dd1584c3230b1fb954dcbc981a5551f6e5123d5817110312c57102322173486910bd1b52cf6757f7eef31fc81307241b46790df608dd71936e2b25e72ee588fe5082cc22ff99c564e62baf666551f4847929e69dde860a3fa4a4069939c512bb1b1891a5fab7f6a614db05eb46d082e88dda6ca0147ef16c9bbe2ff80eecfcb2dfe4e1ad1c0faf8fd7a04b0d274666d2ea9954915935abf19cb7001f4360e26f875213c4330649ab470a2137e663fe0a75c162d0fcbfbd0cc3804545695d6e03ceaad18161228b59ae7964e48678dd931c1965a7f2e2e53e917a86a098582830cfc5db1fb101d5e8955d57cf6153078a89eb15a9be27818fe2f40506123b7ad34b8451dbbaea75ebb2bf7d746a0e9d249843f4978777278a57d973df2865e09a95c2430b569e9966a3b1bdfabf4bdc3d5b41761986da1c68c5279d78a08cb839eba838b54eaa413650fb8494ea8c4dc5804045197658205ec3a50523c4f23077a197c0c93e9883d2d4ca295bfbcc47a6ffa09425e0413dd11377e611f60d1474de872d4797874fca03304043832d3cbe4315fc63968f926fa3cc7690794f9a34ca8ad09bc4881bc77a23687af7c4183851f4ced5ebc55a21c2cd524fabce4cb7798cbef5de657ce425ee33e88f7b2cfe8580fee30f2e16bff17318664fce1c9ebc3ffb4701995eacaaebff1228a9b17a6a11ad0144b945c1b3c7604b64d4516aae1425bae52468dc6a42952ba657c5e4ff7a7579f43742344ff56d97f388db9155bcab1fc089997e848d012fe478280a57512c9963e37a20b60d0313f262ed9709f27e21b472e66ac36c6a339715ebebc830089a4faf0f106871c76a4a44cd2bdb040468259512753b7f3e1f7916e81689deefd7da42aa4944d7fd4bce443557641af3648d37382cc43240fa181b285aeeeb7d3525081abef629186e290b2c8c401038fcfc5bf3789b5232dce16dd4145db128af22cec7bf6b80bca23f09803451e29ac88de16b6ffdc7b9981f2db7da91e52dd373d0d218a254e641d48b2d0ce3672d1af3bebdee603c8140acb5a0063711d0547dad8bfb63aa0a43730b1838cd7dd6e0088d658dccd4fe47af62dec62b10e52279a2312c5caf87ff89145b938fd1fbd79b8090f1aeb4d9f410d11bf8aaba639e02a5c82af90b2d99880ca9f8d03371de9b38cb107e0edd6567faec76821e9b3d493602c95fc9737c6e12e83770190bc385c49bc2cfe5e53178e768666fcf9c8bdf4d1f694fae5f668559b07dd9cde9457674a84efb01d2bc96aa819199da33793eaaa0fe5362abe087d055140226a1cce0663e6bb97abd02fb77d1accd852aae551dbab61ea075f7ce11e575ab1d7b6648a5a19c8a95dcb86e87b07fd4e5087a09cab37ee6e4d8b0a634a29562be2dc45ac39ad648e398696f11497122dfcbc4a9852e60bad6ccfa9047e96a9108ad95dd9974061fcc2501088c446a2d9b53c1a562af275b1e23aa16fc1a5853ea05c488f686561a9098167bb613e1148db50b05b2408165c61a28c22c6fd837a602653860517216f91e56433987140a7d34b598e0fa7fd8df5a4239b9649b8ba8d98061b2126d0bf4f419d334f6e8b1e69300fbc8f8eab83d7cd9b95479bd221aef5c1579cba4f650dd43deae6408cf05674d29f1955f5cfe15c41f84428b8317fce8ec2514646bbd9542f673bc1d450bc1f07cef76a6dd80e50847c9a2acb1d1ed4f436793f5365cbfee0db7286f539bf555a9f3efe57488e0abfca4df1499c84996b242f778b127def1cbcf8e9080dff452cd758190ff6052c2759b9e8a815adcc8209cfec9b2edb3ad68645b461bb9b8cf64a558df87dc6e650b88c1954cc764e0a311d1acee14b743d8cdd7ab3d81bd79945a0e29ab00d16da2a9c2f64942a8a8c9c2a0a0bee606c7de6233a7ea08fb7f12c35cb51c213c92615c715592e05e3c43fd6ec653d72609a4187f90ac70ca522392de6e1c93f47e2e2fc886b9adbd2f808cb9a69e92328caad54c237886b9f102dda3c4b024ea665088a6343b41e40285f402136d39647cbf0cfbc5a91e54461eefee742dde390455deaa2d3750cf46b417b2468cc2b15ef0b02f117c4d5dcd9d63d1e2a495c34548be35013d3de16cca5141eae7464477567d3578efcd41884052414ada5c0766c221e391b621acd4b80ce13b0bbd624d3946486b0fac0831e5db531d6928e481bf4dd90764962000750542e3756394dcecbc07957b54416eab568fb890c6c45d777a62396a6a46183c2e31570d446a417eec1ae5d61406512ef7235b778ae1970ec7cdc4b0979dd91887c97b814123451fa5c69ff1e5a1049ff324c9e577813d05be70d37bb2345349aae9f8ffb5aa6f344110dc136eb8c2e1c00d1e6db9bbf4b919ad83ca7aebf152534fbabdcf7a2e9fd89cb0b16ff67ce37f73daf2c77b9d3524a7866d839eb6f8305cf96822f80d384bc75b13cb50ca0ead026b84099b6bb2696e512c6baa72466808c83282d9a2f3acc60507a48a0a5e5fb09de9fc0b64fb9809b890ecb52ead55b6ac08709ffed97f3e289d771128c42fb3bebcf1c5aa17dcf3fa3cfdfb4c9978d18a7a2917f239e7bc2da35aecc9f364eab76c550e9081ccd1a15dc4eaf3b0a2ce40df6fb8902c060be3185ebc138ebebf30b75f06dfdd1c769c3fb3dc27ee2dc0d5492a3849fb6a0ee97d6866017f71675057f0a62ecde03a126655c64415719f12dd9cbb590bdc6aad54382bc9ad57d394f9d0224c18f738591ebb1681858261cb0574809956ecc0978bc5f9feb4ae096cdbfa62db8a112d2e900fac3a795246c7b119d020b6b5b453f738d5c149d69f798c5da0263c00d18008d1fad156c853a1fdb6954540ff8de6d8e55dac4fea2db9ec1de82a2a99e00146eba70fff60731ed64d79ca70f75eb2d7e532d31e9cc9e38b4274f4dd84ac76796dbec64077753f816d4fb65a46ed704899cb99b06b5b751f3d6e5fb06ee9f96b84c7b71b354ed1fdb1cc650eb744c16e9f4d2b46f1eda99de7d67ab11097c104c532752070f9cbed1aad3f262688854848e5c203424a2afe2dacf797d47173809d69db06c255dcb4eccd93ebd576b567a8c3729ba42930d9a2fa33d46d15d4189b5068f7deafe1d86312a03833dc0f6d250d4579a8ded856e70b8e6124b0702e289f12857e2a8baefe3f818150b11e1432144c2d9d1c2b3f3356d6df278930062c8b1e6c32cf9e2e36cdd5684ddde5eec194dc9264e7c15ab8aa4f5fed825760c3d7af009fa5eb88674b8802c74a92713d678b8f733a65e552ebaeee187ecc35759b2b047a963206834fad40a4dfc041ca38cd7342e2fa481dd90220c8981adbf20c1201b8338df7f9df620b7674f09ef58f2516ccd237cd0915c8fd176fd5ad24cefb80fc9ef5193de6b0f9f039353916eef7a5d32eb6bcb3c4c41c1920c48344947e3bd4ccc453151fe5df540215ce6c675d3ff079c131c37d4e5fbc76d47a529c741569e409a091322739df512e33d5aedf27b70f6640de43efbdaed01cc24a4dfc723a7e27028e3106f96f0d2ed995291e83eccf817b542d0d61bb631774da7729bdcdb0fac8fa8c61b349d5de6832f539763fc6c86f5083e5cda1a7fba00542195ff330ed35da51013b1f850e1d5ac28c5d090c80e5eb42d59a30f5dba21e77e1ddd53bec7fb672a264a36b75040b37e402a3f4228fa6aa8cae1224e8913b9b8f96c6e3dfb0de621902adae7000399f5cfc2f7120abe0240afcec78badb46058f858aeaa98546d485bf5bca46bae0f7ec9749e029378e32c334a666b2a2f8dc2e6e1b12b0230c691e0b0a89695e4edd44ea964aec02c274d054c94e6d9a952482928ec17772fe288b05a47de473c87de265021382f1770ce338d1a156f4664ace4f2182fd81ee1e691645341864a70c503ebd647c55ae86c8db6ae38dcc427030e0d9c8836e49e818e2d771cbc0374d12cde7fd8a9cc32e61cfc81eed79b99bed1825209e2c81f1bb19aab01521ae4bbcc13dcb87d44069b325ec90b437bc6d480b8894ba7f256cc4264b4f0a0db66aa57ff9007b1fd68d51c9edd372a2902aa316d24122595c7c13da8bf713a925172ef47d883e975b2dc10785050f33d8e89ffba11afa87f66826d1467ee9f843d19503c0f0d0fb70f5c39d3d2700bc560cfb672d7be6ac873c72671466a77ddac64f7150155bcdfd0f89e6a324655c6a60dffd1d2442e5e1248047c8b9ed6229ba3b4f64c68f8087c625a3757a2a0842c3fede04f82dbfd72705d47106db", 0x1000, 0x0, 0x0, 0x3, r3}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x400, r6, &(0x7f0000001c00)="1262e9d025f7882919b012d41a2865e732c0cb53a2b438efeec12be7d6dd0ccaf540afeee0851da16da8a9d4f9d8e689cf2ef8944f481380871f6324ad91ca15e3a6d2c5929743b92a21344a17a58e3212e762a988315ff1e9f93a3262f1d74d316a23b654a60a81bd5a23ab267e6a99c31271190d3ec2ae8d59a0882e60d2e53de8e7894c5b632e0e780e7503a1ec04c3de5eedd3fd0802cd0600777da475052b366e7fecf892d92a5aa3d22d4d2e56b1dc144e759a8a57f543a090db0ddd2a5dbf1e36ccc39f931eb92e05f7d7f497d7b94972ba81b62ec596ef5ca1c7e33fd2284faf8fbfafb73dad3be20b5d87ef2de666a03f1cc93c10fedec0dd0f84600e80e711a927d7536d24f28a17777928e4cb37d7681602f4a24726221a222af165255a85f93ed9b0ee76b606826c33122cbcfcdf90206916a88701a90ca5654a2865a0069ddf30877d70ceb41e4b86dd069114a2eeebf2df7ec46957588949e53a456dba2b3264996a74a1eeaa77d41a4c9032a07ec8aaa36c77747a47d09cf357437590d229a6987f6cac1bef0c3dfbc4265fad6064562b383ca0607a2e76ed2dc149a9ca750ea2bb8e3425ddac1fdb290f6fd2458d656d35a780a38ccb920f7b2fd89614f4980ac25515908507871fd555da09e307e0b62be73c08cf0e22f622eb577ce6657d36ff25811ac1c775b78ffc0564d32dd3599642869b2bfbbae33dbb8f00374909f04a245c9a8b68a220062f041133a6802c152124bde2818eca853643aff85f558b4c795814030a13185fec685f19700fed042ba2dc201a134905214ff4738d938db512e1cfbab55c334d29485529d42b49fc3ce82dbe51f3983ff061399a76150b909098837fbd717ca506990f6f6321535b965c78ccb641ca5afb7e13259c6a184b154c6e522d596c224fd8c4d8e5a92eb7e2905aadb92221a296ecf244a41e804c6d86b805096188d58f6bd2da2a66f89bf6c09717b5fa51454cc5c378500e22c85953a622f7655521ec48e6d5d7a3266363dd44f057ecc408bcde26654635ef2e3a5c3faabb13e6d581d82b79ee674a3cff9cfebe36cca0eefe7bf15c6607feb43a15b4e95a526bbf5209059ac1a0fe33eab537a8689300df2466d0d5d23a9ee543271c94d6196684cfa8fe31ae8e1b213cd6f9dbe749e640ae9cf71fc8274c9b3f0eae39a709402f6cc18e103dc9a48b93d2bfdf3f166ab3343bf27c0027986eeec700a43779d86476c7c9509c6bb752b6b3b3a6aaafd6a2008c924d491310ca119cdfe400c86d8656db0f338fb2139f4dbf5914b87782d1c35675a4086c269e8597afa5339728b2b738dbde36849d44b5c4df414fee9cce424a96043fc4d16d3ce56a0eebcf46e178ec448c23f47a9a3cd39a77beeabc99977c1b0f7b6f2292107ecc502e53b0eb67693e8bbb716e2cce9ad76e20a940a71f2aa3a0889123d871257aabdd12f5b05dd1c07fc1d33ca535dda1807c69cd9a98e91ef933cb6353497b3a3e30886855ba2d49d7b6886686224bf62bb7cd3b51dc4b8f63aee58d40a25697c1519fd9e246126f25f222be8f22db39a9f38b47fcbf6df9d7192d14c8e72e5d28815f1c9ab7466e98fd2c3dba93aba9823202fe0fa726bf29a627b831aacbb7bdbac30fc30a5fa5035c36173b6ceebdf9f749ce8fd64b4f9cc61c6725811c790e70ebc4ac1a18804acf52696387b3560099cbd61814f1d351f342142edd39449db2cc94a26851b9fa25931f67cab5b22150b62941608b12e0f63c4090e6aa26c8d12a0d0c715c5500b8aa2605226a2c86734ff547d85aaee3aa3bbedbb3869fe0cfa97ed012f105ce07802c1999093c2fa52e5742762149118ee49c95f9dbff98e5d18bb9e37ebef59d592fc6318d6c912bf4902433e193900da5b6a0e361f5b23e9da3bc2a08c57ecbf8218ddda114ce8df28dd75d386fd62cf0d6f8a4d6c493fb5e4a9a05c408ba781861ff7d1fd6c6bb813f4100871c41d39c1280e1af40809b9987ceb7a5576eb7c149f407a4a79e06a004bd5f027f6d2ba9d2574a1b27650338793a50655b8c666ba8fbf840fcb825db9ff9e70c95807268c0572a87578e7972304de0de416fbdab94cbe190dfef4c896f942ffb9e030e365d3104a999b2eabd3d801c70bea29309db8d4f3fbede3f54fcd063e7005d6ddf49ac9cd2105f1d9c02ac80b338e5674780749f92c8efcf6b77c11aa9f64592d8ed69fe041728feeb0fcf2fbaae6d05097ed8699453be83a26b2336fe8e3964bfeb3f45fede9ae4dbe0f88d726d4e027cd1853bbad0165b7f45c2e7cea84e10eed193b2574cf1e182a2eba81eb730a969960bd6465640fdc8f9e28324be3b86dc6caa7ab85e064f23d7f96f4a5fd2ca3a2234ccd8daf74dd6ea631a470906534501eb4a9f65f93ddf824ad0cf27718fe939f43383c41bf04a3438a8493d75ba7a34902955687d184275564056a592acaf225303d4098a907881d774a007e89775dc3e97984e99b25b4c79f4d4fefb3a2671ca1fc2a391fbb84d13cb6c0c85bffb2f5caac94e2fca040017e9e331d0afd643d05ff2d2a92bf4b4169d53052b277c755eade42f7bbb630ee013d4a31cd9b13fb81eb02567de282c705b429ba4a9469964838f5c25e990aedd7f8bff47e38bc40eaa718451e9da23b9523c55178ac057840cda9b9fbfda4f57b4ed9cb0ce3c086a9cef86f12038c5190df22f461546ff90e7d6df3c128982dd61411a5b95b6a39d38e64989fbe0480adb02da6d7781da0695c28b1994f193156bdfc6d4fe75d3de8c5e6ef2ebcbb7df823fa5546266e1decaf717c07a3be53afdb004b68e1c7ab1b0001c24ff578376de5c97792ebe2f04034454a5231746397dcc0ebfa9e069e4e33e365439b619ac7c734229a50c7dbce64627a6ca74f39e7827f973f068f7279da681730a6afee8237e63a338702e6d58b7804c1c5b4295f5dfc2c2d7bb4857ee8cd37c042af73ddbb2d7b25237e24361b8620f251ba949e019e42fae85d3e9a4426e9c79e66112c480e86c262d3761e0bad1a2edeb87a36c8a21bd5f0a34f717d5ca6a0b379b6a01aa322e88bca6066eb41785dc3008f4d4bb60354f931e68243a9462de7eacb8dcef7b7e1b80f6e99c16802e65dcd8d67d4851dce9480615c165d8e699dab37be3142ed6c3cf088535d9504f758eb660fd3a704fbdf871b82421381589731d685fbceb8b92fbc7f5690e076b48d651f3c03e2e61b351f2fcddde3ba27c0e7b618086d26205abccb38348387434bc00e97ba4e5d113df00b03faa6218f1fead9be7b69db3ee25f8207d06249ab580c03e3ec81110525bc33141624111c59d33b635fdc85938b3fadfef3d2585d751a4ec12d9ad11d8c4010105044a5ec8732f74b5ed9fa32adde27db2f37139a079fd4af5f550984369fd9753b364fc97a20225f671b6483ad568e2db475085cd1a17ae3ea5c60be0c774c5b7941cf5ad09a064366f600a7be8f8a2f8815f7ef38c5b2b43db365f0adf8fa05b21686a0888952a12d360db9d41cd13f05c0598c1e93168687fc4fc13cb39a574bcca70883aa7c3532d808595bd89588e035d4b9e0b517faa791880413699ffdcb397024b90e12cf59aaba6e38e5788be68f7d0931023e641475bd0d7d8895911f23b233fec9c832921f84738f5bdcba8576bdc53d639ab4bec6c2bd068d6a921992b23f139f69f9bd5413fcf825fc775960764290cd6b18243bc7139a198dd1e26915f3bf0fd20605403531e5680e7482dab14d3bc11a89cae60900b21057f2434667ca39f6120c95998890871d7554ed4008058d937f704b9348d03822c576eaec355b0c558f36116571842c20bd67e1aa441115653807d1a9f0e8f4fd29ce5671ed864559f20ac2c485d8c42406f5a2cc355568f2b01b53390bfe6d238e4e8bbc611cf5d5333129bae4cb9bad2a8598c41a7a0912e7c7eb363d019b426ad9322663bca4ac32d6e25f83301371f35155de2fcdf24675e75477794efeaa418ee974f91aa478b06fb6f1e1e9fe05ebf326142b1b2f64c99be9a71b640a9ade2ece16df450713f98683778ff26975d40b7280573fa432cb6ddca37f591c27f3da5b1398372a46d573854a6c11d06541c25569ac61c3bda79c5452616321e07c092ab459c138157f95e39624eb50442828648ce1cfc64dda0e9da69ebe4cca319b890e5c51d8b8f6df4cd126c41fd621c9494339aa655b26acd0e2730dc44c411dbc8786cb540cb096e1dbec9ec71cd859056a1be52629f9415fcc48bc68ad99423be295bf858b422736c7bcb944eb4142b3840942be70c91d8d8a78e142e80893c7581efb040f565ecdebddfb811571e2ff2a15ac825760608a585021290d77a567dc7ea85744f7931d52215d5bcfd9474f42f117adcaff486bf6b32e9d985d37cfcd1cbeb5ab9a0c73f200673c9023be54a2d0bffa1f0e91180b8ba35bf9639f44f2b5104db70225189701b83e84b3da69c82cc93968bae9e93257d9aa75f660e617adab2b8bf049bbd8c5e0befeaaf17fe8799734c2ca3e5cb6433b68cad641bb16cc056f20479762b1a386d449319afbff40fd2f33d12b1b13e4c0ed9da804326f46f8ba37612bed06246865c2c0d3f86dd4b28c6e868b8ceadcaebf1f0f1baf6d2455db48268edae86cdfc9edf2868233e81353050b9dba8fa7e4ec1a622c3ee8df15983da6da730f1e9501f04fea3e0b7924604c1737f8bed4d2e8bae3c864dcb05b06746233250021244530032a71ad31d7ab07604acc29408e70ea1e6503b05fe6ecd10c18f340c25ecbb82de5fbea3725c1ad638532b0f39bb9a77955e4c86f756c2ce5f0f09b3baf255f5ac96d64b0a756b3ae56ac81d5f05270139d5f52d2c131f9d871ebdb1c55df86691c851122cd0fe527e9e0c74cc07b8d1d79185f2d70ab2e495db5eca8bca14cd658c2124660483a8e143ae20abfbec8138cae84367b4404a756757735b5263f500d7ddec10aa661d3b57e4e794648d1cbfb88423f0cc80bf46a11b1c62ce2e7476398913cfa93b546c42579a6a9a9fb798b84ee95c0dc59d4586ed143b7cb0dd3bb7f68934460beda77bcf60ce2e1531dfc71c4d6cd2120d2f913e55dabefb103e93270c1e674ffc5b1ff7dcc99c1ee824f0d075cc762fd2e971288e29579c23cc1e90cf31e67a5ee89a36c220536d45be54e0ad54b35280c217110ac84b12b8a688ffa74f1dcdc9d704950bc64ac9d04b2a5ec1d07fc4e56cbb8cddf31c02bc752e0406a709c213234689ef9b9ee3cbe38e9a1cfe868a9e19bdbf13e89509f4b721bf90f178fb9cf6159318004b614ec1b4b872284274a6fa6ab3c9a393462a28d54cb5d7fe3fefe9088cd50d02b1c9046251b89ec86a6ab8f8e342f2844e3d34bd401e963cf924a511064ed3ef7c929027a6496ac1aeb4ca975c9007af2eb86757ad5dbc504ad74ef7c53a231557312062ab6515d8bc1eac77de15e62b5b227066a4677632ba7ac5fe3e0840ccafecca35666c6ad2eab8ea0aa5c4d8677c4751482f52aafcc7e9ae926ba7dcebfebfe6bbac8229b5c0e706198c201340576be89f0c73f45874c6004e045e3853f94f3ff4530557b763f0fb2706a7501a4bfc7765fd7c3c81f5c9912f5095c502bde80cb1330375751984a25853afdb5720c12aa1320c79195cc2f244ccf8ce820d9f5204a8b6e7b4465aacffc94d0a56400de49800c2e7947d5a10c38813cecb947f001e0379c9f69bc60da6ba51320669439255747d889d1ae809c46db049ab5626ceb9af172849218f", 0x1000}, &(0x7f0000006540)={0x0, 0x0, 0x0, 0x7, 0x81, r3, &(0x7f0000000700)="4ebc107bf5f775905e737a74481adbf5899434f7f2011ce01aa1d76e40262653493516a62756fb41a4105f781e14ffa0318c60709a0d709ba7a6238cc93a76dc45e0c835a26763d6795a4e2872373304ed78460666a4573ea3de1d336438e26601716ca7b3bf10f304cf436f026fed48dbcaf26c54df3ababd79ec61258a079d8165e9efd4021fd91b7402489cdf160b4f86bfcc991fd9044f9443e13bb32751acf7d4b57e1d5e410b8f98d4268c38435ad141ac79e9159da17c2fd1880aae0425ab838c09bf0d979656ef15d14dd12c717304123c34a5c8d85546539f0e478e4aa19023e617a4931bdcde7a357e95d723754fc29464faac425c9bd11f59", 0xfe, 0x1, 0x0, 0x1, r10}, &(0x7f00000075c0)={0x0, 0x0, 0x0, 0x3, 0x400, r11, &(0x7f00000065c0)="847f227f43df3492996dde6387e83d317aa87b5604af37a5794565e95caae4d09ef136bf975237760b186532667fedba94bce1089a209c10ac17614672ad10d7fcee0339eb8c61d52e7972c1a7d853f3f212f0443256d77e92166ee126321e881a16959a0b09cc1ca42783c0102730511f77404ace68ae18f82b831bae7f8e81e2642fd73f8a9e63f0725d091cfd4eef803687333c69f2bd1b9aefb647d64d3520819ad9eba16154536ba6605ca1f0f4b5d506c210ea776b868f6f576350c6d3c6e8ebde53d6ae7cc8df3eb467d4cdc427d8266ca15b9d029e0dbd381e53ebf24782b77eea116cae5bdf6ec6165555d4b6f4e9a9fcf661c7c59e184d85262e2597e88b95e8dfbd1139b1950548572792e7896c9bc54946d9ead711bd80bb4c7614e1a9edc3ab62f7b56d4a352dcbad54bde6cd00b103a716b0c5d6df1ec8a577c2323d47f289f49e2f8632d549bb49f0ed083d8af8b72681ae33c807058813071a44bfe718e7d4f4dcd422fd7afa58aac05d7166dcb882b63141c800efe1af3bff249ceccd5a726d268fc1d90bc450db530ed6a2dc52c6d309b94bb350709d5c370e8129c35f500962afb6cb94c10ccbcaf7a50f29ae35c64fffad02fc2ec14a3185da78d661d6fc33500be87ba1a0d58d209fd862cebc5c6d22b18fac30864a9b43eb473dcf773415c23cabc87254bb4014206b75af6d5e9cb4b01b86a387db4063f2d885a73e4acbfb74e20800e418c1b92be54e6d330cf17b9df58bf2a30a2fbff6d046c7cb727b801ef5684ddc7be45db415321a0b00c16c24276ced82010cda8254c76b58a9885727704409e9b1bd7652e7619c60cfbadb80618aa36fce6f108780692d4abfee8d964ff042ba8db0959ac396508d4e3a42be7fa85fcbf79cf61c08b9132e8dcf97732f7fdd9c44f7e12d360c696b1e8587d633871c9b4dca5647c12f3e27f54c7c7af28ba4638f6f2753b47f9adde320d091dcfeb34926e26091b118f5cbd9edd2bfbd2a2d80e0c171cfa9e0847ace27b76cb9670a238239bcf8df630132adcfca2bce8dfa200681237627b12f8d93cf0478848116a7743ddbee0c0cd603c0c943140dbc77983cb1472602c2fc12c4d93b52d833cfd3ab00ac977fbcfceafceb2f2f04ca59b7cbe2562b972be4c9697f39b83d48534024fe9cdb9f269ec867e02f323b7cc1c238f5f6847e4a28321d48a0a4ac96722e8099480c3bc71fae99804fe1c9b8b1355758dcab4dcab0063497ff4a170b3cb9ce6e59835e6ff94742bb8477eb4a55b389de6af6ce0b6029df53a57692f724545e76342820c001089aa5b75c1feed00d895507e1407955bfd62814847f7b9eab7ed32e0f6c9b548fbab743ce0cd7575e0a8453c76d699babfd1bb6d3af9fd9697f055d5d9d0353f2a05ee990787db8e57791105fd5322ad53c661a7e7c3e2a565815034c3a870138f04285d00c468de1726be3ea17ba419d53c07645113c7dc1c9c18cc0fc6498f84615e523ce79d3a460cca085fa4d7959571e9dbfdb3550a4520ece9d6867a219df2cbce481af9c0f81381e07514e94fc651b914ab9df039d039ce8ce09258872fe19bd83adac7b8af039c52e5aa8fa2ba0151e456cbb5cbb65174eacf214962282b5b6f5b264e7b89d2b236eb5797bfa08afe0abe3d9cc56bf6460bebd3a630ab1367a15ba9ce0d511d5c81c8abd20d1c3762518e6c25e9f7d9adc884b6ec314ae63be6474c2352c5b136ef1a6bc28a2cafc76c2776ba24efb00a15b808097297a948fe6528c3c1e606133946a066e717728341d17951905b0ced8d18e13592021b8e00c0a20a2b9c57f68b7ccd565e459c1d461cebf90b4c3d2fc94030c851b8a2580346f3ebc5e823a9135a181df6720fd829e8bd89d56de1dc480e9fc802628224a6c4cd65557267685f64e98f535e8e4a440669756104d5c272a13285254c6a8309f0730773f4e4ac2ea9106384d4c396b95b67c7f278b9dd144ea5793f617d0442210c673279ebc43e5d8d7de00a2bb6df33d06a50bb63a07c3955341e2db38e21b28a59b054cb6e8df09e56d815352da27ac2dca616f59e103e4aa6cba521357eed198f8b6f759452a53fb74f8acaeadd670b17b049bb597cc619f046b5d4f74610dcc1f2b2c65f76f66e1aa767c200a21de77e19a94958953546c0f09172f84530ce8a2a35ab8af194be3d23048363d6088a9cc208cf38fd45320651f9c9c90e038261e9a38169a6afd9eb8823641f930d449a73b64e0982e39f47480c60a8efa1c43be14e7ee7c9ab214d1bd8c43a0c6ab762cad6d29c3c07d50d0e6786db4b186f478c97b30473ee554c5a5153dee42db85f24101da0abf4f2aff7e62315d3a0f8a21e0f32c23cb9263b1ea15b58f2057616ac5366c5aac4d7af0bd2c5ea0efa3d9152644d54158112950a7fe6c839bfb2c429ea13484f10591586b9b10d687d328b8bb9a35883cacdfd60ccf7058c4aa2d545ece4506383ee91df7ad62a3603a5769182fbf244c45dc9a0d1a3efb573ad923de908d23b5a9caec5cacf736c5bebf4df2705db21410743dd3803c486b166b871f3e3740fa870ef88093079bb122bdd52834fae535917cc22f1c125e074cdb74199ada721aea94c73317c6284bbd1067089d97740235a866eca8fa27a69036486fe2c0c00aad0c35f2766d50abe74d30f12dd5e18f95e23529a74ccf837116a93c9c78c44a4b6a6f50cb95715e8198e4747b930fab412e921f7ce4d0e813ace100fdb8ad0dc71389d90c5f21dcf6adb9903cbb62a94442b0d8a2d09e0687fae963826bff5481647e164f2f0b8acc726c90e9641f16f83ddfa4a506a68c04534f44586c7972943fd6eddc1493698a1d55f21a112bde0f1ce9c0b21b56e066df6320523782b99f87be7545fc5923fdd5df6f95786c2c9a164c3faf871ee2f38820bd4c526196be7c2e8fe6d72b19040f217f79846194f6fc06a42e41dd0b629dc171ddcbc746d596e8207e91746bd36b07a17e9249d9fc950b445421e806c39eabfc9e26eac96f45b27d1b2d4e338f32d9a32791da0bed803d7e29b3cdd854b36dbde5bcaa34affa02d1c6372d08aa8fb0e25236e2c1e904eda691c4c646a728d4485514c148a0b5ae582a0adfec2cd2c1c9ee79525f2198d0161dad25cc53235b26baff7be0f915282846578125fbffc36593c9aae5a9460993533e71e70fbeb36e6af3236e40f7bb41d60241b517253443707b370cd5452aeba36c34ebcaf5e38b5f74bd7859ffda151e520af9b97c06a8f5949094e3ef2ebde2c99855503f7480a41a6a71bef382e74f850ef10bab44baf2d48e0e759489fe003f9bd547586defc580bca07d13f3b407d2a11863ccb6f13001170c226fa4025f7ae9ae45f74a972ea247f3a3e8f1b73b8ae7a6c510911b5a503bfb3eac1832ba6398659e175217db688c611ae600d085c464f0952adca2b7cbf13cb0722a1fe4243f7ae31ea84bbcc551cd56b138046cba1083570f3171dfca17f6f106a1565351b16f227441a389af84006c568b46836d580c1a831589fb9b8e11c22e3fcf7516daf23ba43c5fde5714f54f1996d529c59cf27ff3322f017a9f659dd2173726a6eb5462f92531fc1d88ff1f5f1f374ac4482b9883862046c21e01ba09d87ce6bd5991f3a3df8813f5e911f961067eecee5364c8bcd05de5c43062af9d9727eef51213455bef9c276c47234e4b82651293a826f39c4b8800f05ecbbd67d4a6cf5eb208f8c6ec0929b3bbb794e1e5eaffb99ee6842466df0f9bcfe20af027a03e596dda2ee5cede6dbce7fa776d3cfe09e57d9d74c096cc9b3dfc825e218b2f1263cfc78e579bb96d7f12c7d29993a9b0589013e5eac026dd059e4d6261f58c2654c0d321020cd098ca93863ca383bd83a18440a2fc18683563ba7280a9d4b4f95145adc08740fa46a6d03e0bc5000507a31e8481ec878f96c119fdfa3dc02899ef0b441b533c8844c2c3401a4b2b41420592172623c214ab4e7daa98ef753ce56f919c4ef4a9411fc2a21716e3321fd368e25591b7097252beda925802f559bc5ed563227c2a3a510932705a6adf6d2a30ab2938799e60185e781c68783626d2477e721cd727aafdbe69b7cb987df2f8da576c84fe6ee29db9489fa7c39fc8b3980eee26f8a50bf9790d8ed58cd777254d4b788572a0c0b2fcca5d8f006b3d3da5bbc4f5e2af5b4c58dd7a9652d59201b47c32934449ccbb858c3436769bf2239a06d50a3081efc925f94236541931160dfa85e4b31e6720d3c5d13354d53d211c062358f414f4d0c2c5d558807a5a785d42dad79c29f8c538e281b135e5e429471d02a32a384354e78e6fae32422de2aa7363544dc51c525bb9b446bca27e93f375b58c68c74bc4304eea012335f9a93e7cab20637ea5dcaed3654655b2a735ae5a1eface16e8ca66b42aaceed81e1f5950555755ac2bb4f06ecf4372a2051416840d225eab9a7da05e977b87b081eb1b7317f5a2f76e6d1bbf23c1a41463b0526c4b10638782d787cb4100ad418bb606fcd6aaf6568bcf2adcbc2b6db4c66d386091d3750fc72cf91f19a812667dd0e5ccaf61416ab04cab249be16af8a5f0b4bc74f97f4e727f773c20161c609babc1808bfa7110918b980703325df5588b83e8296bb3918b2308cd3d3e7053de239eb97be3eec1b031cc4524f6e3b08dbe4824d03272569777d7ffb51a44df963cba5a03ec63511649f235f1d1a4be6882a37e9465601d5de6e6e1f557ca792620173417b1a5d0fdaf7fa2ce93d6d82e4beeeb3d33605ec44badecdf2a465bba4a5433dc0a815dada9e464ae676c17720e2b9d6ca993ddf0ee7731881b6eb3e50ba62dab31e57357e9fb4bf686f1c495f07cb7c20c9fe316310f33d607f3c4e8cb92a7fe021ad6d941b21a2344f606feea8c6a1f52d530a794029b36270bdbdff61861990a72d52726a5168792df3838c54f58e88688ec676eb562f0335f5df180482040736862ec2cc816e3e3b5e41433b9afa684a07c0a0b9826dc8f0ad51ba6d6fc6e9c0c734388ee655d3daaad9084de63af5d934a0d080f46db76cb76b2413b7bb8157b3f121c030c352cb6370230438f64346e531a3b42346b46ead5d5767c28634783c73e30acb7144a2c089b43273b8c0cc699a0bf7554fb4f0e30508c8dc9c2da5d5924fc2d2e9d15102b85026856d70642c4b194385412e0a99af91c818ef1b96eaf304ba82c7745bded46d9805cba13f830378738e64c19bceb6dd36d28d7268a44c0c40474792cba9afa9726b0a1cc1902a140f5dcc6121c1525573ae1c174fe01e59802d2dea8ca10eff57b2684f8b60d53c8843c920f4260235338664e8b7df759832ed9249448c30e43ec9431a4faea3973f709179125419b1a30905a9cda2b4c34e755524944d042530667cfe3acd3a03da7070e6fa4277e76508dc4f1c74497b92daa28466e716766fdaf753763eebf8a592423528c52e2c3b1cf89d544ffdeb3424566c93b4260585ea69416d80feb46fee9f6859d0b2b39fda21f7bcd76ca6d04994adf009bef99b15efc3530f5d1fcfbe249e2f4a6683f5c6c433a57580da3c92a25b69f121c9c9a16f352d6cb96162c9e8341bfe40d5e0d980e5fe4f5e0b62a077a22f1ea365cbeaa5b38844e8f6eb1e49fbf8774e54eca03bb2329c6ac85a4a34433298e2351f5a78b5552eeef5dc98bed4d5caf1c96232757696b0df64e137bc383d4d751a00afa72ed6e942868b604e01759318fa1ebeb964b7bd42beb8d1b4e0e97242b27854fe32fcd82bf4e", 0x1000, 0x5, 0x0, 0x2, r12}]) link(&(0x7f0000000240)='./file0\x00', &(0x7f00000000c0)='./file0\x00') [ 107.685532][ T9700] FAULT_INJECTION: forcing a failure. [ 107.685532][ T9700] name failslab, interval 1, probability 0, space 0, times 0 [ 107.698211][ T9700] CPU: 1 PID: 9700 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 107.706883][ T9700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 107.717020][ T9700] Call Trace: [ 107.720308][ T9700] dump_stack_lvl+0xb7/0x103 [ 107.720333][ T9700] dump_stack+0x11/0x1a [ 107.720349][ T9700] should_fail+0x23c/0x250 [ 107.720373][ T9700] ? ext4_mb_new_blocks+0x2e7/0x1f90 [ 107.720407][ T9700] __should_failslab+0x81/0x90 [ 107.720422][ T9700] should_failslab+0x5/0x20 [ 107.720438][ T9700] kmem_cache_alloc+0x46/0x2e0 [ 107.720459][ T9700] ext4_mb_new_blocks+0x2e7/0x1f90 [ 107.720482][ T9700] ? ext4_find_extent+0x6cf/0x7f0 [ 107.720586][ T9700] ? ext4_ext_search_right+0x300/0x540 [ 107.720612][ T9700] ? ext4_inode_to_goal_block+0x1bd/0x1d0 [ 107.720632][ T9700] ext4_ext_map_blocks+0x1569/0x1f00 [ 107.720723][ T9700] ? __down_write_common+0x42/0x810 [ 107.720738][ T9700] ? __down_read_common+0x16d/0x530 [ 107.720754][ T9700] ? percpu_counter_add_batch+0x69/0xd0 [ 107.720804][ T9700] ? ext4_es_lookup_extent+0x206/0x490 [ 107.720823][ T9700] ext4_map_blocks+0x70d/0xef0 [ 107.720843][ T9700] ext4_getblk+0xb1/0x3d0 [ 107.720862][ T9700] ext4_bread+0x28/0x100 [ 107.720898][ T9700] ext4_append+0xd1/0x1c0 00:39:40 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:40 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = inotify_init1(0x80000) preadv(r1, &(0x7f0000000140)=[{&(0x7f0000000040)=""/47, 0x2f}, {&(0x7f0000000300)=""/225, 0xe1}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000000080)=""/92, 0x5c}], 0x4, 0x4, 0x9) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000005200010000000000000000000a000000100003"], 0x24}}, 0x0) write$binfmt_misc(r4, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r3, 0x0, r5, 0x0, 0x4ffe0, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000290000000f000000000000000200000002000000008000000080000020000000d3f4655fd3f4655f0100ffff53ef010001000000d3f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000010200)="010000000000050008000000000000000000000004", 0x15, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x1000}, {&(0x7f0000011a00)="504d4d00504d4dff", 0x8, 0x8000}, {&(0x7f0000013b00)="ed41000000100000d3f4655fd3f4655fd3f4655f000000000000040008", 0x1d, 0x22080}], 0x0, &(0x7f0000014900)) 00:39:40 executing program 5: openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) 00:39:40 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x2583, 0x0) fcntl$setlease(r0, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x80800, 0x10) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') 00:39:40 executing program 2 (fault-call:0 fault-nth:47): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 107.720913][ T9700] ext4_init_new_dir+0x177/0x500 [ 107.720929][ T9700] ext4_mkdir+0x329/0x760 [ 107.720944][ T9700] vfs_mkdir+0x2a4/0x370 [ 107.720962][ T9700] do_mkdirat+0x11d/0x200 [ 107.720984][ T9700] __x64_sys_mkdir+0x32/0x40 [ 107.721072][ T9700] do_syscall_64+0x3d/0x90 [ 107.721088][ T9700] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 107.721158][ T9700] RIP: 0033:0x4656f7 [ 107.721170][ T9700] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:39:40 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x804c3, 0x10) fcntl$setlease(r0, 0x400, 0x0) open$dir(&(0x7f0000000080)='./file0/file0\x00', 0x10201, 0x102) link(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0) 00:39:40 executing program 5: r0 = open(&(0x7f0000000380)='./file0\x00', 0x123802, 0x40) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x44, 0x3, 0x8, 0x101, 0x0, 0x0, {0xc, 0x0, 0x7}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x800}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x6001}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040801) r1 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r1) sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x54, r2, 0x10, 0x70bd2b, 0x25dfdbfd, {}, [@ETHTOOL_A_COALESCE_RX_MAX_FRAMES_LOW={0x8, 0xf, 0x3f}, @ETHTOOL_A_COALESCE_TX_USECS_LOW={0x8, 0x10, 0xffff}, @ETHTOOL_A_COALESCE_PKT_RATE_HIGH={0x8}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW={0x8, 0x11, 0x1ff}, @ETHTOOL_A_COALESCE_RX_USECS_LOW={0x8, 0xe, 0x5}, @ETHTOOL_A_COALESCE_RX_USECS={0x8, 0x2, 0x80}, @ETHTOOL_A_COALESCE_TX_USECS_LOW={0x8, 0x10, 0x400}]}, 0x54}, 0x1, 0x0, 0x0, 0x8004}, 0x40804) fcntl$setlease(r1, 0x400, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x400000, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_ASSOCIATE(r5, &(0x7f0000000bc0)={&(0x7f0000000ac0), 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB='3\f\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x28}}, 0x0) sendmsg$NL80211_CMD_DEL_PMK(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x38, r4, 0x2, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xfff, 0x67}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x38}, 0x1, 0x0, 0x0, 0x40010}, 0x4000010) r6 = socket$netlink(0x10, 0x3, 0x2) r7 = fork() sendmsg$netlink(r6, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r7, 0xee01, 0xee00}}}], 0x20}, 0x0) clock_gettime(0x0, &(0x7f00000064c0)={0x0, 0x0}) recvmmsg$unix(r0, &(0x7f0000006400)=[{{&(0x7f0000000800)=@abs, 0x6e, &(0x7f0000000a00)=[{&(0x7f0000000880)=""/27, 0x1b}, {&(0x7f00000008c0)=""/208, 0xd0}, {&(0x7f0000002c00)=""/4096, 0x1000}, {&(0x7f00000009c0)}], 0x4, &(0x7f0000000a40)=[@cred={{0x1c}}], 0x20}}, {{0x0, 0x0, &(0x7f0000005380)=[{&(0x7f0000004f80)=""/87, 0x57}, {&(0x7f0000005000)=""/82, 0x52}, {&(0x7f0000008680)=""/4096, 0x1000}, {&(0x7f0000000640)}, {&(0x7f0000005080)=""/87, 0x57}, {&(0x7f0000005100)=""/85, 0x55}, {&(0x7f0000005180)=""/160, 0xa0}, {&(0x7f0000005240)=""/152, 0x98}, {&(0x7f0000005300)=""/91, 0x5b}, {&(0x7f00000009c0)=""/50, 0x32}], 0xa}}, {{&(0x7f0000003c00), 0x6e, &(0x7f00000061c0)=[{&(0x7f0000003c80)=""/209, 0xd1}, {&(0x7f0000003d80)=""/4096, 0x1000}, {&(0x7f0000004d80)=""/107, 0x6b}, {&(0x7f0000004e00)=""/238, 0xee}, {&(0x7f0000004f00)=""/66, 0x42}, {&(0x7f0000000b00)=""/53, 0x35}, {&(0x7f0000007640)=""/4103, 0x1007}, {&(0x7f0000005f80)=""/233, 0xe9}, {&(0x7f0000006080)=""/66, 0x42}, {&(0x7f0000006100)=""/133, 0x85}], 0xa, &(0x7f0000006280)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x148}}], 0x3, 0x0, &(0x7f0000006500)={r8, r9+60000000}) r11 = syz_open_dev$loop(&(0x7f0000006580), 0x8001, 0x404500) r12 = eventfd2(0x1a2, 0x41801) io_submit(0x0, 0x6, &(0x7f0000007600)=[&(0x7f0000000580)={0x0, 0x0, 0x0, 0x6, 0x9, r3, &(0x7f0000000500)="ebf15418cb098244dd622da741cfcc92b28a473477ee554ccb9a2222acaca55d9df578d02e6a0f675b79b182b9a543c6c23929f93ee3ab7ecec1220d8777ff9646c157a2630f79e6c156b3fc4b6e304a9346b767a5298b11", 0x58, 0x3, 0x0, 0x1, r0}, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffffff, &(0x7f00000005c0)="f9b04ac825f5ed47decc495f247a65bd148880a3482515552bbc3d", 0x1b, 0x3, 0x0, 0x1, r0}, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x2, 0x6, 0xffffffffffffffff, &(0x7f0000000c00)="311a0176779bb8a5782d5de466dc5ed53bbd72d0804cfdda61e469ade78cb6823934780cffa0b8be56c2bfb3335dccb98f486133d510d193eeba87d626ac1a9032f4a917ceb7886aa5ffa4eafcd3cd76421f94fbaa44bb87f2cb64d7188daaf411cf6fdd716c748a4aead70b5e85c5bb97bf06cd48215ce3ea828a85def05e999f7276f00510eff45d9e3eb754c6b609a95436d5a2adc2065a003923a18c808e4b0d1aa38f2665b7e1f31ed190a67170b6fb7a6035915beb624a9dee05dfb0b2973fa3ee021266706fbe6d5b6ed8ecfed2fac0f83bf4a412bcee8668fcd84f0a38590720bae502c9920b58a1091da5c8a0e2f55531de6d5ae5f592b7eafdbcc3060ff124c222eea9859e51116a91239e10d26e5a5e1ac3b992cb3f65c0e512c1e2fd843e7be9a54672b472832ad66e04794fd69f9d55c8a6a3a671a78c38644998c0c36c126d3a5bfbc2ba6ee402c96f4462b4d3bdadd71cc40b2ee960ff1ea0bc2f59354d06c2bf99706f782ded2f63ff523ea40a5b2ae4c3733787fb7d3f76e30dce429f658322cfe3d9f5bdce2b80a50d66cb024d163dcc3a8f97a225e1c0779f741d8c248a8f55feeed86509fe177752d7a50cf29cb800994bd909ebc59de5837a74fea4f008c36a6d623f8d4757e175d801d460becb60cd425cd841e1f368078e203a802e6258c8aa6c0b9c1de6d68d29d7ce53d31daf6719b26508fa1955028817fcb5017a209e528f52acd1fdde00c03bede817dbf1636b9b718e0c885c245beefda740d80fbe887c12884a3a3b63c1af377ef4cf14c102ee65fea30e00a421fd8918ebe303dd9717ce5b49b2a010545ffbc9fd21c2e26cb3488943fb8a46d82b6f7653504a21f094c5bed5595d2e00d9814be023a3021d5605e36f6997775e3d44c21a80a783266ae5c836cfbe4441a45270f971dc56baffa1d85f5e754f2534838ab7bb3d70248c6a709c23e00c9a1f6248ab7c5bb9d606650ffe10e6e72f4912807ce7a3d7a5a95fcfa65c5dec50c2965a88db8a4df04b539e27e6ca5865de12c4541c6a9e8496238f4b8a489fdd31cdfd87886291ec4bf88c2a68f4f130b9fe330bb410ce39aa59d778b014cf62bea858a163c4bd8c586e025e683d82efc24d535987995fbfd9745e8dde831d1d97e3a1bafcc7952685556192829443847c943a4786da6d620b0c0bc643f1f5f952dbf672d0d8969581148a1f4fc191351781e97282c013f4d6456b2854cef8a03746322fe61b8986b17ad780b756e26d7bc2279153d81685482d73e7e9b96e17fc930d68bd26182ab2a34911cf8f81b153128dccf43497c59e026b47a3c02922e2e25aa77bc76b59848b881158523942e825250744ecca3203f49472fd62248b3aa53c65405ada5fa1269f4589692c2ef028197c57bf6442ae197f1ecdf43023682b29012156fa3527bc0450c22abcbc6955588ddc87506a5155f7a3a1bbcc963dab9aec0b4e5ba742951e755e338e446062996065ce3220cbe6b65a40dd1584c3230b1fb954dcbc981a5551f6e5123d5817110312c57102322173486910bd1b52cf6757f7eef31fc81307241b46790df608dd71936e2b25e72ee588fe5082cc22ff99c564e62baf666551f4847929e69dde860a3fa4a4069939c512bb1b1891a5fab7f6a614db05eb46d082e88dda6ca0147ef16c9bbe2ff80eecfcb2dfe4e1ad1c0faf8fd7a04b0d274666d2ea9954915935abf19cb7001f4360e26f875213c4330649ab470a2137e663fe0a75c162d0fcbfbd0cc3804545695d6e03ceaad18161228b59ae7964e48678dd931c1965a7f2e2e53e917a86a098582830cfc5db1fb101d5e8955d57cf6153078a89eb15a9be27818fe2f40506123b7ad34b8451dbbaea75ebb2bf7d746a0e9d249843f4978777278a57d973df2865e09a95c2430b569e9966a3b1bdfabf4bdc3d5b41761986da1c68c5279d78a08cb839eba838b54eaa413650fb8494ea8c4dc5804045197658205ec3a50523c4f23077a197c0c93e9883d2d4ca295bfbcc47a6ffa09425e0413dd11377e611f60d1474de872d4797874fca03304043832d3cbe4315fc63968f926fa3cc7690794f9a34ca8ad09bc4881bc77a23687af7c4183851f4ced5ebc55a21c2cd524fabce4cb7798cbef5de657ce425ee33e88f7b2cfe8580fee30f2e16bff17318664fce1c9ebc3ffb4701995eacaaebff1228a9b17a6a11ad0144b945c1b3c7604b64d4516aae1425bae52468dc6a42952ba657c5e4ff7a7579f43742344ff56d97f388db9155bcab1fc089997e848d012fe478280a57512c9963e37a20b60d0313f262ed9709f27e21b472e66ac36c6a339715ebebc830089a4faf0f106871c76a4a44cd2bdb040468259512753b7f3e1f7916e81689deefd7da42aa4944d7fd4bce443557641af3648d37382cc43240fa181b285aeeeb7d3525081abef629186e290b2c8c401038fcfc5bf3789b5232dce16dd4145db128af22cec7bf6b80bca23f09803451e29ac88de16b6ffdc7b9981f2db7da91e52dd373d0d218a254e641d48b2d0ce3672d1af3bebdee603c8140acb5a0063711d0547dad8bfb63aa0a43730b1838cd7dd6e0088d658dccd4fe47af62dec62b10e52279a2312c5caf87ff89145b938fd1fbd79b8090f1aeb4d9f410d11bf8aaba639e02a5c82af90b2d99880ca9f8d03371de9b38cb107e0edd6567faec76821e9b3d493602c95fc9737c6e12e83770190bc385c49bc2cfe5e53178e768666fcf9c8bdf4d1f694fae5f668559b07dd9cde9457674a84efb01d2bc96aa819199da33793eaaa0fe5362abe087d055140226a1cce0663e6bb97abd02fb77d1accd852aae551dbab61ea075f7ce11e575ab1d7b6648a5a19c8a95dcb86e87b07fd4e5087a09cab37ee6e4d8b0a634a29562be2dc45ac39ad648e398696f11497122dfcbc4a9852e60bad6ccfa9047e96a9108ad95dd9974061fcc2501088c446a2d9b53c1a562af275b1e23aa16fc1a5853ea05c488f686561a9098167bb613e1148db50b05b2408165c61a28c22c6fd837a602653860517216f91e56433987140a7d34b598e0fa7fd8df5a4239b9649b8ba8d98061b2126d0bf4f419d334f6e8b1e69300fbc8f8eab83d7cd9b95479bd221aef5c1579cba4f650dd43deae6408cf05674d29f1955f5cfe15c41f84428b8317fce8ec2514646bbd9542f673bc1d450bc1f07cef76a6dd80e50847c9a2acb1d1ed4f436793f5365cbfee0db7286f539bf555a9f3efe57488e0abfca4df1499c84996b242f778b127def1cbcf8e9080dff452cd758190ff6052c2759b9e8a815adcc8209cfec9b2edb3ad68645b461bb9b8cf64a558df87dc6e650b88c1954cc764e0a311d1acee14b743d8cdd7ab3d81bd79945a0e29ab00d16da2a9c2f64942a8a8c9c2a0a0bee606c7de6233a7ea08fb7f12c35cb51c213c92615c715592e05e3c43fd6ec653d72609a4187f90ac70ca522392de6e1c93f47e2e2fc886b9adbd2f808cb9a69e92328caad54c237886b9f102dda3c4b024ea665088a6343b41e40285f402136d39647cbf0cfbc5a91e54461eefee742dde390455deaa2d3750cf46b417b2468cc2b15ef0b02f117c4d5dcd9d63d1e2a495c34548be35013d3de16cca5141eae7464477567d3578efcd41884052414ada5c0766c221e391b621acd4b80ce13b0bbd624d3946486b0fac0831e5db531d6928e481bf4dd90764962000750542e3756394dcecbc07957b54416eab568fb890c6c45d777a62396a6a46183c2e31570d446a417eec1ae5d61406512ef7235b778ae1970ec7cdc4b0979dd91887c97b814123451fa5c69ff1e5a1049ff324c9e577813d05be70d37bb2345349aae9f8ffb5aa6f344110dc136eb8c2e1c00d1e6db9bbf4b919ad83ca7aebf152534fbabdcf7a2e9fd89cb0b16ff67ce37f73daf2c77b9d3524a7866d839eb6f8305cf96822f80d384bc75b13cb50ca0ead026b84099b6bb2696e512c6baa72466808c83282d9a2f3acc60507a48a0a5e5fb09de9fc0b64fb9809b890ecb52ead55b6ac08709ffed97f3e289d771128c42fb3bebcf1c5aa17dcf3fa3cfdfb4c9978d18a7a2917f239e7bc2da35aecc9f364eab76c550e9081ccd1a15dc4eaf3b0a2ce40df6fb8902c060be3185ebc138ebebf30b75f06dfdd1c769c3fb3dc27ee2dc0d5492a3849fb6a0ee97d6866017f71675057f0a62ecde03a126655c64415719f12dd9cbb590bdc6aad54382bc9ad57d394f9d0224c18f738591ebb1681858261cb0574809956ecc0978bc5f9feb4ae096cdbfa62db8a112d2e900fac3a795246c7b119d020b6b5b453f738d5c149d69f798c5da0263c00d18008d1fad156c853a1fdb6954540ff8de6d8e55dac4fea2db9ec1de82a2a99e00146eba70fff60731ed64d79ca70f75eb2d7e532d31e9cc9e38b4274f4dd84ac76796dbec64077753f816d4fb65a46ed704899cb99b06b5b751f3d6e5fb06ee9f96b84c7b71b354ed1fdb1cc650eb744c16e9f4d2b46f1eda99de7d67ab11097c104c532752070f9cbed1aad3f262688854848e5c203424a2afe2dacf797d47173809d69db06c255dcb4eccd93ebd576b567a8c3729ba42930d9a2fa33d46d15d4189b5068f7deafe1d86312a03833dc0f6d250d4579a8ded856e70b8e6124b0702e289f12857e2a8baefe3f818150b11e1432144c2d9d1c2b3f3356d6df278930062c8b1e6c32cf9e2e36cdd5684ddde5eec194dc9264e7c15ab8aa4f5fed825760c3d7af009fa5eb88674b8802c74a92713d678b8f733a65e552ebaeee187ecc35759b2b047a963206834fad40a4dfc041ca38cd7342e2fa481dd90220c8981adbf20c1201b8338df7f9df620b7674f09ef58f2516ccd237cd0915c8fd176fd5ad24cefb80fc9ef5193de6b0f9f039353916eef7a5d32eb6bcb3c4c41c1920c48344947e3bd4ccc453151fe5df540215ce6c675d3ff079c131c37d4e5fbc76d47a529c741569e409a091322739df512e33d5aedf27b70f6640de43efbdaed01cc24a4dfc723a7e27028e3106f96f0d2ed995291e83eccf817b542d0d61bb631774da7729bdcdb0fac8fa8c61b349d5de6832f539763fc6c86f5083e5cda1a7fba00542195ff330ed35da51013b1f850e1d5ac28c5d090c80e5eb42d59a30f5dba21e77e1ddd53bec7fb672a264a36b75040b37e402a3f4228fa6aa8cae1224e8913b9b8f96c6e3dfb0de621902adae7000399f5cfc2f7120abe0240afcec78badb46058f858aeaa98546d485bf5bca46bae0f7ec9749e029378e32c334a666b2a2f8dc2e6e1b12b0230c691e0b0a89695e4edd44ea964aec02c274d054c94e6d9a952482928ec17772fe288b05a47de473c87de265021382f1770ce338d1a156f4664ace4f2182fd81ee1e691645341864a70c503ebd647c55ae86c8db6ae38dcc427030e0d9c8836e49e818e2d771cbc0374d12cde7fd8a9cc32e61cfc81eed79b99bed1825209e2c81f1bb19aab01521ae4bbcc13dcb87d44069b325ec90b437bc6d480b8894ba7f256cc4264b4f0a0db66aa57ff9007b1fd68d51c9edd372a2902aa316d24122595c7c13da8bf713a925172ef47d883e975b2dc10785050f33d8e89ffba11afa87f66826d1467ee9f843d19503c0f0d0fb70f5c39d3d2700bc560cfb672d7be6ac873c72671466a77ddac64f7150155bcdfd0f89e6a324655c6a60dffd1d2442e5e1248047c8b9ed6229ba3b4f64c68f8087c625a3757a2a0842c3fede04f82dbfd72705d47106db", 0x1000, 0x0, 0x0, 0x3, r3}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x400, r6, &(0x7f0000001c00)="1262e9d025f7882919b012d41a2865e732c0cb53a2b438efeec12be7d6dd0ccaf540afeee0851da16da8a9d4f9d8e689cf2ef8944f481380871f6324ad91ca15e3a6d2c5929743b92a21344a17a58e3212e762a988315ff1e9f93a3262f1d74d316a23b654a60a81bd5a23ab267e6a99c31271190d3ec2ae8d59a0882e60d2e53de8e7894c5b632e0e780e7503a1ec04c3de5eedd3fd0802cd0600777da475052b366e7fecf892d92a5aa3d22d4d2e56b1dc144e759a8a57f543a090db0ddd2a5dbf1e36ccc39f931eb92e05f7d7f497d7b94972ba81b62ec596ef5ca1c7e33fd2284faf8fbfafb73dad3be20b5d87ef2de666a03f1cc93c10fedec0dd0f84600e80e711a927d7536d24f28a17777928e4cb37d7681602f4a24726221a222af165255a85f93ed9b0ee76b606826c33122cbcfcdf90206916a88701a90ca5654a2865a0069ddf30877d70ceb41e4b86dd069114a2eeebf2df7ec46957588949e53a456dba2b3264996a74a1eeaa77d41a4c9032a07ec8aaa36c77747a47d09cf357437590d229a6987f6cac1bef0c3dfbc4265fad6064562b383ca0607a2e76ed2dc149a9ca750ea2bb8e3425ddac1fdb290f6fd2458d656d35a780a38ccb920f7b2fd89614f4980ac25515908507871fd555da09e307e0b62be73c08cf0e22f622eb577ce6657d36ff25811ac1c775b78ffc0564d32dd3599642869b2bfbbae33dbb8f00374909f04a245c9a8b68a220062f041133a6802c152124bde2818eca853643aff85f558b4c795814030a13185fec685f19700fed042ba2dc201a134905214ff4738d938db512e1cfbab55c334d29485529d42b49fc3ce82dbe51f3983ff061399a76150b909098837fbd717ca506990f6f6321535b965c78ccb641ca5afb7e13259c6a184b154c6e522d596c224fd8c4d8e5a92eb7e2905aadb92221a296ecf244a41e804c6d86b805096188d58f6bd2da2a66f89bf6c09717b5fa51454cc5c378500e22c85953a622f7655521ec48e6d5d7a3266363dd44f057ecc408bcde26654635ef2e3a5c3faabb13e6d581d82b79ee674a3cff9cfebe36cca0eefe7bf15c6607feb43a15b4e95a526bbf5209059ac1a0fe33eab537a8689300df2466d0d5d23a9ee543271c94d6196684cfa8fe31ae8e1b213cd6f9dbe749e640ae9cf71fc8274c9b3f0eae39a709402f6cc18e103dc9a48b93d2bfdf3f166ab3343bf27c0027986eeec700a43779d86476c7c9509c6bb752b6b3b3a6aaafd6a2008c924d491310ca119cdfe400c86d8656db0f338fb2139f4dbf5914b87782d1c35675a4086c269e8597afa5339728b2b738dbde36849d44b5c4df414fee9cce424a96043fc4d16d3ce56a0eebcf46e178ec448c23f47a9a3cd39a77beeabc99977c1b0f7b6f2292107ecc502e53b0eb67693e8bbb716e2cce9ad76e20a940a71f2aa3a0889123d871257aabdd12f5b05dd1c07fc1d33ca535dda1807c69cd9a98e91ef933cb6353497b3a3e30886855ba2d49d7b6886686224bf62bb7cd3b51dc4b8f63aee58d40a25697c1519fd9e246126f25f222be8f22db39a9f38b47fcbf6df9d7192d14c8e72e5d28815f1c9ab7466e98fd2c3dba93aba9823202fe0fa726bf29a627b831aacbb7bdbac30fc30a5fa5035c36173b6ceebdf9f749ce8fd64b4f9cc61c6725811c790e70ebc4ac1a18804acf52696387b3560099cbd61814f1d351f342142edd39449db2cc94a26851b9fa25931f67cab5b22150b62941608b12e0f63c4090e6aa26c8d12a0d0c715c5500b8aa2605226a2c86734ff547d85aaee3aa3bbedbb3869fe0cfa97ed012f105ce07802c1999093c2fa52e5742762149118ee49c95f9dbff98e5d18bb9e37ebef59d592fc6318d6c912bf4902433e193900da5b6a0e361f5b23e9da3bc2a08c57ecbf8218ddda114ce8df28dd75d386fd62cf0d6f8a4d6c493fb5e4a9a05c408ba781861ff7d1fd6c6bb813f4100871c41d39c1280e1af40809b9987ceb7a5576eb7c149f407a4a79e06a004bd5f027f6d2ba9d2574a1b27650338793a50655b8c666ba8fbf840fcb825db9ff9e70c95807268c0572a87578e7972304de0de416fbdab94cbe190dfef4c896f942ffb9e030e365d3104a999b2eabd3d801c70bea29309db8d4f3fbede3f54fcd063e7005d6ddf49ac9cd2105f1d9c02ac80b338e5674780749f92c8efcf6b77c11aa9f64592d8ed69fe041728feeb0fcf2fbaae6d05097ed8699453be83a26b2336fe8e3964bfeb3f45fede9ae4dbe0f88d726d4e027cd1853bbad0165b7f45c2e7cea84e10eed193b2574cf1e182a2eba81eb730a969960bd6465640fdc8f9e28324be3b86dc6caa7ab85e064f23d7f96f4a5fd2ca3a2234ccd8daf74dd6ea631a470906534501eb4a9f65f93ddf824ad0cf27718fe939f43383c41bf04a3438a8493d75ba7a34902955687d184275564056a592acaf225303d4098a907881d774a007e89775dc3e97984e99b25b4c79f4d4fefb3a2671ca1fc2a391fbb84d13cb6c0c85bffb2f5caac94e2fca040017e9e331d0afd643d05ff2d2a92bf4b4169d53052b277c755eade42f7bbb630ee013d4a31cd9b13fb81eb02567de282c705b429ba4a9469964838f5c25e990aedd7f8bff47e38bc40eaa718451e9da23b9523c55178ac057840cda9b9fbfda4f57b4ed9cb0ce3c086a9cef86f12038c5190df22f461546ff90e7d6df3c128982dd61411a5b95b6a39d38e64989fbe0480adb02da6d7781da0695c28b1994f193156bdfc6d4fe75d3de8c5e6ef2ebcbb7df823fa5546266e1decaf717c07a3be53afdb004b68e1c7ab1b0001c24ff578376de5c97792ebe2f04034454a5231746397dcc0ebfa9e069e4e33e365439b619ac7c734229a50c7dbce64627a6ca74f39e7827f973f068f7279da681730a6afee8237e63a338702e6d58b7804c1c5b4295f5dfc2c2d7bb4857ee8cd37c042af73ddbb2d7b25237e24361b8620f251ba949e019e42fae85d3e9a4426e9c79e66112c480e86c262d3761e0bad1a2edeb87a36c8a21bd5f0a34f717d5ca6a0b379b6a01aa322e88bca6066eb41785dc3008f4d4bb60354f931e68243a9462de7eacb8dcef7b7e1b80f6e99c16802e65dcd8d67d4851dce9480615c165d8e699dab37be3142ed6c3cf088535d9504f758eb660fd3a704fbdf871b82421381589731d685fbceb8b92fbc7f5690e076b48d651f3c03e2e61b351f2fcddde3ba27c0e7b618086d26205abccb38348387434bc00e97ba4e5d113df00b03faa6218f1fead9be7b69db3ee25f8207d06249ab580c03e3ec81110525bc33141624111c59d33b635fdc85938b3fadfef3d2585d751a4ec12d9ad11d8c4010105044a5ec8732f74b5ed9fa32adde27db2f37139a079fd4af5f550984369fd9753b364fc97a20225f671b6483ad568e2db475085cd1a17ae3ea5c60be0c774c5b7941cf5ad09a064366f600a7be8f8a2f8815f7ef38c5b2b43db365f0adf8fa05b21686a0888952a12d360db9d41cd13f05c0598c1e93168687fc4fc13cb39a574bcca70883aa7c3532d808595bd89588e035d4b9e0b517faa791880413699ffdcb397024b90e12cf59aaba6e38e5788be68f7d0931023e641475bd0d7d8895911f23b233fec9c832921f84738f5bdcba8576bdc53d639ab4bec6c2bd068d6a921992b23f139f69f9bd5413fcf825fc775960764290cd6b18243bc7139a198dd1e26915f3bf0fd20605403531e5680e7482dab14d3bc11a89cae60900b21057f2434667ca39f6120c95998890871d7554ed4008058d937f704b9348d03822c576eaec355b0c558f36116571842c20bd67e1aa441115653807d1a9f0e8f4fd29ce5671ed864559f20ac2c485d8c42406f5a2cc355568f2b01b53390bfe6d238e4e8bbc611cf5d5333129bae4cb9bad2a8598c41a7a0912e7c7eb363d019b426ad9322663bca4ac32d6e25f83301371f35155de2fcdf24675e75477794efeaa418ee974f91aa478b06fb6f1e1e9fe05ebf326142b1b2f64c99be9a71b640a9ade2ece16df450713f98683778ff26975d40b7280573fa432cb6ddca37f591c27f3da5b1398372a46d573854a6c11d06541c25569ac61c3bda79c5452616321e07c092ab459c138157f95e39624eb50442828648ce1cfc64dda0e9da69ebe4cca319b890e5c51d8b8f6df4cd126c41fd621c9494339aa655b26acd0e2730dc44c411dbc8786cb540cb096e1dbec9ec71cd859056a1be52629f9415fcc48bc68ad99423be295bf858b422736c7bcb944eb4142b3840942be70c91d8d8a78e142e80893c7581efb040f565ecdebddfb811571e2ff2a15ac825760608a585021290d77a567dc7ea85744f7931d52215d5bcfd9474f42f117adcaff486bf6b32e9d985d37cfcd1cbeb5ab9a0c73f200673c9023be54a2d0bffa1f0e91180b8ba35bf9639f44f2b5104db70225189701b83e84b3da69c82cc93968bae9e93257d9aa75f660e617adab2b8bf049bbd8c5e0befeaaf17fe8799734c2ca3e5cb6433b68cad641bb16cc056f20479762b1a386d449319afbff40fd2f33d12b1b13e4c0ed9da804326f46f8ba37612bed06246865c2c0d3f86dd4b28c6e868b8ceadcaebf1f0f1baf6d2455db48268edae86cdfc9edf2868233e81353050b9dba8fa7e4ec1a622c3ee8df15983da6da730f1e9501f04fea3e0b7924604c1737f8bed4d2e8bae3c864dcb05b06746233250021244530032a71ad31d7ab07604acc29408e70ea1e6503b05fe6ecd10c18f340c25ecbb82de5fbea3725c1ad638532b0f39bb9a77955e4c86f756c2ce5f0f09b3baf255f5ac96d64b0a756b3ae56ac81d5f05270139d5f52d2c131f9d871ebdb1c55df86691c851122cd0fe527e9e0c74cc07b8d1d79185f2d70ab2e495db5eca8bca14cd658c2124660483a8e143ae20abfbec8138cae84367b4404a756757735b5263f500d7ddec10aa661d3b57e4e794648d1cbfb88423f0cc80bf46a11b1c62ce2e7476398913cfa93b546c42579a6a9a9fb798b84ee95c0dc59d4586ed143b7cb0dd3bb7f68934460beda77bcf60ce2e1531dfc71c4d6cd2120d2f913e55dabefb103e93270c1e674ffc5b1ff7dcc99c1ee824f0d075cc762fd2e971288e29579c23cc1e90cf31e67a5ee89a36c220536d45be54e0ad54b35280c217110ac84b12b8a688ffa74f1dcdc9d704950bc64ac9d04b2a5ec1d07fc4e56cbb8cddf31c02bc752e0406a709c213234689ef9b9ee3cbe38e9a1cfe868a9e19bdbf13e89509f4b721bf90f178fb9cf6159318004b614ec1b4b872284274a6fa6ab3c9a393462a28d54cb5d7fe3fefe9088cd50d02b1c9046251b89ec86a6ab8f8e342f2844e3d34bd401e963cf924a511064ed3ef7c929027a6496ac1aeb4ca975c9007af2eb86757ad5dbc504ad74ef7c53a231557312062ab6515d8bc1eac77de15e62b5b227066a4677632ba7ac5fe3e0840ccafecca35666c6ad2eab8ea0aa5c4d8677c4751482f52aafcc7e9ae926ba7dcebfebfe6bbac8229b5c0e706198c201340576be89f0c73f45874c6004e045e3853f94f3ff4530557b763f0fb2706a7501a4bfc7765fd7c3c81f5c9912f5095c502bde80cb1330375751984a25853afdb5720c12aa1320c79195cc2f244ccf8ce820d9f5204a8b6e7b4465aacffc94d0a56400de49800c2e7947d5a10c38813cecb947f001e0379c9f69bc60da6ba51320669439255747d889d1ae809c46db049ab5626ceb9af172849218f", 0x1000}, &(0x7f0000006540)={0x0, 0x0, 0x0, 0x7, 0x81, r3, &(0x7f0000000700)="4ebc107bf5f775905e737a74481adbf5899434f7f2011ce01aa1d76e40262653493516a62756fb41a4105f781e14ffa0318c60709a0d709ba7a6238cc93a76dc45e0c835a26763d6795a4e2872373304ed78460666a4573ea3de1d336438e26601716ca7b3bf10f304cf436f026fed48dbcaf26c54df3ababd79ec61258a079d8165e9efd4021fd91b7402489cdf160b4f86bfcc991fd9044f9443e13bb32751acf7d4b57e1d5e410b8f98d4268c38435ad141ac79e9159da17c2fd1880aae0425ab838c09bf0d979656ef15d14dd12c717304123c34a5c8d85546539f0e478e4aa19023e617a4931bdcde7a357e95d723754fc29464faac425c9bd11f59", 0xfe, 0x1, 0x0, 0x1, r10}, &(0x7f00000075c0)={0x0, 0x0, 0x0, 0x3, 0x400, r11, &(0x7f00000065c0)="847f227f43df3492996dde6387e83d317aa87b5604af37a5794565e95caae4d09ef136bf975237760b186532667fedba94bce1089a209c10ac17614672ad10d7fcee0339eb8c61d52e7972c1a7d853f3f212f0443256d77e92166ee126321e881a16959a0b09cc1ca42783c0102730511f77404ace68ae18f82b831bae7f8e81e2642fd73f8a9e63f0725d091cfd4eef803687333c69f2bd1b9aefb647d64d3520819ad9eba16154536ba6605ca1f0f4b5d506c210ea776b868f6f576350c6d3c6e8ebde53d6ae7cc8df3eb467d4cdc427d8266ca15b9d029e0dbd381e53ebf24782b77eea116cae5bdf6ec6165555d4b6f4e9a9fcf661c7c59e184d85262e2597e88b95e8dfbd1139b1950548572792e7896c9bc54946d9ead711bd80bb4c7614e1a9edc3ab62f7b56d4a352dcbad54bde6cd00b103a716b0c5d6df1ec8a577c2323d47f289f49e2f8632d549bb49f0ed083d8af8b72681ae33c807058813071a44bfe718e7d4f4dcd422fd7afa58aac05d7166dcb882b63141c800efe1af3bff249ceccd5a726d268fc1d90bc450db530ed6a2dc52c6d309b94bb350709d5c370e8129c35f500962afb6cb94c10ccbcaf7a50f29ae35c64fffad02fc2ec14a3185da78d661d6fc33500be87ba1a0d58d209fd862cebc5c6d22b18fac30864a9b43eb473dcf773415c23cabc87254bb4014206b75af6d5e9cb4b01b86a387db4063f2d885a73e4acbfb74e20800e418c1b92be54e6d330cf17b9df58bf2a30a2fbff6d046c7cb727b801ef5684ddc7be45db415321a0b00c16c24276ced82010cda8254c76b58a9885727704409e9b1bd7652e7619c60cfbadb80618aa36fce6f108780692d4abfee8d964ff042ba8db0959ac396508d4e3a42be7fa85fcbf79cf61c08b9132e8dcf97732f7fdd9c44f7e12d360c696b1e8587d633871c9b4dca5647c12f3e27f54c7c7af28ba4638f6f2753b47f9adde320d091dcfeb34926e26091b118f5cbd9edd2bfbd2a2d80e0c171cfa9e0847ace27b76cb9670a238239bcf8df630132adcfca2bce8dfa200681237627b12f8d93cf0478848116a7743ddbee0c0cd603c0c943140dbc77983cb1472602c2fc12c4d93b52d833cfd3ab00ac977fbcfceafceb2f2f04ca59b7cbe2562b972be4c9697f39b83d48534024fe9cdb9f269ec867e02f323b7cc1c238f5f6847e4a28321d48a0a4ac96722e8099480c3bc71fae99804fe1c9b8b1355758dcab4dcab0063497ff4a170b3cb9ce6e59835e6ff94742bb8477eb4a55b389de6af6ce0b6029df53a57692f724545e76342820c001089aa5b75c1feed00d895507e1407955bfd62814847f7b9eab7ed32e0f6c9b548fbab743ce0cd7575e0a8453c76d699babfd1bb6d3af9fd9697f055d5d9d0353f2a05ee990787db8e57791105fd5322ad53c661a7e7c3e2a565815034c3a870138f04285d00c468de1726be3ea17ba419d53c07645113c7dc1c9c18cc0fc6498f84615e523ce79d3a460cca085fa4d7959571e9dbfdb3550a4520ece9d6867a219df2cbce481af9c0f81381e07514e94fc651b914ab9df039d039ce8ce09258872fe19bd83adac7b8af039c52e5aa8fa2ba0151e456cbb5cbb65174eacf214962282b5b6f5b264e7b89d2b236eb5797bfa08afe0abe3d9cc56bf6460bebd3a630ab1367a15ba9ce0d511d5c81c8abd20d1c3762518e6c25e9f7d9adc884b6ec314ae63be6474c2352c5b136ef1a6bc28a2cafc76c2776ba24efb00a15b808097297a948fe6528c3c1e606133946a066e717728341d17951905b0ced8d18e13592021b8e00c0a20a2b9c57f68b7ccd565e459c1d461cebf90b4c3d2fc94030c851b8a2580346f3ebc5e823a9135a181df6720fd829e8bd89d56de1dc480e9fc802628224a6c4cd65557267685f64e98f535e8e4a440669756104d5c272a13285254c6a8309f0730773f4e4ac2ea9106384d4c396b95b67c7f278b9dd144ea5793f617d0442210c673279ebc43e5d8d7de00a2bb6df33d06a50bb63a07c3955341e2db38e21b28a59b054cb6e8df09e56d815352da27ac2dca616f59e103e4aa6cba521357eed198f8b6f759452a53fb74f8acaeadd670b17b049bb597cc619f046b5d4f74610dcc1f2b2c65f76f66e1aa767c200a21de77e19a94958953546c0f09172f84530ce8a2a35ab8af194be3d23048363d6088a9cc208cf38fd45320651f9c9c90e038261e9a38169a6afd9eb8823641f930d449a73b64e0982e39f47480c60a8efa1c43be14e7ee7c9ab214d1bd8c43a0c6ab762cad6d29c3c07d50d0e6786db4b186f478c97b30473ee554c5a5153dee42db85f24101da0abf4f2aff7e62315d3a0f8a21e0f32c23cb9263b1ea15b58f2057616ac5366c5aac4d7af0bd2c5ea0efa3d9152644d54158112950a7fe6c839bfb2c429ea13484f10591586b9b10d687d328b8bb9a35883cacdfd60ccf7058c4aa2d545ece4506383ee91df7ad62a3603a5769182fbf244c45dc9a0d1a3efb573ad923de908d23b5a9caec5cacf736c5bebf4df2705db21410743dd3803c486b166b871f3e3740fa870ef88093079bb122bdd52834fae535917cc22f1c125e074cdb74199ada721aea94c73317c6284bbd1067089d97740235a866eca8fa27a69036486fe2c0c00aad0c35f2766d50abe74d30f12dd5e18f95e23529a74ccf837116a93c9c78c44a4b6a6f50cb95715e8198e4747b930fab412e921f7ce4d0e813ace100fdb8ad0dc71389d90c5f21dcf6adb9903cbb62a94442b0d8a2d09e0687fae963826bff5481647e164f2f0b8acc726c90e9641f16f83ddfa4a506a68c04534f44586c7972943fd6eddc1493698a1d55f21a112bde0f1ce9c0b21b56e066df6320523782b99f87be7545fc5923fdd5df6f95786c2c9a164c3faf871ee2f38820bd4c526196be7c2e8fe6d72b19040f217f79846194f6fc06a42e41dd0b629dc171ddcbc746d596e8207e91746bd36b07a17e9249d9fc950b445421e806c39eabfc9e26eac96f45b27d1b2d4e338f32d9a32791da0bed803d7e29b3cdd854b36dbde5bcaa34affa02d1c6372d08aa8fb0e25236e2c1e904eda691c4c646a728d4485514c148a0b5ae582a0adfec2cd2c1c9ee79525f2198d0161dad25cc53235b26baff7be0f915282846578125fbffc36593c9aae5a9460993533e71e70fbeb36e6af3236e40f7bb41d60241b517253443707b370cd5452aeba36c34ebcaf5e38b5f74bd7859ffda151e520af9b97c06a8f5949094e3ef2ebde2c99855503f7480a41a6a71bef382e74f850ef10bab44baf2d48e0e759489fe003f9bd547586defc580bca07d13f3b407d2a11863ccb6f13001170c226fa4025f7ae9ae45f74a972ea247f3a3e8f1b73b8ae7a6c510911b5a503bfb3eac1832ba6398659e175217db688c611ae600d085c464f0952adca2b7cbf13cb0722a1fe4243f7ae31ea84bbcc551cd56b138046cba1083570f3171dfca17f6f106a1565351b16f227441a389af84006c568b46836d580c1a831589fb9b8e11c22e3fcf7516daf23ba43c5fde5714f54f1996d529c59cf27ff3322f017a9f659dd2173726a6eb5462f92531fc1d88ff1f5f1f374ac4482b9883862046c21e01ba09d87ce6bd5991f3a3df8813f5e911f961067eecee5364c8bcd05de5c43062af9d9727eef51213455bef9c276c47234e4b82651293a826f39c4b8800f05ecbbd67d4a6cf5eb208f8c6ec0929b3bbb794e1e5eaffb99ee6842466df0f9bcfe20af027a03e596dda2ee5cede6dbce7fa776d3cfe09e57d9d74c096cc9b3dfc825e218b2f1263cfc78e579bb96d7f12c7d29993a9b0589013e5eac026dd059e4d6261f58c2654c0d321020cd098ca93863ca383bd83a18440a2fc18683563ba7280a9d4b4f95145adc08740fa46a6d03e0bc5000507a31e8481ec878f96c119fdfa3dc02899ef0b441b533c8844c2c3401a4b2b41420592172623c214ab4e7daa98ef753ce56f919c4ef4a9411fc2a21716e3321fd368e25591b7097252beda925802f559bc5ed563227c2a3a510932705a6adf6d2a30ab2938799e60185e781c68783626d2477e721cd727aafdbe69b7cb987df2f8da576c84fe6ee29db9489fa7c39fc8b3980eee26f8a50bf9790d8ed58cd777254d4b788572a0c0b2fcca5d8f006b3d3da5bbc4f5e2af5b4c58dd7a9652d59201b47c32934449ccbb858c3436769bf2239a06d50a3081efc925f94236541931160dfa85e4b31e6720d3c5d13354d53d211c062358f414f4d0c2c5d558807a5a785d42dad79c29f8c538e281b135e5e429471d02a32a384354e78e6fae32422de2aa7363544dc51c525bb9b446bca27e93f375b58c68c74bc4304eea012335f9a93e7cab20637ea5dcaed3654655b2a735ae5a1eface16e8ca66b42aaceed81e1f5950555755ac2bb4f06ecf4372a2051416840d225eab9a7da05e977b87b081eb1b7317f5a2f76e6d1bbf23c1a41463b0526c4b10638782d787cb4100ad418bb606fcd6aaf6568bcf2adcbc2b6db4c66d386091d3750fc72cf91f19a812667dd0e5ccaf61416ab04cab249be16af8a5f0b4bc74f97f4e727f773c20161c609babc1808bfa7110918b980703325df5588b83e8296bb3918b2308cd3d3e7053de239eb97be3eec1b031cc4524f6e3b08dbe4824d03272569777d7ffb51a44df963cba5a03ec63511649f235f1d1a4be6882a37e9465601d5de6e6e1f557ca792620173417b1a5d0fdaf7fa2ce93d6d82e4beeeb3d33605ec44badecdf2a465bba4a5433dc0a815dada9e464ae676c17720e2b9d6ca993ddf0ee7731881b6eb3e50ba62dab31e57357e9fb4bf686f1c495f07cb7c20c9fe316310f33d607f3c4e8cb92a7fe021ad6d941b21a2344f606feea8c6a1f52d530a794029b36270bdbdff61861990a72d52726a5168792df3838c54f58e88688ec676eb562f0335f5df180482040736862ec2cc816e3e3b5e41433b9afa684a07c0a0b9826dc8f0ad51ba6d6fc6e9c0c734388ee655d3daaad9084de63af5d934a0d080f46db76cb76b2413b7bb8157b3f121c030c352cb6370230438f64346e531a3b42346b46ead5d5767c28634783c73e30acb7144a2c089b43273b8c0cc699a0bf7554fb4f0e30508c8dc9c2da5d5924fc2d2e9d15102b85026856d70642c4b194385412e0a99af91c818ef1b96eaf304ba82c7745bded46d9805cba13f830378738e64c19bceb6dd36d28d7268a44c0c40474792cba9afa9726b0a1cc1902a140f5dcc6121c1525573ae1c174fe01e59802d2dea8ca10eff57b2684f8b60d53c8843c920f4260235338664e8b7df759832ed9249448c30e43ec9431a4faea3973f709179125419b1a30905a9cda2b4c34e755524944d042530667cfe3acd3a03da7070e6fa4277e76508dc4f1c74497b92daa28466e716766fdaf753763eebf8a592423528c52e2c3b1cf89d544ffdeb3424566c93b4260585ea69416d80feb46fee9f6859d0b2b39fda21f7bcd76ca6d04994adf009bef99b15efc3530f5d1fcfbe249e2f4a6683f5c6c433a57580da3c92a25b69f121c9c9a16f352d6cb96162c9e8341bfe40d5e0d980e5fe4f5e0b62a077a22f1ea365cbeaa5b38844e8f6eb1e49fbf8774e54eca03bb2329c6ac85a4a34433298e2351f5a78b5552eeef5dc98bed4d5caf1c96232757696b0df64e137bc383d4d751a00afa72ed6e942868b604e01759318fa1ebeb964b7bd42beb8d1b4e0e97242b27854fe32fcd82bf4e", 0x1000, 0x5, 0x0, 0x2, r12}]) link(&(0x7f0000000240)='./file0\x00', &(0x7f00000000c0)='./file0\x00') 00:39:40 executing program 2 (fault-call:0 fault-nth:48): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 107.721183][ T9700] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 107.721201][ T9700] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656f7 00:39:40 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) fcntl$setlease(r0, 0x400, 0x0) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$netlink(0x10, 0x3, 0x2) r2 = fork() sendmsg$netlink(r1, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01, 0xee00}}}], 0x20}, 0x0) r3 = accept4$inet(r0, 0x0, &(0x7f0000000000), 0x800) ioctl$FITHAW(r3, 0xc0045878) [ 107.721214][ T9700] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 107.721265][ T9700] RBP: 00007f67705dc040 R08: 0000000000000000 R09: ffffffffffffffff 00:39:40 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:40 executing program 5: r0 = open(&(0x7f0000000380)='./file0\x00', 0x123802, 0x40) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x44, 0x3, 0x8, 0x101, 0x0, 0x0, {0xc, 0x0, 0x7}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x800}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x6001}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040801) r1 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r1) sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x54, r2, 0x10, 0x70bd2b, 0x25dfdbfd, {}, [@ETHTOOL_A_COALESCE_RX_MAX_FRAMES_LOW={0x8, 0xf, 0x3f}, @ETHTOOL_A_COALESCE_TX_USECS_LOW={0x8, 0x10, 0xffff}, @ETHTOOL_A_COALESCE_PKT_RATE_HIGH={0x8}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW={0x8, 0x11, 0x1ff}, @ETHTOOL_A_COALESCE_RX_USECS_LOW={0x8, 0xe, 0x5}, @ETHTOOL_A_COALESCE_RX_USECS={0x8, 0x2, 0x80}, @ETHTOOL_A_COALESCE_TX_USECS_LOW={0x8, 0x10, 0x400}]}, 0x54}, 0x1, 0x0, 0x0, 0x8004}, 0x40804) fcntl$setlease(r1, 0x400, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x400000, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_ASSOCIATE(r5, &(0x7f0000000bc0)={&(0x7f0000000ac0), 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB='3\f\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x28}}, 0x0) sendmsg$NL80211_CMD_DEL_PMK(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x38, r4, 0x2, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xfff, 0x67}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x38}, 0x1, 0x0, 0x0, 0x40010}, 0x4000010) r6 = socket$netlink(0x10, 0x3, 0x2) r7 = fork() sendmsg$netlink(r6, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r7, 0xee01, 0xee00}}}], 0x20}, 0x0) clock_gettime(0x0, &(0x7f00000064c0)={0x0, 0x0}) recvmmsg$unix(r0, &(0x7f0000006400)=[{{&(0x7f0000000800)=@abs, 0x6e, &(0x7f0000000a00)=[{&(0x7f0000000880)=""/27, 0x1b}, {&(0x7f00000008c0)=""/208, 0xd0}, {&(0x7f0000002c00)=""/4096, 0x1000}, {&(0x7f00000009c0)}], 0x4, &(0x7f0000000a40)=[@cred={{0x1c}}], 0x20}}, {{0x0, 0x0, &(0x7f0000005380)=[{&(0x7f0000004f80)=""/87, 0x57}, {&(0x7f0000005000)=""/82, 0x52}, {&(0x7f0000008680)=""/4096, 0x1000}, {&(0x7f0000000640)}, {&(0x7f0000005080)=""/87, 0x57}, {&(0x7f0000005100)=""/85, 0x55}, {&(0x7f0000005180)=""/160, 0xa0}, {&(0x7f0000005240)=""/152, 0x98}, {&(0x7f0000005300)=""/91, 0x5b}, {&(0x7f00000009c0)=""/50, 0x32}], 0xa}}, {{&(0x7f0000003c00), 0x6e, &(0x7f00000061c0)=[{&(0x7f0000003c80)=""/209, 0xd1}, {&(0x7f0000003d80)=""/4096, 0x1000}, {&(0x7f0000004d80)=""/107, 0x6b}, {&(0x7f0000004e00)=""/238, 0xee}, {&(0x7f0000004f00)=""/66, 0x42}, {&(0x7f0000000b00)=""/53, 0x35}, {&(0x7f0000007640)=""/4103, 0x1007}, {&(0x7f0000005f80)=""/233, 0xe9}, {&(0x7f0000006080)=""/66, 0x42}, {&(0x7f0000006100)=""/133, 0x85}], 0xa, &(0x7f0000006280)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x148}}], 0x3, 0x0, &(0x7f0000006500)={r8, r9+60000000}) r11 = syz_open_dev$loop(&(0x7f0000006580), 0x8001, 0x404500) r12 = eventfd2(0x1a2, 0x41801) io_submit(0x0, 0x6, &(0x7f0000007600)=[&(0x7f0000000580)={0x0, 0x0, 0x0, 0x6, 0x9, r3, &(0x7f0000000500)="ebf15418cb098244dd622da741cfcc92b28a473477ee554ccb9a2222acaca55d9df578d02e6a0f675b79b182b9a543c6c23929f93ee3ab7ecec1220d8777ff9646c157a2630f79e6c156b3fc4b6e304a9346b767a5298b11", 0x58, 0x3, 0x0, 0x1, r0}, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffffff, &(0x7f00000005c0)="f9b04ac825f5ed47decc495f247a65bd148880a3482515552bbc3d", 0x1b, 0x3, 0x0, 0x1, r0}, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x2, 0x6, 0xffffffffffffffff, &(0x7f0000000c00)="311a0176779bb8a5782d5de466dc5ed53bbd72d0804cfdda61e469ade78cb6823934780cffa0b8be56c2bfb3335dccb98f486133d510d193eeba87d626ac1a9032f4a917ceb7886aa5ffa4eafcd3cd76421f94fbaa44bb87f2cb64d7188daaf411cf6fdd716c748a4aead70b5e85c5bb97bf06cd48215ce3ea828a85def05e999f7276f00510eff45d9e3eb754c6b609a95436d5a2adc2065a003923a18c808e4b0d1aa38f2665b7e1f31ed190a67170b6fb7a6035915beb624a9dee05dfb0b2973fa3ee021266706fbe6d5b6ed8ecfed2fac0f83bf4a412bcee8668fcd84f0a38590720bae502c9920b58a1091da5c8a0e2f55531de6d5ae5f592b7eafdbcc3060ff124c222eea9859e51116a91239e10d26e5a5e1ac3b992cb3f65c0e512c1e2fd843e7be9a54672b472832ad66e04794fd69f9d55c8a6a3a671a78c38644998c0c36c126d3a5bfbc2ba6ee402c96f4462b4d3bdadd71cc40b2ee960ff1ea0bc2f59354d06c2bf99706f782ded2f63ff523ea40a5b2ae4c3733787fb7d3f76e30dce429f658322cfe3d9f5bdce2b80a50d66cb024d163dcc3a8f97a225e1c0779f741d8c248a8f55feeed86509fe177752d7a50cf29cb800994bd909ebc59de5837a74fea4f008c36a6d623f8d4757e175d801d460becb60cd425cd841e1f368078e203a802e6258c8aa6c0b9c1de6d68d29d7ce53d31daf6719b26508fa1955028817fcb5017a209e528f52acd1fdde00c03bede817dbf1636b9b718e0c885c245beefda740d80fbe887c12884a3a3b63c1af377ef4cf14c102ee65fea30e00a421fd8918ebe303dd9717ce5b49b2a010545ffbc9fd21c2e26cb3488943fb8a46d82b6f7653504a21f094c5bed5595d2e00d9814be023a3021d5605e36f6997775e3d44c21a80a783266ae5c836cfbe4441a45270f971dc56baffa1d85f5e754f2534838ab7bb3d70248c6a709c23e00c9a1f6248ab7c5bb9d606650ffe10e6e72f4912807ce7a3d7a5a95fcfa65c5dec50c2965a88db8a4df04b539e27e6ca5865de12c4541c6a9e8496238f4b8a489fdd31cdfd87886291ec4bf88c2a68f4f130b9fe330bb410ce39aa59d778b014cf62bea858a163c4bd8c586e025e683d82efc24d535987995fbfd9745e8dde831d1d97e3a1bafcc7952685556192829443847c943a4786da6d620b0c0bc643f1f5f952dbf672d0d8969581148a1f4fc191351781e97282c013f4d6456b2854cef8a03746322fe61b8986b17ad780b756e26d7bc2279153d81685482d73e7e9b96e17fc930d68bd26182ab2a34911cf8f81b153128dccf43497c59e026b47a3c02922e2e25aa77bc76b59848b881158523942e825250744ecca3203f49472fd62248b3aa53c65405ada5fa1269f4589692c2ef028197c57bf6442ae197f1ecdf43023682b29012156fa3527bc0450c22abcbc6955588ddc87506a5155f7a3a1bbcc963dab9aec0b4e5ba742951e755e338e446062996065ce3220cbe6b65a40dd1584c3230b1fb954dcbc981a5551f6e5123d5817110312c57102322173486910bd1b52cf6757f7eef31fc81307241b46790df608dd71936e2b25e72ee588fe5082cc22ff99c564e62baf666551f4847929e69dde860a3fa4a4069939c512bb1b1891a5fab7f6a614db05eb46d082e88dda6ca0147ef16c9bbe2ff80eecfcb2dfe4e1ad1c0faf8fd7a04b0d274666d2ea9954915935abf19cb7001f4360e26f875213c4330649ab470a2137e663fe0a75c162d0fcbfbd0cc3804545695d6e03ceaad18161228b59ae7964e48678dd931c1965a7f2e2e53e917a86a098582830cfc5db1fb101d5e8955d57cf6153078a89eb15a9be27818fe2f40506123b7ad34b8451dbbaea75ebb2bf7d746a0e9d249843f4978777278a57d973df2865e09a95c2430b569e9966a3b1bdfabf4bdc3d5b41761986da1c68c5279d78a08cb839eba838b54eaa413650fb8494ea8c4dc5804045197658205ec3a50523c4f23077a197c0c93e9883d2d4ca295bfbcc47a6ffa09425e0413dd11377e611f60d1474de872d4797874fca03304043832d3cbe4315fc63968f926fa3cc7690794f9a34ca8ad09bc4881bc77a23687af7c4183851f4ced5ebc55a21c2cd524fabce4cb7798cbef5de657ce425ee33e88f7b2cfe8580fee30f2e16bff17318664fce1c9ebc3ffb4701995eacaaebff1228a9b17a6a11ad0144b945c1b3c7604b64d4516aae1425bae52468dc6a42952ba657c5e4ff7a7579f43742344ff56d97f388db9155bcab1fc089997e848d012fe478280a57512c9963e37a20b60d0313f262ed9709f27e21b472e66ac36c6a339715ebebc830089a4faf0f106871c76a4a44cd2bdb040468259512753b7f3e1f7916e81689deefd7da42aa4944d7fd4bce443557641af3648d37382cc43240fa181b285aeeeb7d3525081abef629186e290b2c8c401038fcfc5bf3789b5232dce16dd4145db128af22cec7bf6b80bca23f09803451e29ac88de16b6ffdc7b9981f2db7da91e52dd373d0d218a254e641d48b2d0ce3672d1af3bebdee603c8140acb5a0063711d0547dad8bfb63aa0a43730b1838cd7dd6e0088d658dccd4fe47af62dec62b10e52279a2312c5caf87ff89145b938fd1fbd79b8090f1aeb4d9f410d11bf8aaba639e02a5c82af90b2d99880ca9f8d03371de9b38cb107e0edd6567faec76821e9b3d493602c95fc9737c6e12e83770190bc385c49bc2cfe5e53178e768666fcf9c8bdf4d1f694fae5f668559b07dd9cde9457674a84efb01d2bc96aa819199da33793eaaa0fe5362abe087d055140226a1cce0663e6bb97abd02fb77d1accd852aae551dbab61ea075f7ce11e575ab1d7b6648a5a19c8a95dcb86e87b07fd4e5087a09cab37ee6e4d8b0a634a29562be2dc45ac39ad648e398696f11497122dfcbc4a9852e60bad6ccfa9047e96a9108ad95dd9974061fcc2501088c446a2d9b53c1a562af275b1e23aa16fc1a5853ea05c488f686561a9098167bb613e1148db50b05b2408165c61a28c22c6fd837a602653860517216f91e56433987140a7d34b598e0fa7fd8df5a4239b9649b8ba8d98061b2126d0bf4f419d334f6e8b1e69300fbc8f8eab83d7cd9b95479bd221aef5c1579cba4f650dd43deae6408cf05674d29f1955f5cfe15c41f84428b8317fce8ec2514646bbd9542f673bc1d450bc1f07cef76a6dd80e50847c9a2acb1d1ed4f436793f5365cbfee0db7286f539bf555a9f3efe57488e0abfca4df1499c84996b242f778b127def1cbcf8e9080dff452cd758190ff6052c2759b9e8a815adcc8209cfec9b2edb3ad68645b461bb9b8cf64a558df87dc6e650b88c1954cc764e0a311d1acee14b743d8cdd7ab3d81bd79945a0e29ab00d16da2a9c2f64942a8a8c9c2a0a0bee606c7de6233a7ea08fb7f12c35cb51c213c92615c715592e05e3c43fd6ec653d72609a4187f90ac70ca522392de6e1c93f47e2e2fc886b9adbd2f808cb9a69e92328caad54c237886b9f102dda3c4b024ea665088a6343b41e40285f402136d39647cbf0cfbc5a91e54461eefee742dde390455deaa2d3750cf46b417b2468cc2b15ef0b02f117c4d5dcd9d63d1e2a495c34548be35013d3de16cca5141eae7464477567d3578efcd41884052414ada5c0766c221e391b621acd4b80ce13b0bbd624d3946486b0fac0831e5db531d6928e481bf4dd90764962000750542e3756394dcecbc07957b54416eab568fb890c6c45d777a62396a6a46183c2e31570d446a417eec1ae5d61406512ef7235b778ae1970ec7cdc4b0979dd91887c97b814123451fa5c69ff1e5a1049ff324c9e577813d05be70d37bb2345349aae9f8ffb5aa6f344110dc136eb8c2e1c00d1e6db9bbf4b919ad83ca7aebf152534fbabdcf7a2e9fd89cb0b16ff67ce37f73daf2c77b9d3524a7866d839eb6f8305cf96822f80d384bc75b13cb50ca0ead026b84099b6bb2696e512c6baa72466808c83282d9a2f3acc60507a48a0a5e5fb09de9fc0b64fb9809b890ecb52ead55b6ac08709ffed97f3e289d771128c42fb3bebcf1c5aa17dcf3fa3cfdfb4c9978d18a7a2917f239e7bc2da35aecc9f364eab76c550e9081ccd1a15dc4eaf3b0a2ce40df6fb8902c060be3185ebc138ebebf30b75f06dfdd1c769c3fb3dc27ee2dc0d5492a3849fb6a0ee97d6866017f71675057f0a62ecde03a126655c64415719f12dd9cbb590bdc6aad54382bc9ad57d394f9d0224c18f738591ebb1681858261cb0574809956ecc0978bc5f9feb4ae096cdbfa62db8a112d2e900fac3a795246c7b119d020b6b5b453f738d5c149d69f798c5da0263c00d18008d1fad156c853a1fdb6954540ff8de6d8e55dac4fea2db9ec1de82a2a99e00146eba70fff60731ed64d79ca70f75eb2d7e532d31e9cc9e38b4274f4dd84ac76796dbec64077753f816d4fb65a46ed704899cb99b06b5b751f3d6e5fb06ee9f96b84c7b71b354ed1fdb1cc650eb744c16e9f4d2b46f1eda99de7d67ab11097c104c532752070f9cbed1aad3f262688854848e5c203424a2afe2dacf797d47173809d69db06c255dcb4eccd93ebd576b567a8c3729ba42930d9a2fa33d46d15d4189b5068f7deafe1d86312a03833dc0f6d250d4579a8ded856e70b8e6124b0702e289f12857e2a8baefe3f818150b11e1432144c2d9d1c2b3f3356d6df278930062c8b1e6c32cf9e2e36cdd5684ddde5eec194dc9264e7c15ab8aa4f5fed825760c3d7af009fa5eb88674b8802c74a92713d678b8f733a65e552ebaeee187ecc35759b2b047a963206834fad40a4dfc041ca38cd7342e2fa481dd90220c8981adbf20c1201b8338df7f9df620b7674f09ef58f2516ccd237cd0915c8fd176fd5ad24cefb80fc9ef5193de6b0f9f039353916eef7a5d32eb6bcb3c4c41c1920c48344947e3bd4ccc453151fe5df540215ce6c675d3ff079c131c37d4e5fbc76d47a529c741569e409a091322739df512e33d5aedf27b70f6640de43efbdaed01cc24a4dfc723a7e27028e3106f96f0d2ed995291e83eccf817b542d0d61bb631774da7729bdcdb0fac8fa8c61b349d5de6832f539763fc6c86f5083e5cda1a7fba00542195ff330ed35da51013b1f850e1d5ac28c5d090c80e5eb42d59a30f5dba21e77e1ddd53bec7fb672a264a36b75040b37e402a3f4228fa6aa8cae1224e8913b9b8f96c6e3dfb0de621902adae7000399f5cfc2f7120abe0240afcec78badb46058f858aeaa98546d485bf5bca46bae0f7ec9749e029378e32c334a666b2a2f8dc2e6e1b12b0230c691e0b0a89695e4edd44ea964aec02c274d054c94e6d9a952482928ec17772fe288b05a47de473c87de265021382f1770ce338d1a156f4664ace4f2182fd81ee1e691645341864a70c503ebd647c55ae86c8db6ae38dcc427030e0d9c8836e49e818e2d771cbc0374d12cde7fd8a9cc32e61cfc81eed79b99bed1825209e2c81f1bb19aab01521ae4bbcc13dcb87d44069b325ec90b437bc6d480b8894ba7f256cc4264b4f0a0db66aa57ff9007b1fd68d51c9edd372a2902aa316d24122595c7c13da8bf713a925172ef47d883e975b2dc10785050f33d8e89ffba11afa87f66826d1467ee9f843d19503c0f0d0fb70f5c39d3d2700bc560cfb672d7be6ac873c72671466a77ddac64f7150155bcdfd0f89e6a324655c6a60dffd1d2442e5e1248047c8b9ed6229ba3b4f64c68f8087c625a3757a2a0842c3fede04f82dbfd72705d47106db", 0x1000, 0x0, 0x0, 0x3, r3}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x400, r6, &(0x7f0000001c00)="1262e9d025f7882919b012d41a2865e732c0cb53a2b438efeec12be7d6dd0ccaf540afeee0851da16da8a9d4f9d8e689cf2ef8944f481380871f6324ad91ca15e3a6d2c5929743b92a21344a17a58e3212e762a988315ff1e9f93a3262f1d74d316a23b654a60a81bd5a23ab267e6a99c31271190d3ec2ae8d59a0882e60d2e53de8e7894c5b632e0e780e7503a1ec04c3de5eedd3fd0802cd0600777da475052b366e7fecf892d92a5aa3d22d4d2e56b1dc144e759a8a57f543a090db0ddd2a5dbf1e36ccc39f931eb92e05f7d7f497d7b94972ba81b62ec596ef5ca1c7e33fd2284faf8fbfafb73dad3be20b5d87ef2de666a03f1cc93c10fedec0dd0f84600e80e711a927d7536d24f28a17777928e4cb37d7681602f4a24726221a222af165255a85f93ed9b0ee76b606826c33122cbcfcdf90206916a88701a90ca5654a2865a0069ddf30877d70ceb41e4b86dd069114a2eeebf2df7ec46957588949e53a456dba2b3264996a74a1eeaa77d41a4c9032a07ec8aaa36c77747a47d09cf357437590d229a6987f6cac1bef0c3dfbc4265fad6064562b383ca0607a2e76ed2dc149a9ca750ea2bb8e3425ddac1fdb290f6fd2458d656d35a780a38ccb920f7b2fd89614f4980ac25515908507871fd555da09e307e0b62be73c08cf0e22f622eb577ce6657d36ff25811ac1c775b78ffc0564d32dd3599642869b2bfbbae33dbb8f00374909f04a245c9a8b68a220062f041133a6802c152124bde2818eca853643aff85f558b4c795814030a13185fec685f19700fed042ba2dc201a134905214ff4738d938db512e1cfbab55c334d29485529d42b49fc3ce82dbe51f3983ff061399a76150b909098837fbd717ca506990f6f6321535b965c78ccb641ca5afb7e13259c6a184b154c6e522d596c224fd8c4d8e5a92eb7e2905aadb92221a296ecf244a41e804c6d86b805096188d58f6bd2da2a66f89bf6c09717b5fa51454cc5c378500e22c85953a622f7655521ec48e6d5d7a3266363dd44f057ecc408bcde26654635ef2e3a5c3faabb13e6d581d82b79ee674a3cff9cfebe36cca0eefe7bf15c6607feb43a15b4e95a526bbf5209059ac1a0fe33eab537a8689300df2466d0d5d23a9ee543271c94d6196684cfa8fe31ae8e1b213cd6f9dbe749e640ae9cf71fc8274c9b3f0eae39a709402f6cc18e103dc9a48b93d2bfdf3f166ab3343bf27c0027986eeec700a43779d86476c7c9509c6bb752b6b3b3a6aaafd6a2008c924d491310ca119cdfe400c86d8656db0f338fb2139f4dbf5914b87782d1c35675a4086c269e8597afa5339728b2b738dbde36849d44b5c4df414fee9cce424a96043fc4d16d3ce56a0eebcf46e178ec448c23f47a9a3cd39a77beeabc99977c1b0f7b6f2292107ecc502e53b0eb67693e8bbb716e2cce9ad76e20a940a71f2aa3a0889123d871257aabdd12f5b05dd1c07fc1d33ca535dda1807c69cd9a98e91ef933cb6353497b3a3e30886855ba2d49d7b6886686224bf62bb7cd3b51dc4b8f63aee58d40a25697c1519fd9e246126f25f222be8f22db39a9f38b47fcbf6df9d7192d14c8e72e5d28815f1c9ab7466e98fd2c3dba93aba9823202fe0fa726bf29a627b831aacbb7bdbac30fc30a5fa5035c36173b6ceebdf9f749ce8fd64b4f9cc61c6725811c790e70ebc4ac1a18804acf52696387b3560099cbd61814f1d351f342142edd39449db2cc94a26851b9fa25931f67cab5b22150b62941608b12e0f63c4090e6aa26c8d12a0d0c715c5500b8aa2605226a2c86734ff547d85aaee3aa3bbedbb3869fe0cfa97ed012f105ce07802c1999093c2fa52e5742762149118ee49c95f9dbff98e5d18bb9e37ebef59d592fc6318d6c912bf4902433e193900da5b6a0e361f5b23e9da3bc2a08c57ecbf8218ddda114ce8df28dd75d386fd62cf0d6f8a4d6c493fb5e4a9a05c408ba781861ff7d1fd6c6bb813f4100871c41d39c1280e1af40809b9987ceb7a5576eb7c149f407a4a79e06a004bd5f027f6d2ba9d2574a1b27650338793a50655b8c666ba8fbf840fcb825db9ff9e70c95807268c0572a87578e7972304de0de416fbdab94cbe190dfef4c896f942ffb9e030e365d3104a999b2eabd3d801c70bea29309db8d4f3fbede3f54fcd063e7005d6ddf49ac9cd2105f1d9c02ac80b338e5674780749f92c8efcf6b77c11aa9f64592d8ed69fe041728feeb0fcf2fbaae6d05097ed8699453be83a26b2336fe8e3964bfeb3f45fede9ae4dbe0f88d726d4e027cd1853bbad0165b7f45c2e7cea84e10eed193b2574cf1e182a2eba81eb730a969960bd6465640fdc8f9e28324be3b86dc6caa7ab85e064f23d7f96f4a5fd2ca3a2234ccd8daf74dd6ea631a470906534501eb4a9f65f93ddf824ad0cf27718fe939f43383c41bf04a3438a8493d75ba7a34902955687d184275564056a592acaf225303d4098a907881d774a007e89775dc3e97984e99b25b4c79f4d4fefb3a2671ca1fc2a391fbb84d13cb6c0c85bffb2f5caac94e2fca040017e9e331d0afd643d05ff2d2a92bf4b4169d53052b277c755eade42f7bbb630ee013d4a31cd9b13fb81eb02567de282c705b429ba4a9469964838f5c25e990aedd7f8bff47e38bc40eaa718451e9da23b9523c55178ac057840cda9b9fbfda4f57b4ed9cb0ce3c086a9cef86f12038c5190df22f461546ff90e7d6df3c128982dd61411a5b95b6a39d38e64989fbe0480adb02da6d7781da0695c28b1994f193156bdfc6d4fe75d3de8c5e6ef2ebcbb7df823fa5546266e1decaf717c07a3be53afdb004b68e1c7ab1b0001c24ff578376de5c97792ebe2f04034454a5231746397dcc0ebfa9e069e4e33e365439b619ac7c734229a50c7dbce64627a6ca74f39e7827f973f068f7279da681730a6afee8237e63a338702e6d58b7804c1c5b4295f5dfc2c2d7bb4857ee8cd37c042af73ddbb2d7b25237e24361b8620f251ba949e019e42fae85d3e9a4426e9c79e66112c480e86c262d3761e0bad1a2edeb87a36c8a21bd5f0a34f717d5ca6a0b379b6a01aa322e88bca6066eb41785dc3008f4d4bb60354f931e68243a9462de7eacb8dcef7b7e1b80f6e99c16802e65dcd8d67d4851dce9480615c165d8e699dab37be3142ed6c3cf088535d9504f758eb660fd3a704fbdf871b82421381589731d685fbceb8b92fbc7f5690e076b48d651f3c03e2e61b351f2fcddde3ba27c0e7b618086d26205abccb38348387434bc00e97ba4e5d113df00b03faa6218f1fead9be7b69db3ee25f8207d06249ab580c03e3ec81110525bc33141624111c59d33b635fdc85938b3fadfef3d2585d751a4ec12d9ad11d8c4010105044a5ec8732f74b5ed9fa32adde27db2f37139a079fd4af5f550984369fd9753b364fc97a20225f671b6483ad568e2db475085cd1a17ae3ea5c60be0c774c5b7941cf5ad09a064366f600a7be8f8a2f8815f7ef38c5b2b43db365f0adf8fa05b21686a0888952a12d360db9d41cd13f05c0598c1e93168687fc4fc13cb39a574bcca70883aa7c3532d808595bd89588e035d4b9e0b517faa791880413699ffdcb397024b90e12cf59aaba6e38e5788be68f7d0931023e641475bd0d7d8895911f23b233fec9c832921f84738f5bdcba8576bdc53d639ab4bec6c2bd068d6a921992b23f139f69f9bd5413fcf825fc775960764290cd6b18243bc7139a198dd1e26915f3bf0fd20605403531e5680e7482dab14d3bc11a89cae60900b21057f2434667ca39f6120c95998890871d7554ed4008058d937f704b9348d03822c576eaec355b0c558f36116571842c20bd67e1aa441115653807d1a9f0e8f4fd29ce5671ed864559f20ac2c485d8c42406f5a2cc355568f2b01b53390bfe6d238e4e8bbc611cf5d5333129bae4cb9bad2a8598c41a7a0912e7c7eb363d019b426ad9322663bca4ac32d6e25f83301371f35155de2fcdf24675e75477794efeaa418ee974f91aa478b06fb6f1e1e9fe05ebf326142b1b2f64c99be9a71b640a9ade2ece16df450713f98683778ff26975d40b7280573fa432cb6ddca37f591c27f3da5b1398372a46d573854a6c11d06541c25569ac61c3bda79c5452616321e07c092ab459c138157f95e39624eb50442828648ce1cfc64dda0e9da69ebe4cca319b890e5c51d8b8f6df4cd126c41fd621c9494339aa655b26acd0e2730dc44c411dbc8786cb540cb096e1dbec9ec71cd859056a1be52629f9415fcc48bc68ad99423be295bf858b422736c7bcb944eb4142b3840942be70c91d8d8a78e142e80893c7581efb040f565ecdebddfb811571e2ff2a15ac825760608a585021290d77a567dc7ea85744f7931d52215d5bcfd9474f42f117adcaff486bf6b32e9d985d37cfcd1cbeb5ab9a0c73f200673c9023be54a2d0bffa1f0e91180b8ba35bf9639f44f2b5104db70225189701b83e84b3da69c82cc93968bae9e93257d9aa75f660e617adab2b8bf049bbd8c5e0befeaaf17fe8799734c2ca3e5cb6433b68cad641bb16cc056f20479762b1a386d449319afbff40fd2f33d12b1b13e4c0ed9da804326f46f8ba37612bed06246865c2c0d3f86dd4b28c6e868b8ceadcaebf1f0f1baf6d2455db48268edae86cdfc9edf2868233e81353050b9dba8fa7e4ec1a622c3ee8df15983da6da730f1e9501f04fea3e0b7924604c1737f8bed4d2e8bae3c864dcb05b06746233250021244530032a71ad31d7ab07604acc29408e70ea1e6503b05fe6ecd10c18f340c25ecbb82de5fbea3725c1ad638532b0f39bb9a77955e4c86f756c2ce5f0f09b3baf255f5ac96d64b0a756b3ae56ac81d5f05270139d5f52d2c131f9d871ebdb1c55df86691c851122cd0fe527e9e0c74cc07b8d1d79185f2d70ab2e495db5eca8bca14cd658c2124660483a8e143ae20abfbec8138cae84367b4404a756757735b5263f500d7ddec10aa661d3b57e4e794648d1cbfb88423f0cc80bf46a11b1c62ce2e7476398913cfa93b546c42579a6a9a9fb798b84ee95c0dc59d4586ed143b7cb0dd3bb7f68934460beda77bcf60ce2e1531dfc71c4d6cd2120d2f913e55dabefb103e93270c1e674ffc5b1ff7dcc99c1ee824f0d075cc762fd2e971288e29579c23cc1e90cf31e67a5ee89a36c220536d45be54e0ad54b35280c217110ac84b12b8a688ffa74f1dcdc9d704950bc64ac9d04b2a5ec1d07fc4e56cbb8cddf31c02bc752e0406a709c213234689ef9b9ee3cbe38e9a1cfe868a9e19bdbf13e89509f4b721bf90f178fb9cf6159318004b614ec1b4b872284274a6fa6ab3c9a393462a28d54cb5d7fe3fefe9088cd50d02b1c9046251b89ec86a6ab8f8e342f2844e3d34bd401e963cf924a511064ed3ef7c929027a6496ac1aeb4ca975c9007af2eb86757ad5dbc504ad74ef7c53a231557312062ab6515d8bc1eac77de15e62b5b227066a4677632ba7ac5fe3e0840ccafecca35666c6ad2eab8ea0aa5c4d8677c4751482f52aafcc7e9ae926ba7dcebfebfe6bbac8229b5c0e706198c201340576be89f0c73f45874c6004e045e3853f94f3ff4530557b763f0fb2706a7501a4bfc7765fd7c3c81f5c9912f5095c502bde80cb1330375751984a25853afdb5720c12aa1320c79195cc2f244ccf8ce820d9f5204a8b6e7b4465aacffc94d0a56400de49800c2e7947d5a10c38813cecb947f001e0379c9f69bc60da6ba51320669439255747d889d1ae809c46db049ab5626ceb9af172849218f", 0x1000}, &(0x7f0000006540)={0x0, 0x0, 0x0, 0x7, 0x81, r3, &(0x7f0000000700)="4ebc107bf5f775905e737a74481adbf5899434f7f2011ce01aa1d76e40262653493516a62756fb41a4105f781e14ffa0318c60709a0d709ba7a6238cc93a76dc45e0c835a26763d6795a4e2872373304ed78460666a4573ea3de1d336438e26601716ca7b3bf10f304cf436f026fed48dbcaf26c54df3ababd79ec61258a079d8165e9efd4021fd91b7402489cdf160b4f86bfcc991fd9044f9443e13bb32751acf7d4b57e1d5e410b8f98d4268c38435ad141ac79e9159da17c2fd1880aae0425ab838c09bf0d979656ef15d14dd12c717304123c34a5c8d85546539f0e478e4aa19023e617a4931bdcde7a357e95d723754fc29464faac425c9bd11f59", 0xfe, 0x1, 0x0, 0x1, r10}, &(0x7f00000075c0)={0x0, 0x0, 0x0, 0x3, 0x400, r11, &(0x7f00000065c0)="847f227f43df3492996dde6387e83d317aa87b5604af37a5794565e95caae4d09ef136bf975237760b186532667fedba94bce1089a209c10ac17614672ad10d7fcee0339eb8c61d52e7972c1a7d853f3f212f0443256d77e92166ee126321e881a16959a0b09cc1ca42783c0102730511f77404ace68ae18f82b831bae7f8e81e2642fd73f8a9e63f0725d091cfd4eef803687333c69f2bd1b9aefb647d64d3520819ad9eba16154536ba6605ca1f0f4b5d506c210ea776b868f6f576350c6d3c6e8ebde53d6ae7cc8df3eb467d4cdc427d8266ca15b9d029e0dbd381e53ebf24782b77eea116cae5bdf6ec6165555d4b6f4e9a9fcf661c7c59e184d85262e2597e88b95e8dfbd1139b1950548572792e7896c9bc54946d9ead711bd80bb4c7614e1a9edc3ab62f7b56d4a352dcbad54bde6cd00b103a716b0c5d6df1ec8a577c2323d47f289f49e2f8632d549bb49f0ed083d8af8b72681ae33c807058813071a44bfe718e7d4f4dcd422fd7afa58aac05d7166dcb882b63141c800efe1af3bff249ceccd5a726d268fc1d90bc450db530ed6a2dc52c6d309b94bb350709d5c370e8129c35f500962afb6cb94c10ccbcaf7a50f29ae35c64fffad02fc2ec14a3185da78d661d6fc33500be87ba1a0d58d209fd862cebc5c6d22b18fac30864a9b43eb473dcf773415c23cabc87254bb4014206b75af6d5e9cb4b01b86a387db4063f2d885a73e4acbfb74e20800e418c1b92be54e6d330cf17b9df58bf2a30a2fbff6d046c7cb727b801ef5684ddc7be45db415321a0b00c16c24276ced82010cda8254c76b58a9885727704409e9b1bd7652e7619c60cfbadb80618aa36fce6f108780692d4abfee8d964ff042ba8db0959ac396508d4e3a42be7fa85fcbf79cf61c08b9132e8dcf97732f7fdd9c44f7e12d360c696b1e8587d633871c9b4dca5647c12f3e27f54c7c7af28ba4638f6f2753b47f9adde320d091dcfeb34926e26091b118f5cbd9edd2bfbd2a2d80e0c171cfa9e0847ace27b76cb9670a238239bcf8df630132adcfca2bce8dfa200681237627b12f8d93cf0478848116a7743ddbee0c0cd603c0c943140dbc77983cb1472602c2fc12c4d93b52d833cfd3ab00ac977fbcfceafceb2f2f04ca59b7cbe2562b972be4c9697f39b83d48534024fe9cdb9f269ec867e02f323b7cc1c238f5f6847e4a28321d48a0a4ac96722e8099480c3bc71fae99804fe1c9b8b1355758dcab4dcab0063497ff4a170b3cb9ce6e59835e6ff94742bb8477eb4a55b389de6af6ce0b6029df53a57692f724545e76342820c001089aa5b75c1feed00d895507e1407955bfd62814847f7b9eab7ed32e0f6c9b548fbab743ce0cd7575e0a8453c76d699babfd1bb6d3af9fd9697f055d5d9d0353f2a05ee990787db8e57791105fd5322ad53c661a7e7c3e2a565815034c3a870138f04285d00c468de1726be3ea17ba419d53c07645113c7dc1c9c18cc0fc6498f84615e523ce79d3a460cca085fa4d7959571e9dbfdb3550a4520ece9d6867a219df2cbce481af9c0f81381e07514e94fc651b914ab9df039d039ce8ce09258872fe19bd83adac7b8af039c52e5aa8fa2ba0151e456cbb5cbb65174eacf214962282b5b6f5b264e7b89d2b236eb5797bfa08afe0abe3d9cc56bf6460bebd3a630ab1367a15ba9ce0d511d5c81c8abd20d1c3762518e6c25e9f7d9adc884b6ec314ae63be6474c2352c5b136ef1a6bc28a2cafc76c2776ba24efb00a15b808097297a948fe6528c3c1e606133946a066e717728341d17951905b0ced8d18e13592021b8e00c0a20a2b9c57f68b7ccd565e459c1d461cebf90b4c3d2fc94030c851b8a2580346f3ebc5e823a9135a181df6720fd829e8bd89d56de1dc480e9fc802628224a6c4cd65557267685f64e98f535e8e4a440669756104d5c272a13285254c6a8309f0730773f4e4ac2ea9106384d4c396b95b67c7f278b9dd144ea5793f617d0442210c673279ebc43e5d8d7de00a2bb6df33d06a50bb63a07c3955341e2db38e21b28a59b054cb6e8df09e56d815352da27ac2dca616f59e103e4aa6cba521357eed198f8b6f759452a53fb74f8acaeadd670b17b049bb597cc619f046b5d4f74610dcc1f2b2c65f76f66e1aa767c200a21de77e19a94958953546c0f09172f84530ce8a2a35ab8af194be3d23048363d6088a9cc208cf38fd45320651f9c9c90e038261e9a38169a6afd9eb8823641f930d449a73b64e0982e39f47480c60a8efa1c43be14e7ee7c9ab214d1bd8c43a0c6ab762cad6d29c3c07d50d0e6786db4b186f478c97b30473ee554c5a5153dee42db85f24101da0abf4f2aff7e62315d3a0f8a21e0f32c23cb9263b1ea15b58f2057616ac5366c5aac4d7af0bd2c5ea0efa3d9152644d54158112950a7fe6c839bfb2c429ea13484f10591586b9b10d687d328b8bb9a35883cacdfd60ccf7058c4aa2d545ece4506383ee91df7ad62a3603a5769182fbf244c45dc9a0d1a3efb573ad923de908d23b5a9caec5cacf736c5bebf4df2705db21410743dd3803c486b166b871f3e3740fa870ef88093079bb122bdd52834fae535917cc22f1c125e074cdb74199ada721aea94c73317c6284bbd1067089d97740235a866eca8fa27a69036486fe2c0c00aad0c35f2766d50abe74d30f12dd5e18f95e23529a74ccf837116a93c9c78c44a4b6a6f50cb95715e8198e4747b930fab412e921f7ce4d0e813ace100fdb8ad0dc71389d90c5f21dcf6adb9903cbb62a94442b0d8a2d09e0687fae963826bff5481647e164f2f0b8acc726c90e9641f16f83ddfa4a506a68c04534f44586c7972943fd6eddc1493698a1d55f21a112bde0f1ce9c0b21b56e066df6320523782b99f87be7545fc5923fdd5df6f95786c2c9a164c3faf871ee2f38820bd4c526196be7c2e8fe6d72b19040f217f79846194f6fc06a42e41dd0b629dc171ddcbc746d596e8207e91746bd36b07a17e9249d9fc950b445421e806c39eabfc9e26eac96f45b27d1b2d4e338f32d9a32791da0bed803d7e29b3cdd854b36dbde5bcaa34affa02d1c6372d08aa8fb0e25236e2c1e904eda691c4c646a728d4485514c148a0b5ae582a0adfec2cd2c1c9ee79525f2198d0161dad25cc53235b26baff7be0f915282846578125fbffc36593c9aae5a9460993533e71e70fbeb36e6af3236e40f7bb41d60241b517253443707b370cd5452aeba36c34ebcaf5e38b5f74bd7859ffda151e520af9b97c06a8f5949094e3ef2ebde2c99855503f7480a41a6a71bef382e74f850ef10bab44baf2d48e0e759489fe003f9bd547586defc580bca07d13f3b407d2a11863ccb6f13001170c226fa4025f7ae9ae45f74a972ea247f3a3e8f1b73b8ae7a6c510911b5a503bfb3eac1832ba6398659e175217db688c611ae600d085c464f0952adca2b7cbf13cb0722a1fe4243f7ae31ea84bbcc551cd56b138046cba1083570f3171dfca17f6f106a1565351b16f227441a389af84006c568b46836d580c1a831589fb9b8e11c22e3fcf7516daf23ba43c5fde5714f54f1996d529c59cf27ff3322f017a9f659dd2173726a6eb5462f92531fc1d88ff1f5f1f374ac4482b9883862046c21e01ba09d87ce6bd5991f3a3df8813f5e911f961067eecee5364c8bcd05de5c43062af9d9727eef51213455bef9c276c47234e4b82651293a826f39c4b8800f05ecbbd67d4a6cf5eb208f8c6ec0929b3bbb794e1e5eaffb99ee6842466df0f9bcfe20af027a03e596dda2ee5cede6dbce7fa776d3cfe09e57d9d74c096cc9b3dfc825e218b2f1263cfc78e579bb96d7f12c7d29993a9b0589013e5eac026dd059e4d6261f58c2654c0d321020cd098ca93863ca383bd83a18440a2fc18683563ba7280a9d4b4f95145adc08740fa46a6d03e0bc5000507a31e8481ec878f96c119fdfa3dc02899ef0b441b533c8844c2c3401a4b2b41420592172623c214ab4e7daa98ef753ce56f919c4ef4a9411fc2a21716e3321fd368e25591b7097252beda925802f559bc5ed563227c2a3a510932705a6adf6d2a30ab2938799e60185e781c68783626d2477e721cd727aafdbe69b7cb987df2f8da576c84fe6ee29db9489fa7c39fc8b3980eee26f8a50bf9790d8ed58cd777254d4b788572a0c0b2fcca5d8f006b3d3da5bbc4f5e2af5b4c58dd7a9652d59201b47c32934449ccbb858c3436769bf2239a06d50a3081efc925f94236541931160dfa85e4b31e6720d3c5d13354d53d211c062358f414f4d0c2c5d558807a5a785d42dad79c29f8c538e281b135e5e429471d02a32a384354e78e6fae32422de2aa7363544dc51c525bb9b446bca27e93f375b58c68c74bc4304eea012335f9a93e7cab20637ea5dcaed3654655b2a735ae5a1eface16e8ca66b42aaceed81e1f5950555755ac2bb4f06ecf4372a2051416840d225eab9a7da05e977b87b081eb1b7317f5a2f76e6d1bbf23c1a41463b0526c4b10638782d787cb4100ad418bb606fcd6aaf6568bcf2adcbc2b6db4c66d386091d3750fc72cf91f19a812667dd0e5ccaf61416ab04cab249be16af8a5f0b4bc74f97f4e727f773c20161c609babc1808bfa7110918b980703325df5588b83e8296bb3918b2308cd3d3e7053de239eb97be3eec1b031cc4524f6e3b08dbe4824d03272569777d7ffb51a44df963cba5a03ec63511649f235f1d1a4be6882a37e9465601d5de6e6e1f557ca792620173417b1a5d0fdaf7fa2ce93d6d82e4beeeb3d33605ec44badecdf2a465bba4a5433dc0a815dada9e464ae676c17720e2b9d6ca993ddf0ee7731881b6eb3e50ba62dab31e57357e9fb4bf686f1c495f07cb7c20c9fe316310f33d607f3c4e8cb92a7fe021ad6d941b21a2344f606feea8c6a1f52d530a794029b36270bdbdff61861990a72d52726a5168792df3838c54f58e88688ec676eb562f0335f5df180482040736862ec2cc816e3e3b5e41433b9afa684a07c0a0b9826dc8f0ad51ba6d6fc6e9c0c734388ee655d3daaad9084de63af5d934a0d080f46db76cb76b2413b7bb8157b3f121c030c352cb6370230438f64346e531a3b42346b46ead5d5767c28634783c73e30acb7144a2c089b43273b8c0cc699a0bf7554fb4f0e30508c8dc9c2da5d5924fc2d2e9d15102b85026856d70642c4b194385412e0a99af91c818ef1b96eaf304ba82c7745bded46d9805cba13f830378738e64c19bceb6dd36d28d7268a44c0c40474792cba9afa9726b0a1cc1902a140f5dcc6121c1525573ae1c174fe01e59802d2dea8ca10eff57b2684f8b60d53c8843c920f4260235338664e8b7df759832ed9249448c30e43ec9431a4faea3973f709179125419b1a30905a9cda2b4c34e755524944d042530667cfe3acd3a03da7070e6fa4277e76508dc4f1c74497b92daa28466e716766fdaf753763eebf8a592423528c52e2c3b1cf89d544ffdeb3424566c93b4260585ea69416d80feb46fee9f6859d0b2b39fda21f7bcd76ca6d04994adf009bef99b15efc3530f5d1fcfbe249e2f4a6683f5c6c433a57580da3c92a25b69f121c9c9a16f352d6cb96162c9e8341bfe40d5e0d980e5fe4f5e0b62a077a22f1ea365cbeaa5b38844e8f6eb1e49fbf8774e54eca03bb2329c6ac85a4a34433298e2351f5a78b5552eeef5dc98bed4d5caf1c96232757696b0df64e137bc383d4d751a00afa72ed6e942868b604e01759318fa1ebeb964b7bd42beb8d1b4e0e97242b27854fe32fcd82bf4e", 0x1000, 0x5, 0x0, 0x2, r12}]) link(&(0x7f0000000240)='./file0\x00', &(0x7f00000000c0)='./file0\x00') [ 107.721275][ T9700] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 107.721286][ T9700] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 107.799904][ T9713] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 107.800281][ T9713] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 107.826736][ T9713] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 107.826894][ T9713] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 107.964934][ T9728] loop2: detected capacity change from 0 to 512 [ 107.986262][ T9728] FAULT_INJECTION: forcing a failure. [ 107.986262][ T9728] name failslab, interval 1, probability 0, space 0, times 0 [ 107.986284][ T9728] CPU: 0 PID: 9728 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 107.986301][ T9728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 107.986311][ T9728] Call Trace: [ 107.986317][ T9728] dump_stack_lvl+0xb7/0x103 [ 107.986338][ T9728] dump_stack+0x11/0x1a [ 107.986351][ T9728] should_fail+0x23c/0x250 00:39:40 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$netlink(0x10, 0x3, 0x2) r2 = fork() sendmsg$netlink(r1, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01, 0xee00}}}], 0x20}, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000100)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000000)="1b9adcb7e78c210a6cc1fa4e120334933fe8fe5fa1c7f6108782c3ad19ff076ace7a4cf521a1521acde5a27c73b085faa27b99fdd2a9bf9798536f9366", 0x3d, r1}, 0x68) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') [ 107.986373][ T9733] loop1: detected capacity change from 0 to 264192 [ 107.986512][ T9728] ? ext4_mb_new_blocks+0x70f/0x1f90 [ 107.986538][ T9728] __should_failslab+0x81/0x90 [ 107.986555][ T9728] should_failslab+0x5/0x20 [ 107.986572][ T9728] kmem_cache_alloc+0x46/0x2e0 [ 107.986594][ T9728] ext4_mb_new_blocks+0x70f/0x1f90 [ 107.986621][ T9728] ? ext4_find_extent+0x6cf/0x7f0 [ 107.986712][ T9728] ? ext4_ext_search_right+0x300/0x540 [ 107.986735][ T9728] ? ext4_inode_to_goal_block+0x1bd/0x1d0 [ 107.986785][ T9728] ext4_ext_map_blocks+0x1569/0x1f00 [ 107.986826][ T9728] ? __down_write_common+0x42/0x810 [ 107.986844][ T9728] ? __down_read_common+0x16d/0x530 [ 107.986861][ T9728] ? percpu_counter_add_batch+0x69/0xd0 [ 107.986884][ T9728] ? ext4_es_lookup_extent+0x206/0x490 [ 107.986903][ T9728] ext4_map_blocks+0x70d/0xef0 [ 107.986962][ T9728] ext4_getblk+0xb1/0x3d0 [ 107.986981][ T9728] ext4_bread+0x28/0x100 [ 107.987075][ T9728] ext4_append+0xd1/0x1c0 [ 107.987090][ T9728] ext4_init_new_dir+0x177/0x500 [ 107.987105][ T9728] ext4_mkdir+0x329/0x760 [ 107.987199][ T9728] vfs_mkdir+0x2a4/0x370 [ 107.987218][ T9728] do_mkdirat+0x11d/0x200 [ 107.987237][ T9728] __x64_sys_mkdir+0x32/0x40 [ 107.987261][ T9728] do_syscall_64+0x3d/0x90 [ 107.987279][ T9728] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 107.987300][ T9728] RIP: 0033:0x4656f7 [ 107.987311][ T9728] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 107.987357][ T9728] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 107.987373][ T9728] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656f7 [ 107.987383][ T9728] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 107.987393][ T9728] RBP: 00007f67705dc040 R08: 0000000000000000 R09: ffffffffffffffff [ 107.987402][ T9728] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 107.987413][ T9728] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 107.988846][ T9733] FAT-fs (loop1): bogus number of reserved sectors [ 107.988859][ T9733] FAT-fs (loop1): Can't find a valid FAT filesystem [ 107.991303][ T1040] loop0: p1 p2 p3 p4 [ 107.991341][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 107.991353][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 107.991799][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 107.998406][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 108.056494][ T9753] loop2: detected capacity change from 0 to 512 [ 108.068836][ T9753] FAULT_INJECTION: forcing a failure. [ 108.068836][ T9753] name failslab, interval 1, probability 0, space 0, times 0 [ 108.068892][ T9753] CPU: 0 PID: 9753 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 108.068910][ T9753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 108.068920][ T9753] Call Trace: [ 108.068927][ T9753] dump_stack_lvl+0xb7/0x103 [ 108.068949][ T9753] dump_stack+0x11/0x1a [ 108.068964][ T9753] should_fail+0x23c/0x250 [ 108.068987][ T9753] ? __es_insert_extent+0x51f/0xe70 [ 108.069060][ T9753] __should_failslab+0x81/0x90 [ 108.069075][ T9753] should_failslab+0x5/0x20 [ 108.069091][ T9753] kmem_cache_alloc+0x46/0x2e0 [ 108.069130][ T9753] __es_insert_extent+0x51f/0xe70 [ 108.069185][ T9753] ? ext4_ext_map_blocks+0x10a8/0x1f00 [ 108.069208][ T9753] ext4_es_insert_extent+0x1bb/0x19d0 [ 108.069229][ T9753] ? percpu_counter_add_batch+0x69/0xd0 [ 108.069260][ T9753] ? ext4_es_lookup_extent+0x206/0x490 [ 108.069290][ T9753] ext4_map_blocks+0xa4c/0xef0 [ 108.069310][ T9753] ext4_getblk+0xb1/0x3d0 [ 108.069328][ T9753] ext4_bread+0x28/0x100 [ 108.069362][ T9753] ext4_append+0xd1/0x1c0 [ 108.069451][ T9753] ext4_init_new_dir+0x177/0x500 [ 108.069469][ T9753] ext4_mkdir+0x329/0x760 [ 108.069488][ T9753] vfs_mkdir+0x2a4/0x370 [ 108.069507][ T9753] do_mkdirat+0x11d/0x200 [ 108.069527][ T9753] __x64_sys_mkdir+0x32/0x40 [ 108.069546][ T9753] do_syscall_64+0x3d/0x90 [ 108.069577][ T9753] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 108.069597][ T9753] RIP: 0033:0x4656f7 [ 108.069645][ T9753] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 108.069662][ T9753] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 108.069753][ T9753] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656f7 [ 108.069765][ T9753] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 108.069775][ T9753] RBP: 00007f67705dc040 R08: 0000000000000000 R09: ffffffffffffffff [ 108.069785][ T9753] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 108.069794][ T9753] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 108.075718][ T9757] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 108.075849][ T9757] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 108.108294][ T9753] EXT4-fs (loop2): mounted filesystem without journal. Opts: nolazytime,,errors=continue. Quota mode: none. [ 108.143348][ T1040] loop0: p1 p2 p3 p4 [ 108.199949][ T9772] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 108.202013][ T1040] loop0: p1 start 1 is beyond EOD, [ 108.215458][ T9772] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 108.216906][ T1040] truncated [ 108.216912][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 108.217366][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 108.752902][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:41 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c0008802000020000", 0x13}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:41 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) setrlimit(0x0, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount(0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, &(0x7f0000000280)='ramfs\x00') splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x101ff, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) move_mount(0xffffffffffffffff, 0x0, r3, &(0x7f0000000180)='./bus\x00', 0x1) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000000ce0000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="00f8f21b898155c5b29417baa84fcb017da52536759be5b9a5ad765cac279ddcd255fdd93507deb4b25aac836d9f87067a956be5aeb099ef2c4deec240ebd61816b612154be124c46a4ca59cc746ab9fc8752502c30c52b891bb584138a240ff4cfb5c86938d1b714db26c6dda445cd856e0b82b03228efa14e2376e6123d60c221433433c694490521c3e19c05f8b0fcb9440f78a5fb314dc60e7c43ab48bf0547ac4"]) creat(&(0x7f0000000100)='./bus\x00', 0x128) r4 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x80, 0x28) sendfile(0xffffffffffffffff, r4, 0x0, 0x0) 00:39:41 executing program 2 (fault-call:0 fault-nth:49): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:41 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:41 executing program 3: fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) link(&(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='./file0\x00') mount(&(0x7f0000000000)=ANY=[@ANYBLOB='\f/file0\x00'], &(0x7f0000000040)='./bus\x00', &(0x7f0000000100)='pstore\x00', 0x800, &(0x7f0000000140)='*-%*\\.*@\x00') 00:39:41 executing program 0: timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x77359400}, {0x77359400}}, &(0x7f00000000c0)) timer_settime(0x0, 0x1, &(0x7f0000000140), 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(&(0x7f0000000340)=ANY=[@ANYBLOB="2f6400000000000000ca1d39c2c9371748c67ec9c236b0a778125ad848c2917b58b2ee804bd14fab87aa809670302a50b88854c12cefadcf6bb3538604b3bf73336f7ef33d2f05e3bbbf71fdbb8a6b6ca7c74bb90ea9de60c98e5870f93e650094adf7f80013eb4014b4fc18dfe81d0370141139a4d956c933aacb2426acbcad17f9968ae58a847573a3d9ada58b134c886beb8734fa833495560507"], &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='adfs\x00', 0x120080, &(0x7f0000000200)=',\xb1:-,+\'-,%\x00') statfs(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=""/147) 00:39:41 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 108.905333][ T9805] loop2: detected capacity change from 0 to 512 [ 108.907697][ T9807] loop1: detected capacity change from 0 to 264192 [ 108.926583][ T9805] FAULT_INJECTION: forcing a failure. [ 108.926583][ T9805] name failslab, interval 1, probability 0, space 0, times 0 [ 108.939221][ T9805] CPU: 0 PID: 9805 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 108.942248][ T9807] FAT-fs (loop1): invalid media value (0x00) [ 108.947896][ T9805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 108.947910][ T9805] Call Trace: [ 108.947918][ T9805] dump_stack_lvl+0xb7/0x103 [ 108.953913][ T9807] FAT-fs (loop1): Can't find a valid FAT filesystem [ 108.978372][ T9805] dump_stack+0x11/0x1a [ 108.978396][ T9805] should_fail+0x23c/0x250 [ 108.978420][ T9805] ? __es_insert_extent+0x51f/0xe70 [ 108.978438][ T9805] __should_failslab+0x81/0x90 [ 108.978453][ T9805] should_failslab+0x5/0x20 [ 108.978531][ T9805] kmem_cache_alloc+0x46/0x2e0 [ 108.978645][ T9805] __es_insert_extent+0x51f/0xe70 00:39:41 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x5592c2, 0xc3) fcntl$setlease(r0, 0x400, 0x0) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') recvmsg$unix(r0, &(0x7f0000000240)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000740)=[{&(0x7f0000000340)=""/207, 0xcf}, {&(0x7f0000000200)=""/39, 0x27}, {&(0x7f0000000440)=""/114, 0x72}, {&(0x7f0000000580)=""/140, 0x8c}, {&(0x7f0000000640)=""/212, 0xd4}, {&(0x7f0000000880)=""/109, 0x6d}], 0x6, &(0x7f00000007c0)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x10}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc0}, 0x10020) syz_io_uring_setup(0x187, &(0x7f00000002c0)={0x0, 0x80, 0x0, 0x0, 0xfffffffc}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000140)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x410000, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) renameat(r0, &(0x7f0000000040)='./bus\x00', r4, &(0x7f0000000100)='./file0\x00') 00:39:41 executing program 2 (fault-call:0 fault-nth:50): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 108.978732][ T9805] ? ext4_ext_map_blocks+0x10a8/0x1f00 [ 108.978756][ T9805] ext4_es_insert_extent+0x1bb/0x19d0 [ 108.978772][ T9805] ? percpu_counter_add_batch+0x69/0xd0 [ 108.978920][ T9805] ? ext4_es_lookup_extent+0x206/0x490 [ 108.978946][ T9805] ext4_map_blocks+0xa4c/0xef0 [ 108.978964][ T9805] ext4_getblk+0xb1/0x3d0 [ 108.978981][ T9805] ext4_bread+0x28/0x100 [ 108.978998][ T9805] ext4_append+0xd1/0x1c0 [ 108.979017][ T9805] ext4_init_new_dir+0x177/0x500 [ 108.979037][ T9805] ext4_mkdir+0x329/0x760 [ 108.979084][ T9805] vfs_mkdir+0x2a4/0x370 [ 108.979102][ T9805] do_mkdirat+0x11d/0x200 [ 108.979157][ T9805] __x64_sys_mkdir+0x32/0x40 [ 108.979234][ T9805] do_syscall_64+0x3d/0x90 [ 108.979252][ T9805] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 108.979272][ T9805] RIP: 0033:0x4656f7 [ 108.979283][ T9805] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 108.979297][ T9805] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 108.979310][ T9805] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656f7 [ 108.979320][ T9805] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 108.979408][ T9805] RBP: 00007f67705dc040 R08: 0000000000000000 R09: ffffffffffffffff [ 108.979420][ T9805] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 00:39:41 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$netlink(0x10, 0x3, 0x2) r2 = fork() sendmsg$netlink(r1, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01, 0xee00}}}], 0x20}, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) bind$netlink(r3, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbff, 0x800000}, 0xc) sendfile(r1, r0, 0x0, 0x3) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') [ 108.979432][ T9805] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 109.073920][ T9805] EXT4-fs (loop2): mounted filesystem without journal. Opts: nolazytime,,errors=continue. Quota mode: none. [ 109.299938][ T1040] loop0: p1 p2 p3 p4 [ 109.314042][ T9837] loop2: detected capacity change from 0 to 512 [ 109.314756][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 109.349966][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 109.359331][ T9837] FAULT_INJECTION: forcing a failure. [ 109.359331][ T9837] name failslab, interval 1, probability 0, space 0, times 0 [ 109.370423][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 109.372011][ T9837] CPU: 1 PID: 9837 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 109.379805][ T1040] loop0: p4 size 32768 extends beyond EOD, [ 109.387748][ T9837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 109.387760][ T9837] Call Trace: [ 109.387766][ T9837] dump_stack_lvl+0xb7/0x103 [ 109.393945][ T1040] truncated [ 109.403958][ T9837] dump_stack+0x11/0x1a [ 109.403978][ T9837] should_fail+0x23c/0x250 [ 109.423416][ T9837] ? __se_sys_mount+0x4e/0x2e0 [ 109.428369][ T9837] __should_failslab+0x81/0x90 [ 109.433214][ T9837] should_failslab+0x5/0x20 [ 109.437729][ T9837] __kmalloc_track_caller+0x64/0x340 [ 109.443024][ T9837] ? strnlen_user+0x137/0x1c0 [ 109.447884][ T9837] strndup_user+0x73/0x120 [ 109.452304][ T9837] __se_sys_mount+0x4e/0x2e0 [ 109.456899][ T9837] ? mntput+0x45/0x70 [ 109.460890][ T9837] __x64_sys_mount+0x63/0x70 [ 109.465483][ T9837] do_syscall_64+0x3d/0x90 00:39:42 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:42 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x1f2) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0)={0x0, 0xa0, 0x0, 0x2, 0x3a8}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f00005f1000/0x1000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x2) r6 = fork() sendmsg$netlink(r5, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r6, 0xee01, 0xee00}}}], 0x20}, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(r5, 0x891a, &(0x7f00000003c0)={'team_slave_1\x00', {0x2, 0x0, @local}}) r7 = socket$netlink(0x10, 0x3, 0x2) r8 = fork() sendmsg$netlink(r7, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r8, 0xee01, 0xee00}}}], 0x20}, 0x0) setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000440)={r8}, 0xc) io_submit(0x0, 0x8, &(0x7f00000012c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x3, 0x1ff, r3, &(0x7f0000001700)="ae07118fa9eb379668f592d10668fbc017bdca2b57831032a68381de70fd72ee6ded15b69b4421228ed15faed01fa6d629be2e9681f75db51eac9fda7c17e7cecd9cf6c59ab781d00730a2c21ce41a510b9d62bbe658b48526e24df58f2dc7aacafb3067b029374b2e2a4bcb07718145c1d3690d81889f492f74451b07c11e47b1e0912dacdcfdfd1a973d120b8e521b19c34ebf0e2c112bd758a14a1f0c684bb53cc1c30db138a383ee05ade83db2a9f5ae5b8bbf2b77667d6bf43e2fd9ad2287be8c361b394943bf1a547471b14da287793ca7ad55b509f55d1bb4f09f23913af7fd947b93eca82c41fcc9fe6467c62c8140019ec3e1f123e760a264749856dc72f980168d5640b416df283d919c0114edf5af62bc689a0d5be89ce4d0e16f1023625e70dce840dbfad3f3067710127f0b4abd2c226910324a9933770cb9eb3c409392c280090849558b3b0e49a7b307cc16e67dcd610283ca5061267fe2ae6c6b131bae3ce063de199e02f7d0a7bb0ee4848496dd11f40e106381723c027f307623f6cd7a205fac562346fdf7f62f790053863fbbfd48b1841016326e803c13d6379fdabf47b6e042479e468556cb7b338846e232f3fe864a8754cee6df36652d385d468c361776bcfe1bb80aadf8f3621bec6b0df61ee230c759b7f49ce88b82995eac3beace3bde83f907e1e962273b6a7ed72aa94dff63c5efc5c4bd53be3cb2f242224f5f421530bdad6177f8059ec98782b8dae632ccc592b7cc0943cc294d935742088556235cf73ac55e58cc2761d268cbe393fdf8ce6dbd4bad7896d2258f9ef92867e6d719b63e84b7fd427f9e8d6818b953769a8d609a7b4855ba185cc0d2b564c9f7169b57c9213ffa6c37966b9ebf6f87e660f70eff6abe14a9249b1fc9b7ff9fc56dbe34a019132c3d5e0da4ed2b2f3f0c4c309f5ee4c5c3cb6fc5ed3ec08c047954462dfb4dc08bd976921df88e446e992e38d6cb0d2f21c7ac9b38701a7d2128d1158ec54f2ca00ace3abae6e5d6658bbbd806ddd6515ed9848fc8c9680a11b62042d3e80910b6acda41a88abd66c227dd28a2056f2c9f9ee8fe773010cd2c3b0510ad2c776eb30119c8711dba89cdca365360975b84feb691d4e4c0ccfb9a0087403643056f90bd08d0fae90c4cfde272d84c975d57984fcabcdd6555730fd5f9c1ccd12412d9f9d6d4c3527feb4c4f46797d2bd6db93703b00b51abe596e6a56c2caf1377c5c42b0c8be7c3a507125dfb38028ab91501dcf95074787ff4b81ba53fe850f7d3e1ff3e2c84232c831ea5ea136405a05506cd1f1cf24f733799498873fe90598cc8fe25643bb9fc210cfc9b56dacdefc2cf7ed91405ad9f1238837302fa772c83e054b303115810e8b318c5288cbc8cf5d162dc50834064583bcae02d6fdd306ca5f2c0bcf84c6b1bc95c63775426845238de4791b68d27446056e7b6f275b3ba7d2272fe1a9230f5377c259de940caed4e039770ffe54d1ff8ac8520c6a44547760d27e3ff2b7ebdecac7e0f82bdfedfb1357667c35d4db87db666cdf2e81c07ed4b94893070ea273729ae986918f77d016abc817e6a2df2d617f0327dfa2cfe03139c2826df5a48b3b30e87997fb7b488690441f0184c0a69481d7ed4686035e787ea1fed32b1bfd435027104a32881311448280c16a9aae090314dfbaf75747cf0a5e59e8de4baa1321f922ba315b53e5eca328f91f69ba266b217f8fecd869638d583000c960d8837f45309a66867163a06bfae91521d3f9f0c0f3a2dff40dbb23d2b233644552cfec4e61bac297d23a251a498f11cb2a11dcf332c202f41e991f0272aaac410d743d45467c577c02546d5f9ffb274438258d511f2ec0acb8a31bf35df4d5ba5dbb62ce30e2bca22dfbf09b47a8fdc8a1ff0c9bc8013b969ad555fff13a9b9602640408714e5a205f67d33178a4d53add78834816fe004279eadf1de6d16f6fa964b5e09a8363a08671051d824f698fa4127c662b7e068c3850568a2e2c4d81a2186cce6e4b9e1f5328345c0653463bf0f7051cf8345c0c81e9e607d500adb6e9f4838140b5958bc782d0bf7917414cb500d5eceb59368e9e03aeaa1f6349918e9ad9ec492a213df638f995a0b7ff14e292d67dcb4017a5a6654669ad2db1460b319a27014da73060dfacf3f7aa67ddd9eb562c3767538f27b59069d6e952219bf4c74aa011be2feb0c2b605c4b9bd0c945a46dedb84596824d849f752109b276c478151de7fd1ec3e6682427633a58760bbe38cc03e986025a07c0200e59ba5d673682dd30475f237f4f7168c4aee19c70e07330cd8902f38697b4da9bb329b1a0d262dc22acd422b361ee1b3aa36ff972b6c14aded7da0159f04510393a485a6cf374910b6c019f8fb7d3c00207d55d09854cfcf00b1df30d70c86415f5baae8be08bae88ac2d232db1feed77dfdb1869f8aa60e28575bd0144532d6ebccd88e5e84f84e6d57f142e48ceaba423f0261071c732cf2e7fb575daf768ccd2fd5832b9e7c8fec82ab7ebe8c62b18c760500e467ae1f8a5eeff6b3d05dbd5f511f1fbe478e669c3a6751358b962f6520d47071546d98dea279279645b6026ab7453488ad507533fb7fa23b87f888a42ddac67856bb7fcdc0ad9e7b91b588ba88c27625a20f38e9abbc12775504f31d984cb3a5b6944e02566f94381c11b1505bc56d9b626f0884a8c5661e537b001e0ec4e3ef2f2909dce65783ea6bee3f0f4002a5c41e7a4068104d6f2f437ed0d01db476707bb75cda107d7f58fa90d5c990a396211f79a57106a85c63ee96c394fd33331d3f789aeca2517024b98d05de7883fce49922ec3830be7c31fc7a296fe60e0044c13cd8b730dd06bb976faf826c60993dfe012d1ee81a7e9d1e14aaf07c3f45d4fb21b240b4a139df3bdc7d8ceb154d38f863077846c71d02bb71d1d22aa11c7e8cfd21df861a923bd771cab87e1a721f35e71fbcae0608b0f0512603b8d062ac656151ef9e61d408c66ac39d14d0e478e86b95f2c3ce986dab0c5bf6982787d8f9187471ec17151914b3aa25275789284fc7b030f107224a3dd0cb7e5ce01fb46a3de361fcddadb005b58bab457b0c6540fd98dbb914be062ce211d486a0ce9950dea8d8d835fddb2144546c75f437de9e5ecbd2dc4862666f76ebc3e357b19d542c4245904f01c7b1985206301730593b0193683edd878f166d273cce1faf6909371059e8565d7082f01dcde58cdd378de1e3a8d129d883e797902cd83cf8edfdcd01eeee28e18b135f63f69b54ed5e8fd3ac7522e78c59be135a6b3e71b4d7eef69b5ed416db6235826d9eaaa90f9166cb6a79c0c90f1f2691b409cadf219e9262e9f7a80553b8377d1e55e93c0c0118e55dd49b0d10507b77e749a215c55c16f7f5e4d2ca8278cb585bad05b7e5cf575fb4bed93d5c90bf3418cb09a7c8ed95d8a652ba18ad7800403b72b39178cd04ef71eed19f0925a89e69b9760be36320c0bb698957804fcbb5acaaa70cd6609899c85494eabd42e02461fcb92999ee72ec51123270807e8810c7378940f3140c5ca0fb1b065d6542b1a650cb14066f7244de89bfb2c7f36d457c774f73d3cdd349af20a7577590ef53c03b726bfd58feeacbf4164072c314cd6120d07e5e1857a33e18873a8cd011e6f46129ce722cc72ab05ed6931c35d6c3e1d2ff2b564dfacb3ecc1d5058d7dc5ee243acbaedd0ce4f829b46d784a68ec624106a540d1fafcf71c212169271ccd27d9a952f00f732db360285c4ec4c2ce904d25eef5ebdcf1e703cbbffcd3dfa9d2a765e122662cc793f3ad96b79241279fc96e57bc70ed4a5854458c2d99dc92653e453164dee3e56cf0040b597df907c3b7e9a6a84cbdeb6b38f2821b53b5c17ac44d22ed5cf891d0ba47baa03d2068a5989444251d9a6232d422954cabe5f438f2427a8f55d51ffbe9dd8b8b6632ade5cfbdbd789575d1b1097ae6dc8e4d58f2a03280e0d349c8c2277669532a6e543c0362faa4a8ba7babd984c78b6e24a00814488821bb23499f8de6799024e6863fd24886a27bd2e5a82ff3c5e2222a30df0afe2ae945f851b1527126ac0dbc7ea1cd7c079e27bb2b1e853c51f5b7c4e1ef2fc5d63320aecb1ae6feaf391b5c130d908ef727d90cadf5058ea022eaa5f8744334413c73db45a7d44539751f2b0583bd52f6db39d3e26e2f003e88a9fc5d683b776071a5961bead3d49bc8b011ae78c3d205f2756d38c3b6a1d5106135777b5dd945fb69bc3c4ab9649ba9a7083a7c4a1fcb7fe3d2f3dcbd4e1c84ab3062f5553311d2fe7b24c75d76ac6cccb0e9ac632b5a075fa3cc3de902cd1ee5ef18487c2f7bf3aaa281874a9ef3ebd849a8239d1000e7e95de54e0c75223e812db4730796fc998bd6808dce018ccf73ef311481a857ba6280ed59503d4b50e44f01ec4b8489ed999f20ce432a1f4519f682f854013c66c67a9243bcc7e980bb03f98159f33cdd2e1667eb60e9447e27039af4fc37abb7b89ae2ada259a77d3b39cb5a1f2d761af34cb8b3e36fbf638056e415a336eaa51b1f8f3168a94ac6f2e41a29bd8800d3e81ecb0c239c7888f0965e9f6fe0b8326ca18e380bf53ec2e57e38872116c21465a32098eb13ef9ad32fc5c4a14cce31d75ba4401578616e8850dbe2e12c4232abab65e68a5406afc5d3d02b63adef81bf49d4790deaa345495f1628f2958f38ea4510bc41f45c4b17edb2d03223d7c8b1960dba7accb946a09ac46c71c0fd5cdf7b2da095c7165f5eead24d084cbc1934ed0954af644d38b468282356fc37ad8f817cd636dbc8b1839135d0a909fc1f626b5129482a07ae9372e9222ad5e10fb08f3dbaba251a14ef1040fce45497e597a9c2416f2875b2a2c70bae3c845966db02396f931ce9cb63c1789ea2a6cff1ecd9f5e7a6a851e28eb136ee14ce1f309e6cd1e1a38f5658827186e7a6c527288e133c514975922f4dd2868e644513d8e037bb7437bb2f591ff88bc916193d9b21139926278c35da40cba308f9e288410d1d0278864eed81998dd39934d8087b068e1a95e6c8dcb0ab223b0ca2c31f9518db33a74ea9b25457f7d7dafaf88705a62308c65e1705bd808f680fa9781e4185ede0c71f1575604fdb160f8c3d3fe12fd358ebefb24bc190c0df2781191ebb9559b566cb5cd019e99d158b4fb10397505bbe66d904faaea19bdab20024fda7c1e4f29bc73c16e0f83b9586322bbccb6d96dd4a2fdd649c41a4834893e0ee23bc17379143fbf7e9a2d3db8d56943ebbe7c95b8aacde6dce1b64adc4222c9369900da83811c5ed6ad910a98af05034e6aa30b08da88d0f125c7bf3e0dbe3a2553ef6fe9d3b8df3b932e7c682c60ffdcb73c2e45ecdde386a93eb52abf78c3331e8d9c67c96e7f0b63024e1473fe388a3619c4f6b22d114e066b3b7912235abf099d29b3d325e50cd4609c2aaed5af58b37a6133f9c8d6c97d28f7ff9f0bc0deca9c7bbf4da4eb2d8ec4554095b78a9f69c292ef63f8083feb12bbdf83cce70eb8c94b9e23ff561119560ec42d5709bde0469d3c3516fa11a79ffc50821dfeaeedc6118005b3650119b536b0cd5d8edae3dce9f6d678083b67abca8074630879c479a367211453cc28613f18c944ffa2211c56ce7f59034ac52caf732898e41ce3c64a092667590f05f503556cd1e4bf6d5e136f163197480dcc232d45fd260e476e8ea6bb2c3a1fe229c78d73573c83aff01386ec5b04095803e9603071f76d9ceac32787bb7aa9c2b0b89f551c77e200addc06d25e7c97e", 0x1000, 0x6, 0x0, 0x1, r4}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x7, 0x8, 0xffffffffffffffff, &(0x7f00000000c0)="b36759730f76c028dce0d1f7d8387b25f8c5b5ad15bd1c308ec021d137dafc076339ff24", 0x24, 0x101, 0x0, 0x2}, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)="666473605a97423ca328c94870288e42146785abbc9df32f96fc256551192b8a10314a74eadd1c4082d830a53da2e19fe34754d26f359db5380cfa4da5c23da89ad304988b2bd014cf3b085520024286c19c99e1144e69b016e4e9af544f4995f18beeb95d90de0449c708d08c03", 0x6e, 0x3, 0x0, 0x1}, &(0x7f0000000f80)={0x0, 0x0, 0x0, 0x7, 0xe, 0xffffffffffffffff, &(0x7f0000000f00)="9d2cd74e88db26426d8b32a50e774ba41c8755170980e040e337f0f29d4bf837323ad48cbd863587809a127830254307f40a1494f6b8bf5f15a95c047778bf0d0713670219f6db6e6e19dedb959fb2765bdeeb6aaf8fa21ef72c66ce614595d981226be2d06b897e44c0d0e74f8ad5f0189f43feabe9", 0x76, 0x8, 0x0, 0x1}, &(0x7f0000001080)={0x0, 0x0, 0x0, 0x1, 0x2, 0xffffffffffffffff, &(0x7f0000000fc0)="c141c6c3970b0e03fa49118be59de00842bb7ef42bcc2afc38299743da234a48c46cec0dfc5cf32e093b3af1a6e7088dffea61669ec2861e47c6e6c0464f5f9aab8252ea221ac019457a78d1cdd7d53443393806fbd782dd894395a1f9d70adc6dfe241f8dfed88e2ab5e4", 0x6b, 0xffffffffffffff24, 0x0, 0x2}, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x6, 0x165, 0xffffffffffffffff, &(0x7f00000010c0)="986575623317db0a42744afefd67e85120e4128e4dac5572faba899ac4246996fd5d66b10405f68f47ab3888f1ccba0aec72789552a3e14ad94935dfe9d9db030c8b78541e60412d8613136f617099130cb85388c48ff48d57049f229a3bd83eda3faeaf52f334606d605d326164d49ce163069cb96604046b31df139c85", 0x7e, 0x8, 0x0, 0x2}, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x1, 0x4, 0xffffffffffffffff, &(0x7f00000011c0)="caf5c1c518d5b566748d3de50a01d1f55ac4ca1092d39a924c2f42c31e16395db55b0e0f79a2370b1da9133cda6426868c738e604a16875c05a69cb8c1972cd0", 0x40, 0x3, 0x0, 0x1, r4}, &(0x7f0000001280)={0x0, 0x0, 0x0, 0x7, 0x7, r3, &(0x7f0000001240)="99c78c796c28bcada8376bafc88c", 0xe, 0x2d84, 0x0, 0x2}]) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000340)=@filter={'filter\x00', 0xe, 0x3, 0x4ba, [0x0, 0x20000640, 0x200008fc, 0x20000aca], 0x0, &(0x7f0000000240), &(0x7f0000000640)=[{0x0, '\x00', 0x0, 0xfffffffffffffffd, 0x2, [{0x11, 0x6, 0x6001, 'veth1_to_bond\x00', 'veth0\x00', 'ip6tnl0\x00', 'team0\x00', @multicast, [0xff, 0xff, 0xff, 0xff], @empty, [0xff], 0xfe, 0xfe, 0x12e, [@quota={{'quota\x00', 0x0, 0x18}, {{0x1, 0x0, 0x7f0c, {0x800}}}}, @ipvs={{'ipvs\x00', 0x0, 0x28}, {{@ipv4=@loopback, [0xffffff00, 0xff, 0xffffffff, 0xff], 0x4e24, 0x2b, 0x5, 0x4e20, 0x4, 0x10}}}], [], @common=@CLASSIFY={'CLASSIFY\x00', 0x8, {{0x10000}}}}, {0x11, 0x2, 0x4, 'bridge_slave_1\x00', 'syz_tun\x00', 'team_slave_0\x00', 'veth1_to_bond\x00', @empty, [0x0, 0x0, 0xff, 0xff, 0xff, 0xff], @local, [0x0, 0xff, 0x0, 0xff, 0xff], 0x9e, 0x116, 0x15e, [@connlabel={{'connlabel\x00', 0x0, 0x8}, {{0x81, 0x1}}}], [@common=@nflog={'nflog\x00', 0x50, {{0xfff, 0x7fff, 0x81, 0x0, 0x0, "f3278f2de6f3dc56a9c444ffae23e892e6e5f4b0bfb99c86cbb9d110b42c62feaaa530f6fa9e9dfa8f60eb88897473e82e60a58cebd0fc6f62d4cbafab5b30a3"}}}], @common=@ERROR={'ERROR\x00', 0x20, {"c615e4ec4d45cb3350dceb41a5fc2de20f219b726e186acf56f7c5878a39"}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffc, 0x1, [{0x0, 0x42, 0x60, 'dummy0\x00', 'ip6erspan0\x00', '\x00', 'veth1_to_hsr\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, [0xff, 0xff, 0x0, 0xff], @broadcast, [0xff, 0x0, 0x0, 0xff, 0xff], 0x6e, 0x6e, 0x19e, [], [], @common=@SECMARK={'SECMARK\x00', 0x108, {{0x1, 0x40, 'system_u:object_r:smartcard_device_t:s0\x00'}}}}]}, {0x0, '\x00', 0x3, 0xffffffffffffffff}]}, 0x532) syz_mount_image$msdos(&(0x7f0000004580), &(0x7f00000045c0)='./file0\x00', 0x0, 0x3, &(0x7f0000000b00)=[{0x0, 0x0, 0x8ec}, {&(0x7f0000000400)="b944a334312ea23e5208934584642fa9534f", 0x12, 0x7}, {&(0x7f0000000480)="768724ef0fbcc7d3c83b9a446516d5642bfe12aa9336df9b34cc8fcb39ff7af0b833a980b3c320be6462fe941b5f76b8f25688ae59f3bbb4024179f3641989542e2ce8bcc2e13936a73590feeab54f8dc0f897c06226af01e1ef3411314f73f5110f214bb46978d82062f1e9f7bd73501ab01ba5b46beffcfb664a63307d4b851f2441c5e3c7984e21fea284bb378902bacd0b9f103f93277adad34bd0db5d6035f2bdd49f70ad", 0xa7, 0x9}], 0x0, &(0x7f0000001300)=ANY=[@ANYBLOB="4aaf41318c5acb84cef9e3c72a7175a987a6f8750280c89e0dfd2779ddc53c4000af9656672218f551a71c4e40637916e62a571c72655b3dbd4cef51eacbffef8127b6ec700299f812eaa3854965abbe3ac424ef6874dbb3d531347b4b6af5f89941867baeb0b8b3e8a9f595916e041410befb8db067ae3c76be29f8ae45a4de4158b2bdf529899d020ca1ad5ff6c7027847eb6635c300e898595bd365321ce3e8974bc21b7469f3db8adfbb277cba87fb10f4fa47452655e54ffa4463dd41d92657a7015c41dc08f5a516166239aac9cf60e36b5b17baf4b02f8a56095d6d05bd2a7d95b7a0e435a73a2494e9b9bf4b5794354582e61eec2e02cca4e80e3af6c671020000005fd1d9b47578a299f4a357a0e6847ad1ef82713ec0ccbdc7341f795fb3781a6e6ac4e17b5a13e5f03c0c04f1d3733c2ea2ca933d212b0620649622a711bee0b3bdf8cce1b0304724007231cac74c3a96cdf84d79f574b0b3e44943ab30abb2d2991db73fc4bedae9e94998c7462503fff5602fe745d8c349256ac453e7332e4197042186a2a189451cf25e7061fe138d309f0a84f13bec76f3309da8871599c400871e3f53d3c3474d3378"]) [ 109.469905][ T9837] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 109.475811][ T9837] RIP: 0033:0x467b0a [ 109.479753][ T9837] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 109.499368][ T9837] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 109.507782][ T9837] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 109.515760][ T9837] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 109.515774][ T9837] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 109.515784][ T9837] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 109.515794][ T9837] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 109.613242][ T1040] loop0: p1 p2 p3 p4 [ 109.617751][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 109.623769][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 109.633854][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 109.642078][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 109.673008][ T1040] loop0: p1 p2 p3 p4 [ 109.677041][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 109.683048][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 109.691042][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 109.698952][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:42 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c0008802000020000", 0x13}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:42 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) fcntl$setlease(r0, 0x400, 0x0) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') 00:39:42 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:42 executing program 2 (fault-call:0 fault-nth:51): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:42 executing program 0: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) write$P9_RREMOVE(r0, &(0x7f0000000100)={0x7, 0x7b, 0x2}, 0x7) io_setup(0x6, &(0x7f0000000180)=0x0) creat(&(0x7f0000000040)='./bus\x00', 0x80) r2 = open(&(0x7f0000000000)='./bus\x00', 0x145802, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x100000000) r4 = dup3(r2, r0, 0x0) io_submit(r1, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x8, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}]) r5 = socket$inet_udplite(0x2, 0x2, 0x88) sendfile(r5, r4, &(0x7f0000000140)=0x3f, 0x0) syncfs(r3) ioctl$EXT4_IOC_GROUP_EXTEND(r4, 0x40086607, &(0x7f0000000080)=0xfffffffffffffffb) 00:39:42 executing program 5: write$selinux_attr(0xffffffffffffffff, &(0x7f0000000300)='system_u:object_r:logrotate_var_lib_t:s0\x00', 0x25) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/attr/exec\x00', 0x2, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)=""/163, 0xa3}, {&(0x7f00000000c0)=""/12, 0xc}], 0x2, 0x7f, 0xfffffff7) [ 109.799536][ T9898] loop2: detected capacity change from 0 to 512 [ 109.808476][ T9902] loop1: detected capacity change from 0 to 264192 [ 109.822466][ T9898] FAULT_INJECTION: forcing a failure. [ 109.822466][ T9898] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 109.835546][ T9898] CPU: 1 PID: 9898 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 00:39:42 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c0008802000020000", 0x13}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:42 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 109.844305][ T9898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 109.854359][ T9898] Call Trace: [ 109.857658][ T9898] dump_stack_lvl+0xb7/0x103 [ 109.862249][ T9898] dump_stack+0x11/0x1a [ 109.866418][ T9898] should_fail+0x23c/0x250 [ 109.870917][ T9898] should_fail_usercopy+0x16/0x20 [ 109.876031][ T9898] _copy_from_user+0x1c/0xd0 [ 109.880649][ T9898] strndup_user+0xb0/0x120 [ 109.885080][ T9898] __se_sys_mount+0x4e/0x2e0 [ 109.889733][ T9898] ? mntput+0x45/0x70 [ 109.893721][ T9898] __x64_sys_mount+0x63/0x70 00:39:42 executing program 3: ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) open(&(0x7f0000000040)='./bus\x00', 0xa25c3, 0x62) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') open(&(0x7f0000000180)='./file0\x00', 0xa202, 0x1) lremovexattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)=@known='trusted.syz\x00') [ 109.894549][ T9902] FAT-fs (loop1): invalid media value (0x00) [ 109.898382][ T9898] do_syscall_64+0x3d/0x90 [ 109.898409][ T9898] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 109.904418][ T9902] FAT-fs (loop1): Can't find a valid FAT filesystem [ 109.908796][ T9898] RIP: 0033:0x467b0a [ 109.925119][ T9898] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:39:42 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) preadv2(r0, &(0x7f00000026c0)=[{&(0x7f0000000100)=""/93, 0x5d}, {&(0x7f0000000180)=""/253, 0xfd}, {&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000001280)=""/159, 0x9f}, {&(0x7f0000001340)=""/4096, 0x1000}, {&(0x7f0000002340)=""/208, 0xd0}, {&(0x7f0000002440)=""/239, 0xef}, {&(0x7f0000002540)=""/253, 0xfd}, {&(0x7f0000002640)=""/113, 0x71}], 0x9, 0x7, 0x5, 0x2) r1 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) fcntl$setlease(r1, 0x400, 0x0) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') [ 109.944868][ T9898] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 109.953283][ T9898] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 109.961304][ T9898] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 109.969271][ T9898] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 109.977243][ T9898] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 109.985215][ T9898] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 00:39:42 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002cbd7000fddbdf250300000014000300fe880000000000000000000000000001050001000000000014000200ff0100000000000000000000000000010a000500e000000205000100000000001400060077673100"/98], 0x68}, 0x1, 0x0, 0x0, 0x4044000}, 0x40814) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x89) fcntl$setlease(r1, 0x400, 0x0) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') 00:39:42 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 110.014951][ T9920] EXT4-fs warning (device sda1): ext4_group_extend:1822: will only finish group (524288 blocks, 256 new) [ 110.052893][ T9920] EXT4-fs warning (device sda1): ext4_group_extend:1827: can't read last block, resize aborted [ 110.175071][ T9951] EXT4-fs warning (device sda1): ext4_group_extend:1822: will only finish group (524288 blocks, 256 new) [ 110.194286][ T9951] EXT4-fs warning (device sda1): ext4_group_extend:1827: can't read last block, resize aborted [ 110.304952][ T1040] loop0: p1 p2 p3 p4 [ 110.309063][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 110.315076][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 110.322643][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 110.330496][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:43 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c0008802000020000", 0x13}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:43 executing program 2 (fault-call:0 fault-nth:52): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:43 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) fcntl$setlease(r0, 0x400, 0x0) readv(r0, &(0x7f0000001180)=[{&(0x7f0000000000)=""/60, 0x3c}, {&(0x7f0000000100)=""/4096, 0x1000}, {&(0x7f0000001100)=""/94, 0x5e}], 0x3) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') 00:39:43 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:43 executing program 0: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) write$P9_RREMOVE(r0, &(0x7f0000000100)={0x7, 0x7b, 0x2}, 0x7) io_setup(0x6, &(0x7f0000000180)=0x0) creat(&(0x7f0000000040)='./bus\x00', 0x80) r2 = open(&(0x7f0000000000)='./bus\x00', 0x145802, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x100000000) r4 = dup3(r2, r0, 0x0) io_submit(r1, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x8, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}]) r5 = socket$inet_udplite(0x2, 0x2, 0x88) sendfile(r5, r4, &(0x7f0000000140)=0x3f, 0x0) syncfs(r3) ioctl$EXT4_IOC_GROUP_EXTEND(r4, 0x40086607, &(0x7f0000000080)=0xfffffffffffffffb) 00:39:43 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x10001) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 110.680774][ T9972] loop2: detected capacity change from 0 to 512 [ 110.696556][ T9976] loop1: detected capacity change from 0 to 264192 [ 110.712851][ T9972] FAULT_INJECTION: forcing a failure. [ 110.712851][ T9972] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 110.725935][ T9972] CPU: 1 PID: 9972 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 110.734616][ T9972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 110.744728][ T9972] Call Trace: [ 110.748009][ T9972] dump_stack_lvl+0xb7/0x103 [ 110.752652][ T9972] dump_stack+0x11/0x1a [ 110.756868][ T9972] should_fail+0x23c/0x250 [ 110.761883][ T9972] should_fail_usercopy+0x16/0x20 [ 110.766914][ T9972] _copy_from_user+0x1c/0xd0 [ 110.771509][ T9972] strndup_user+0xb0/0x120 [ 110.775913][ T9972] __se_sys_mount+0x91/0x2e0 [ 110.780501][ T9972] ? mntput+0x45/0x70 [ 110.784476][ T9972] __x64_sys_mount+0x63/0x70 [ 110.789052][ T9972] do_syscall_64+0x3d/0x90 [ 110.793452][ T9972] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 110.799430][ T9972] RIP: 0033:0x467b0a [ 110.803322][ T9972] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 110.822914][ T9972] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 110.831319][ T9972] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 110.839277][ T9972] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 110.847230][ T9972] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 110.855182][ T9972] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 110.863139][ T9972] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 110.878067][ T9987] EXT4-fs warning (device sda1): ext4_group_extend:1822: will only finish group (524288 blocks, 256 new) [ 110.902195][ T9976] FAT-fs (loop1): invalid media value (0x00) [ 110.908332][ T9976] FAT-fs (loop1): Can't find a valid FAT filesystem [ 110.916915][ T9987] EXT4-fs warning (device sda1): ext4_group_extend:1827: can't read last block, resize aborted 00:39:43 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x10001) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:43 executing program 3: r0 = socket$inet(0x2, 0x3, 0x2) close_range(r0, 0xffffffffffffffff, 0x2) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet_int(r0, 0x0, 0x0, 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_read_part_table(0x0, 0x6, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acffffffc900050008b3010000000000024000ffffff81000000e100000088770072003007006300000000000000008000da55aa", 0x40, 0x1c0}]) r2 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) fcntl$setlease(r2, 0x400, 0x0) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') 00:39:43 executing program 5: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) r1 = socket$netlink(0x10, 0x3, 0x2) r2 = fork() sendmsg$netlink(r1, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01, 0xee00}}}], 0x20}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x2) r4 = fork() sendmsg$netlink(r3, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r4, 0xee01, 0xee00}}}], 0x20}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x2) r6 = fork() sendmsg$netlink(r5, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r6, 0xee01, 0xee00}}}], 0x20}, 0x0) r7 = socket$netlink(0x10, 0x3, 0x2) r8 = fork() sendmsg$netlink(r7, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r8, 0xee01, 0xee00}}}], 0x20}, 0x0) r9 = socket$netlink(0x10, 0x3, 0x2) r10 = fork() sendmsg$netlink(r9, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r10, 0xee01, 0xee00}}}], 0x20}, 0x0) write$P9_RWALK(r0, &(0x7f0000000040)=ANY=[@ANYRESHEX=r10, @ANYRES64=r1, @ANYRES64=r10, @ANYRES32=r7, @ANYRES32=r7, @ANYRESDEC, @ANYRES16=0x0], 0x12) write$binfmt_misc(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="01"], 0x4) perf_event_open(&(0x7f0000000080)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x7}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x0, 0x412, r0, 0x0) 00:39:43 executing program 2 (fault-call:0 fault-nth:53): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:43 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x10001) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:43 executing program 0: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) write$P9_RREMOVE(r0, &(0x7f0000000100)={0x7, 0x7b, 0x2}, 0x7) io_setup(0x6, &(0x7f0000000180)=0x0) creat(&(0x7f0000000040)='./bus\x00', 0x80) r2 = open(&(0x7f0000000000)='./bus\x00', 0x145802, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x100000000) r4 = dup3(r2, r0, 0x0) io_submit(r1, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x8, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}]) r5 = socket$inet_udplite(0x2, 0x2, 0x88) sendfile(r5, r4, &(0x7f0000000140)=0x3f, 0x0) syncfs(r3) ioctl$EXT4_IOC_GROUP_EXTEND(r4, 0x40086607, &(0x7f0000000080)=0xfffffffffffffffb) [ 111.077364][T10015] loop2: detected capacity change from 0 to 512 [ 111.112453][T10015] FAULT_INJECTION: forcing a failure. [ 111.112453][T10015] name failslab, interval 1, probability 0, space 0, times 0 [ 111.123028][ T1040] loop0: p1 p2 p3 p4 [ 111.125070][T10015] CPU: 0 PID: 10015 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 111.129368][ T1040] loop0: p1 start 1 is beyond EOD, [ 111.137804][T10015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 111.137816][T10015] Call Trace: [ 111.137823][T10015] dump_stack_lvl+0xb7/0x103 [ 111.137843][T10015] dump_stack+0x11/0x1a [ 111.137857][T10015] should_fail+0x23c/0x250 [ 111.143066][ T1040] truncated [ 111.153088][T10015] __should_failslab+0x81/0x90 [ 111.153109][T10015] ? __se_sys_mount+0xf2/0x2e0 [ 111.156378][ T1040] loop0: p2 size 1073741824 extends beyond EOD, [ 111.160938][T10015] should_failslab+0x5/0x20 [ 111.165080][ T1040] truncated [ 111.169500][T10015] kmem_cache_alloc_trace+0x49/0x310 [ 111.174342][ T1040] loop0: p3 size 1912633224 extends beyond EOD, [ 111.177332][T10015] ? _copy_from_user+0x94/0xd0 [ 111.177356][T10015] __se_sys_mount+0xf2/0x2e0 [ 111.177376][T10015] ? mntput+0x45/0x70 [ 111.182125][ T1040] truncated [ 111.188399][T10015] __x64_sys_mount+0x63/0x70 [ 111.194150][ T1040] loop0: p4 size 32768 extends beyond EOD, [ 111.195963][T10015] do_syscall_64+0x3d/0x90 [ 111.195986][T10015] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 111.201278][ T1040] truncated [ 111.207576][T10015] RIP: 0033:0x467b0a [ 111.207590][T10015] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 111.207604][T10015] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 111.279813][T10015] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 111.287784][T10015] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 111.295799][T10015] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 111.303814][T10015] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 111.311784][T10015] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 111.395792][T10040] EXT4-fs warning (device sda1): ext4_group_extend:1822: will only finish group (524288 blocks, 256 new) [ 111.408653][T10040] EXT4-fs warning (device sda1): ext4_group_extend:1827: can't read last block, resize aborted 00:39:44 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000", 0x1c}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:44 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) r1 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r1, 0x0}, 0x10001) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:44 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) fcntl$setlease(r0, 0x400, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000000)) sendfile(0xffffffffffffffff, r0, 0x0, 0x0) 00:39:44 executing program 2 (fault-call:0 fault-nth:54): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:44 executing program 5: ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f0000000080)={0x7, 0x3, 0x8}) r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) write$P9_RREADDIR(r4, &(0x7f0000000100)={0x68, 0x29, 0x1, {0x7fffffff, [{{0x20, 0x4, 0x3}, 0x8, 0xfb, 0x7, './file0'}, {{0x0, 0x2, 0x3}, 0x28ea1d95, 0x81, 0x7, './file0'}, {{0x10, 0x0, 0x7}, 0x4, 0x7f, 0x7, './file0'}]}}, 0x68) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000007, 0x110, r0, 0x88d46000) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_read_part_table(0x0, 0x7, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acffffffc900630008b3010000000000024000ffffff81000000e10000008877007200300700fdffffff00000000008000da55aa", 0x40, 0x1c0}]) 00:39:44 executing program 0: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) write$P9_RREMOVE(r0, &(0x7f0000000100)={0x7, 0x7b, 0x2}, 0x7) io_setup(0x6, &(0x7f0000000180)=0x0) creat(&(0x7f0000000040)='./bus\x00', 0x80) r2 = open(&(0x7f0000000000)='./bus\x00', 0x145802, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x100000000) r4 = dup3(r2, r0, 0x0) io_submit(r1, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x8, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}]) r5 = socket$inet_udplite(0x2, 0x2, 0x88) sendfile(r5, r4, &(0x7f0000000140)=0x3f, 0x0) syncfs(r3) ioctl$EXT4_IOC_GROUP_EXTEND(r4, 0x40086607, &(0x7f0000000080)=0xfffffffffffffffb) [ 111.513576][ T1040] loop0: p1 p2 p3 p4 [ 111.517914][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 111.523944][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 111.531560][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 111.539383][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:44 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) r1 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r1, 0x0}, 0x10001) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:44 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x824c3, 0x0) fcntl$setlease(r0, 0x400, 0x0) ioctl$EVIOCGLED(r0, 0x80404519, &(0x7f0000000000)) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file0\x00') [ 111.578140][T10060] loop1: detected capacity change from 0 to 264192 [ 111.579916][T10061] loop2: detected capacity change from 0 to 512 [ 111.610152][T10060] FAT-fs (loop1): bogus number of FAT sectors [ 111.614651][T10061] FAULT_INJECTION: forcing a failure. [ 111.614651][T10061] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 111.616344][T10060] FAT-fs (loop1): Can't find a valid FAT filesystem [ 111.635995][T10061] CPU: 1 PID: 10061 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 111.644795][T10061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 111.654849][T10061] Call Trace: [ 111.658127][T10061] dump_stack_lvl+0xb7/0x103 [ 111.662744][T10061] dump_stack+0x11/0x1a [ 111.666916][T10061] should_fail+0x23c/0x250 [ 111.671421][T10061] should_fail_usercopy+0x16/0x20 [ 111.676505][T10061] _copy_from_user+0x1c/0xd0 [ 111.681099][T10061] __se_sys_mount+0x115/0x2e0 [ 111.685776][T10061] ? mntput+0x45/0x70 [ 111.689758][T10061] __x64_sys_mount+0x63/0x70 [ 111.694382][T10061] do_syscall_64+0x3d/0x90 [ 111.698808][T10061] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 111.704708][T10061] RIP: 0033:0x467b0a [ 111.708593][T10061] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:39:44 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) r1 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r1, 0x0}, 0x10001) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:44 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xa9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$cgroup_int(r1, &(0x7f0000000200), 0x33000) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x400) r4 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0x0, r5) sendmsg$netlink(r2, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)={0x61c, 0x31, 0x2, 0x70bd2b, 0x25dfdbff, "", [@nested={0xb5, 0x2a, 0x0, 0x1, [@generic="87f4f83bd5059088922b9a6685af8e572b84c6442f27b2bc8003e62e4e288d01040595381563784db893ff02ed8104c5108d6253c26b42ab0daf559fa98bae644342d4df1d1b8cb4be2dccd754ab577245c28171d164ce4d7813b0c6ad1e2940ca822f0501e5642faf68e549a520cd69b4fc9bd6fa105bdbc2061cf00b1854d6c0f083f10d80cfa7b88ccf3ada25c64ed61dfee46c1d1ae17c63fe05ec239cc8e8621ac6ace18a7cea", @typed={0x8, 0x65, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}]}, @nested={0x362, 0x49, 0x0, 0x1, [@generic="0bc6c8a09628b5a5a1d84e3c7cb321db6f6cc150d7fc4af779d1f39756d83eafb267183b352a27eb86ef0c5c5199c5cc5c9ab07aa6a0bc20580d1f1e32c3233b6d7aad8ad8331263e36e801dd1889fad32937c92f08983f506bad839173a822caf80d37ec6", @typed={0x8, 0x46, 0x0, 0x0, @fd=r0}, @generic="6bb8cde955058f51802858393bde159e922f318a22e0fb08c044a2e38246ae015c2c0b10ca560ebe775b5c74afee4d4fe1033fabc01c1fa45e660316457b45d5ba92803c31ae4dab1074147fb51d7b55948a843831ab424af80911004b39f21c734b57ca1bebc699030a14720960dbff2edcf19509eb2d9fd4510d3705716101fb99411fbf2a797f795e3734d76702061a5a87a6f15eb7eecc429d60f9bf6dbc90405040022c9554c1bb04399ea15fa82d19badf1fce853fe4615778b2e8e5be597e28cd4386d194f22c76", @typed={0x8, 0x90, 0x0, 0x0, @ipv4=@multicast1}, @generic="2ffb092ebfcfb8ab84f0172ec1d462600bea5b50daa09a60cf695b8f800d7969319408d4b54abb70c55ff2e98270c2f8b3fd65dbf745e273a81057e827e10cfed1e02d3419eba322b7c3b6bd4681b84f9bcd68488bdd280fe88b13b1855ce6055c607a452762b35a50f83ebf1f0d26632b13a4a7cf0841fd3d8eeb874df636bfd857c18afc9970213f4365fd8297f64f7b56c2cdabc4814299cfdecbb174b82d4adef43966dde5930ba0feee34d2bfa2bac134a0475b1257750325dc1b8497cd35f8255b580f87e9023f", @typed={0xfb, 0x8a, 0x0, 0x0, @binary="a4d9daab21cca4013181785e84ed9bb9670b89b896a473af1e41b66df28c44d1cd57b553d243866739ead47c9552d0d23015cb35657b2412846f32466157b1aecf981ef5273812f29d2e96b238083452caac9331b6a7a70b42e826b59f5bbbf35aa55717c15e24be451d213d9e53ba8534046401a56b349255a18e96d705f29117876cc1f4406363f0dafd4a3f24515d4f45b66126220e4060063064cb4e891796692c5310a080b30f5acdb17878308a733bc10ee693937bd9ce1e8ff81436d7288fc8a2ab6223610643db9832fe9c71ce08f08c536326ec8929cf15a1facd428847e0253eccbd1e939339c3b9ff3d7a7602ee9293a7b2"}, @typed={0x12, 0x13, 0x0, 0x0, @str='memory.events\x00'}, @typed={0x41, 0x7d, 0x0, 0x0, @binary="b76a9a358c8cd18e4d76b996e87a4d9f90a04ef292c4a5f7fda5d3c9f1f672916effe7b2480cb06db9d2d84b7053dc57d9db0151b2d0a75a171e6b5fd8"}]}, @nested={0x1ed, 0x64, 0x0, 0x1, [@generic="11d6762d4a274a7d2d5144a1b2b3237fe505e4f553374a97c0790deaee5188df0852e5ddfcfc6cbe91e033b260d032f1b20b6e2538523b09349b752cfde9a685ca82b28e4dda6f61f8d3223f62", @typed={0x14, 0x7, 0x0, 0x0, @ipv6=@mcast1}, @generic="6a1e3d7cba5ce5ccf06f26484fc3ccb18065621f6ae2be9276669a46274ff617d9176615ab49702e2c751c40f5a53ca1311d7c8cdd2bb9f664d65da70c82b7002c217f2fff69beead1040e741239220ed94f87316d0d02e1167b56aa5835955abe01540969df5362d66bc5c7b3549e29f41b4b8dc5730e954d85d9984501e52067fa986d89847f807d05d5c912e25f3573930f19726d16e443432551bbf8450bfa3bd92b962abfbd6e87879011a0", @generic="f18486946e01953c09712312f96707f5c36b6c1edf28b3dfea904b3e00ba87ee5b2c656a4d2f43cd16438f034a7fc55a29c4fe0c53ce05731269ed3fd8901b5d2c728ef577738f0ebdb4c77de4b9689b50d6c1cf20450ff1d46963", @generic="5654d653cfd25cea7ba3f662b760d62f8ea6c0c9c50f44e009d29bb8f8966d05583efb25a775b17ad5f97bff33d65ed18fb1d29d", @generic="f96b6edd07e81a4743c6e6c0b4fa08cd884de3e53ae69da202c4ba3b72e837b1e99a131418c778612522ad2227419393af6804d1390850", @typed={0x12, 0x6c, 0x0, 0x0, @str='memory.events\x00'}]}]}, 0x61c}, {&(0x7f0000000880)={0x104, 0x3b, 0x300, 0x70bd26, 0x25dfdbfe, "", [@generic="44c6cbb64c8efdd4fd49a888fffdfa8125d48601c53a330717f6dbea5e7a87326b54d12834644da4622489700e6346350866bcffffea272d61fa6323edfb848e6c456b3e68f14bbcfde8379dde2c34a29fd81cc1f1bc600255793008394ea135cb14076addcf6be25452dab5145fa7bb30cccec8a80d832a141830092040b12feefd627fea3e6d10e4f67f148b23c0aeb4f45020dbcecd9e3e952738c341b45ca0556d8a7a1a4b312fb870f6ade5243c6f56ed9a78bc092e89a96a53822a1c5bdccbf5446001ae5b3f166f78fe391437d28a03c2dcde20112ead8c9c66e1e54db695da4e11a8abf4d0d6c6481c99333eac73"]}, 0x104}], 0x2, &(0x7f0000000100)=[@cred={{0x1c, 0x1, 0x2, {0x0, r3, r5}}}], 0x20}, 0x1) 00:39:44 executing program 4: syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r0, r1, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r2, 0x0}, 0x10001) syz_io_uring_submit(r0, r1, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x227d, &(0x7f0000000480)) 00:39:44 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, &(0x7f0000000240)={'team0\x00', {0x2, 0x0, @broadcast}}) setsockopt$sock_int(r0, 0x1, 0x1d, &(0x7f0000000280)=0x5c1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x20004091, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$inet_int(r0, 0x0, 0x0, &(0x7f0000000000)=0x8, 0x4) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000003, 0x110, r0, 0xdb999000) setsockopt$sock_int(r0, 0x1, 0x2f, &(0x7f0000000040), 0x4) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000003c0)={'syztnl1\x00', &(0x7f0000001080)={'syztnl1\x00', 0x0, 0x4, 0xfe, 0x9, 0x4, 0x61, @private1={0xfc, 0x1, '\x00', 0xf0}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8001, 0x8000, 0x3, 0x81}}) sendmmsg(r0, &(0x7f00000031c0)=[{{&(0x7f00000002c0)=@pppoe={0x18, 0x0, {0x4, @empty, 'ip6gre0\x00'}}, 0x80, &(0x7f0000000380)=[{&(0x7f00000005c0)="92047c158850073b02864ee1631f44b6edc7660871141c4464b86fbef49e93c4471ccac225460ea07d9dece79cbf308a6404aa99de2ef970a70c98f009d92413dcd7c5df648a7ca91cbd9c536017bbb0ea70fe218ab8f059731d851afef8c1052b934c6cce51f69e17edff077f06c737136600483a955c6d4d04274ada6d9e4c7be6035c39fe1435884dc746ba25cf69f0dcf86c9058bbf2377418fe9350a4075989f4cd9e857832d318234bb1cea3ee8a5a62d8f555df608e45340d416b56d1f49b87b0e4bc5d18cfbdc6339495f7400ea9ca4163fbc2afa805727df4c89d71c8e2de12", 0xe4}], 0x1, &(0x7f00000006c0)=[{0x68, 0x6, 0xe0000000, "366b6faf09aeb7804facc9210c2f75d236f87f340370a6410f27e6d03388adb470c88a617b32fbaf351b4bd6578de4ebf0f97e902e3ef5042d0ee725c2e64af10e96ad1477a6febd7e6ef2f8be890bc39b"}, {0x68, 0x1, 0x7, "224a182c1e81098a3dfd6ce1f3a4a48c3aaf768008da62b5ecea376a2fd228055eea5b91981b08e0193d76166e9ca5e336e317f769b02b46e52d11ab8342d8e6689011bc5b341f55872563b92e99241fe75c9d6f44704c"}, {0x40, 0x105, 0x5, "8116735d24016ba381f7d9e81ca683bc0302a266d3b705dfec5c3a2614f48a1742ee3e7ce7b1f6ae5d11edf187ed2df5"}, {0xb8, 0x119, 0xffffffff, "9d475857ceaa455e5145720fddab7217157bd0270ec48c1c55264e410962acd82230d413194b00df5bc0c831d9f2fddcf866631682285cb66d931d05ee0a1f7546211adf738ab8d3a8904db2d6655dafbc6f6b807c4b30df2e9abc4d0da2cccaec3dc2b17d05170a021cb6dd8d405ce10d7078d337d369345a8390d91e618b26a9916cf242208a9c4d3f1b24aadfd5fef41945cf2010a2a03998a5cd01da3647f800aa8dcfc246f1"}, {0x108, 0x0, 0x100000, "9b390551dcf1da867b75df84941d08e7555f9de46974ba8077246f6ea4449c4f686afb3bee6aab01fda0202f0d84043d97ffd320bc2d29c6c9d87290da8d747bec52b26ffebef51737bd5a78ca2662e694f158866ba861ea4665b0f7d04c246c2fbd90245d965b8f791605a0d53200041a6c7de36b834f4bcd02a917cc5bc3fe075ef82a7e8e656d88f51c06102e57e5231f6516989082e2d2bce70f04f9f22bfa0239a7f9f54491915dc947f37f3e2a9d674b9e4ac5fcc4221b77b55ecee0f3d84d038151ba4d33816b08f341ab5be587dafce5e50b0b1910c142f468c480270c7a95cccf4a63a0e3030cdb3f07b66b01b137e6"}], 0x2d0}}, {{&(0x7f00000009c0)=@nfc={0x27, 0x1, 0x2, 0x4}, 0x80, &(0x7f0000000e80)=[{&(0x7f0000000a40)="121d42908eda5ebc791f1a6bbe449388f030c253d054ac25b0494c74cc8fa02ee88372db552ce0c16f9a450366f09cfca6472b1a06e93ed44a0bb158f96b9e30d7217207f72422af46d1e1795f27c3d12b043e4727ec27c4538875a927516398c953befbc8de8d347896bc895cd934a36aed2482c2", 0x75}, {&(0x7f0000000ac0)="71e2f6342e0e49017aef0fefd9dba0525e10e34afb676a8d4c7315f579f085438b70043f66d3a337894c47abb7d6a0b6a9a6d9996f0244ca47f28e99df5428a89d454c4bc9781ae1d3330eccb32aad4b0f79d26c09c3d4b79bf56d19ead3162a8f56e35cd4db4e38fab50be37ea6afc14f9f73775bbc52e74a304bf334babf40ca83f2789c776d2ee5", 0x89}, {&(0x7f0000000b80)="b034c1c3056e38bbc179ce2ea96da1d269ad3beae322b1865e01651d253d6fde787b338123a4629143ed9f43cf211b18a856061708679bef9036b2e2ee809e63f9db2128a4e12b610442603a69dc724ff9d1aa9d2526557696670e1931c9e9a7bce16d9ee8c2f71aedc4a1cb02c58fad6573df8bd498c6c90d6016cba33e0ee0b0ec1fa862e373d1c1a28a36542c5e0eadcff3d80fb988ad70", 0x99}, {&(0x7f0000000c40)="7fa4fa809edadbcba83b67d48c8a3fd3f41a70a44213661accae46afcb6f065e37c4d6fa1c2e9ff5ab465d18a78c76223fcc5e8c5b189836402c7fe29a61a9f7d7000c06aa6db5e8e77665e856c607493a335d04d8c337411f19e767f799e6f04f96ce96b8307fe25c423951467d6b467ce9095053fe68422f0e6279661c5e5608a65286de74c74bac2517194ade287198bb0a3f28db1b1785307fa298fa58a1f40608c8351c559eccbd539558a81137c5d05346e4600082f0e7cf6c5cc9b77357ac6c0129578e23bc3f9113ba29f0fe4af41cb9fc68061de83436c3a98ef3894e75a0e4da46354e261a9b2cb9a95cbd13ce5914caeec169b4133c6c3d60", 0xfe}, {&(0x7f0000000d40)="c7335632cf7e3aa9f132e8d5342f7903bdec216dc69e2f541ee48e25ef220927b3153883cf48deb18938a2880012714c5b479852fcb810d8a27a8b26f18df1114ebb3768fc6bf64623767b4904eef56becf685f630b040", 0x57}, {&(0x7f0000000dc0)="cbbbfafd919582df14db797ae1e7f8b256693c642de2dd2faeeae1d81c27a88d02c9615e3e798bb6bd7b014978bc027a6c3d3ad4f94c75c03c59f49e56a28f82ebf599162226a49e88e5d89d6ab7f9a7db5eebe2a3d140f93c83f45c2021be36f00cc6d7f7bfc469047ba52405f029a291e62bf761e0f97fd6ae654172466dc5ef141f47163cbad2953430ea2ac24ac67ab149d2c2aa6a8d493be15e3eb6c10a2c636c8c4a3eb23252f0eb17654bdf7540ae9d9a3c3d", 0xb6}], 0x6, &(0x7f0000000f00)=[{0x78, 0x1, 0x8001, "42ec65a803db6487f24c39d253c6bb25ceb6607bac635b1d76775246039fccb5b05a3cf78571a51af44b733c2eb027e21e705c69065cd47bb0cfd1e7d997026d9a656d9460d2fc597cc0bf4256fbcdf2ab06272128419447902da87ec5709a9cf2"}, {0xd0, 0x112, 0x7, "358e40839d0ad81711d513388aa43ce414cde632abfa587c6aaa0fdd86cc0878d8b2fce3515583a8774c1d19bc839e609f7545dc31399fd6b26c03d6b8625b0f7d6d770c53e0c915bd02e4e8531352a209ad4582ff07327f5d4a75b1ed975e8610cd3c91e0d246fafa7150476f5a42ed5f750aeac6c8b233c365907f2afc095762d474a4521a91f916b2f06d074d1a4cd20a6611f2e8aacb4084b60029e3f21222f340e398555fa661110af84cbb2810e261464f099a6f9b3bc2e2b1823712a4"}], 0x148}}, {{&(0x7f0000001100)=@ll={0x11, 0x1b, r1, 0x1, 0x95, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x9}}, 0x80, &(0x7f0000002400)=[{&(0x7f0000001180)="dbda73bf0e694dc193451ffe61f05dd9decbb686de968690be4c5ca4558ebfe043823fce75c76fd852e9cb537d1a4a7ba9e45fb88471cfdfd30ebafe69021d4b4a57aebb07c1efb6b8c1b1a0e932fa6328ac6b6317849674bcd7f55e30efab33fe01c8f1eb67807aa5c6284696a8e127413b571f5327f4db92fb34bb9782a3c12b3308fa7328b8d61c20206843413f07787caa9a91b65c5ff2fdab2639a372664e373e4f49bf7fee6ba629f77dd4ac088b6a6b54f2902f8ab6bf86f39cb133a2aced9ed3ab063deb0d", 0xc9}, {&(0x7f0000001280)="bc220ed3d04b8d92423430d79cedaf8ffb9a1a3f984efe4f04483016dce2bcba4e7f0191c61c29760305853d4597b5cbf531c52a2fa1a13a7ffa56c1c6840d8e2e5db5ba3976766578e6b52a4b6ac982832125ec196169c15ef6a85ca3f6d601e13aa38cc6762e3926f1321ae8306f985cf5f2fc788d35b43c2de81bfdecca3e9dc9a192912688e75bde745bba8e7a13fcf8af67db35ff", 0x97}, {&(0x7f0000001340)="419959a52a09b1d3f859788000cf246bc5cbf057b4c0a51db9af64d31b29664d22652bda6b8ffd85e119cb15fad0ada6eb1d679b4b1c729aa4147b1ccec52c8acd0f4f5f04f84186767ccd5f2a26fa150003a46bcf0ce98ff6a0486e03c0b398f24094af0c421cac9494e8fcf63842474100cdbfcfc5a9602ffe332d2b129bb13a161d7747dec0b34bb741aacca8a1cbd76a9c7360299d06271d9bd82255fd8ae1e03c46e82d2c4516f7a3349647fcbea54732e7cadd57ff8f34921b5d6e9eca10fec0e51af06093094c094af654886e77b59ead75841c9869bc48a214c62a0464cd753766e11b3029c6ac060609e9d5b2d9e1fbed7f7592937d6c04e69751a99f07a1d98ddb035ad28d3292bbdee3b3bdffe5b54a7f9870b33cdcb74e7597944418b4bcab31daef996394c38ba09a352df574e6d8d4921ad12b7079d101929c5da3de183c344e6cfecdc0e780e649c3ff89e645be35e8edb9747d9551158e7b8fa6cacdb266b5cbb638dba08e56e7a873843cc96aa4c4bf6ebfc7f1f66a60fa1d5d21ee281207e968a87bdec8bcc8f7102c14c89e8182321a9aef7ffa166820b94210c66bddfd4a0eb287062c14e52d1497a0c23a84df5fe7c2e54107424d3aa9b394bf7e860065d25f8020ad9fa3cfa1acec6f75158a7bd3a19a0899fb9db98554985a68c4041d2a30d9721917ccaf41aa642a035c13e05a58674e4185044096795eee8a1cdd2b4ccdf3e3695e7d07d4ea726b5c10fc2947ebef9b531ad58b1060f6bbb72bba3bfd7ab30af17567caae2c4824540727cdeb11f0ca77c8ce83502ae13e25769d33ad6252f9612de006f81732582c382dfed4da02bf34ad128a5c582e104f7008e14732f47d65768154467ffd7e8d57836e7b1a0bf7c9f4a30a0e9e5ea7586729a5d939d5c1c2a4114c1785f96c0a9badabfde3c54aa3f5479507608c18c1df07f8aee8f919a6f52b68245daee0d3546cf3ea57218ac6e0acd76ea846ad05563173f4d0bedc7a4a898f3a7773638528e72f64068dab324951dde6be23344d35c9d533144c67b03bc6742321c8f88405cb2b3bc608fbc716a1ad907ef14c582fa129d8fe8cfd953d43a987c86028cce11b6c60dfe8515208288d0594d08c5bbda406755036e5f0dc884d41ae0e6c3fd3c423f8461cc7d11b79cc972463ae066f3750939718f6d3619d815c3226cfbe9a0830b11a663890b2d7800e99f1bf343092ff8b076cbe9e1761cf8a410e7890e8e0bc1d23e943f3fc0ac56cfb3ca9b068461dd10fdd9797632ad1ff8284377ceb82fbd149b3a7c354406eeff69e35a15907ac78bdcb4530edb8471eeda64b4ea9ccc06c2c7d4b2f3470ba0fee2b60468820232bc5f7afe1ae891f5caa72b051c916a033bcc1b546da44a7ed5c659b768c114fd7dfe45568fb41620afa86c2b5d068e46f2294467d195b7fb733e833d6814fdaddc3cc340fad43b64430412bd1388f88ecbd40933fe377ed5d1c88deafcd47eecce00096f1f5d8ca3af20445a2e53877a80f59d0e08e950da1d909763144f0ee53d2b936df9dcbba76fc4e670a195092a9fae5597bd7a134fabb21b0eb9cc655fea4fecf970eb9ac6a80044dd03159d9eb7ba3c0d874a3723081fdc5a34a24de36d12edab85ac7b9f1b42090b0d735322ec2d9555f66e77bfbe1c1a9ad1a1e2f5d234314d5a35b3886214fca6ece57db867b7dfff34278149f4dfdf6bb568a13f261a9e2c1b088b73a0d6cb8b8caf79b3e37bcc1a485b997beba52cb187b6eefd9097d835957265c2ce6c9703624370e339d2a884baf9048c2971348a1bcc817cc693c3a3ba8817fdd6513bb8843753a32ff4d9315bc85b25f8bdd468103ac8458ab99baddc872b265d0800d0696fdacf45a8c33e042d3bf885d26527b6bbb6c8cf4770a0ba702b82f69d28d7cfc6f2cb45bcd814d814b5b396749a797ab43289035f87b97bf8129fc5ae3ee9207092634e7f650d8bf9bbf413b0d600a7437cf2a2160949d60c1e5203eed3d98676e1d24529900f631265fdd55632600e728c9c947b8adb7fde843ad21b08044b64bd04ac35cd4c7ad2369d277e183fa00cee3e2f3391b1755120356aec68ede9c12a837dca59ddfcb76f5b276b61d21ffe7c9aa1cce5425ce56b81a42f2ceb69a763f398db141d89ac61653ca1c6aca3ed0b0cbfee25a7604f6af3569e261f16e7d354349b46b6fac63916e09c65a44a866a1ff2aae2f429edbe15cd13c2f0f97a3e0401960e095226f5f0ecb6cf79a18e5d58cd9b0f42e22a4ddba0f20db22e34f2a8f203af4236727baeb179ca80fccd64def8190dd2e9137908c7a931adf263430e5d1c9385e0facdf45853992bbd9f5d607357de745b089d5b14681af4543ecdfdf84f24122326e62bf29b51e818956c2efdd89789ec1ec9c5b2cbc6e40507ad1c3afa134855931e2fecfd19c1c0a0b49754893f3e2815a8ee9d6c4b1b554dab95f85b41190bbc7428453736ad9027a487966b75df7a78467aad20766f55631168c83722eba0c49519adbeca0e8d5c9d3637ca187e533d24d38a3958a39221a572b48fed69def1996fc335f9eb87b817097ed2c761cf7639e9edbc17f253c43a5d8bbeb53b4fb35999caf9c54ab7e877de9bd9dba38bc7f9c46d73ba31bd2261872b661fba4be6a6775cd57c198ebfa1c94cb5a769da5e70420ffd324eb8406084c3d14a699b443961b69c1141e8cab8cdb7f8ba700d0c112b0c6934028b886e93093685e2a186f1233d798fc1b00af78d3568efde825eb9dcc91b7321bf0b60b1ebc5fd6fae91c2504a5d3531983790b07bc2a38f307822e3de2bd64a3263040306b986bb37d409bcaf736cf26ec2404dbbf19527251a0e88172900cd2471f9f9b1366ad8e1d0662bd0df9084e1d1ffa5e4431292ca250f7724b5b305634a51497bf506934099ca5c41a278f8a0706fd4b6564162bb0f26f44c3c23e3bcb24b94d3c8a0c4192ed151554f8e27e0d06edc1a70f11220ab450dc8f7d53ee22bdc00a9bff7554fed2d266624205e1ec82f2175511d7ff9b6da0d0582f482f15203d654937c9220136550de65a17cd52250532fb6c574474969f685799d0acc26ceba63c5f20c97030cfdd1cbd2d580e8d12c2e0879680cef52a2153b2bbdf6b2b3e980e4bb26510dfd7b5693ac6fff13da58cae998d673179a8a098bfb37a4eb35edcd0f48848a0e6c8b37674783d98fc3775ae53dd1c3d53f1e14ba67c1312cc0389cd013c84e0b45f1237911195280a0f7d248c046e7bba618e797b3959c8efe3aaff78b6825d854ec644e7783b627d1a5c2ab332ea8e97867b89cbdce465c165820076f5d1f3f277c3b82d9b41b5139e1f049981b3c6fa97e81dbbed39af23927133d6ca1d6c5c4e2bc82f6628b7f6203dac22e4a8274c0b76fbed7b28fb44ae3b162baec718316ad430f6e7c4b186b72b92bf53c1869fd530cf667f5310f7fec11e4e20527a0e324e04ab444e343f55a944f798dd490d76a718bfd8ff7f2600c824dc2c54eb366bf778154ba6da87bf0af385e8574c14ffd6888e264a05fa89e2a1543242aac8951261adde3f25da8fde6777f55909b2968e46b69d31c3822ccbde0c7df68c5087c97a47c27dc38a9f5a17cbea61707e80f1c96aac024b3428cbdcfb86ed8ba0bf0662cd95bdd2d3f6a0d4386cbd058bc23084a88a9e6ca2ad85f59567b02a2a627db259f1c8086a9c249c52e94671db74ea53c4ffe36155afb185b2289fb929b7a4e225090b59aa81d6a25c026d6d64ce9987f9859acdcc8de08d1557ed45cc10259d8b78822ef88f14a02c575eb988762d966f31b2e86ad3f4b59e01e6ae9bb52a29b2e48c5afdb8a5d12f712b07caeac2cc5799660cf44af0a8b94b96af1c74d9e91ea1c482723e55d9fcdcc7c28b07c326c14461c718ed0941bda8ea8ea222e630a05b79700b2d844ff899a7d84930ecac3259a0ab1081cb3e88416689d98fb34b740fabbfd6450d53748d4cebb671db7c36272ea90223aea6c930fa414734ea2b8f699e3ff1c0d6656a62b867344057c61648e37031afc7945c800ca3cd3e39a5fce6239ba4185cd9d2b2a5041c0cad242f6c04940cf36926d9d7cafbd1edac7b655a28ed70d3d43d8920a4591bb731201c7ed2fb3c55814f58df5ff3bc2a13800034e818e828b794c0ffe685cc489af17970dd43937b908a95fe4b51314b2e5b31b0e7c68689d88e3751c7e14584d2e517ec94afec6fec7c9c4cdd8755f6b2f13380515c2d31f6138d6273e2bb9270c664469c0931ad548088c3f4f92d5f37ba0e86f6e77f437fc8957e2e8963d3f24cb0f46b706ecd4cd36f4b13b50b983598f0808ee001b9c5c2d6658a730080a87224738fd2bf9e69ea7fc9788257aeeaf0c7dc02b6690c16348f217c0f411ebd7851da6e99c9d4622b98ac0c80fd47a204a5566ebe000f173e89b689bf3a5c85f0432eaaa5c86ff66856c83ef58be687f5e7ac2f8e34670a34103a47487cc2b7162867a55c153bafcfc477ac4419221affb6d951a5f2dc29b9bc15e4ebb6edaebc0b9ea08ac66d1d4dfc702a10e84afbf3e3427947e0b818e274dc6f26c61b9ef25a15113d75370f8ab7d60af099ea67f8ef22453f31c311487e0aba4156ef7eab77ce4d1de90dbf0c6a7ba840f3e12ffc3ee7749598454e81d8e77d7d705af6a6ebc16e60bb73f81dc97c2dca3e8efca4313c4e6929149e7b449b53dea0cd648d32578d822af2627f0e6d15a7e7da69c713e9f60110157866c6478c048a1ad5ac3528a41aa3724ed4dc79b01f31274f5dd3cb4a7ac74e235bc53f8456b1eaf3d45e46027f3fcb4d9f80f03f624feda7f9ffefee80ebd5c26bf6a3b4f4676762bd1d155631b2e30dd4650b7c8f7d66ed477fc7a7971deca11a317cdfe08570e931489a4a8255b971863ac9b9b22aef93aba22f3944a22246f000a175471d956e2b5fe7d7853a49def1ba3ed840147296044d830281104a7599ab5b3026a8cb0b8377c11e8194b3126a28defd766c69707ee05fe63646a1a27f0b500174898dd2a96c1c2a071129d0e47f2338aec89fb52756d387f5ea94012f6f915d734f11731491c5ec3ad815903bc82222a8d453be980e84b3bab42105efe18250d03958a1ce0db0f227af65960129bb41b963c1d4e3322b10235e233ae3520a0214f22474ff513f3bb947132293a7d8f58feee782e355ec260339058e23050b6340e3f75fcb6d8fc1ae1f54bf41346e260ca35258299a1fccbf3ec9189df6e21abdae3adf3f21ee60706b7f1839c63efddc2728748e87b7594a926df8fb3cc488f30eafdfd6da4dd502b3998b9db93e97012da58b56d88f750ced457eef2c01875402cc89bf6bf2e018bdc019391157a04948c3cac25cc867105ebd6dcf800dc9b3641b257b1d80eaaca364ef9ef03661e9be8480b5ece5630abf290b44c0ef4affc96791103d6810fd2dfa1eb9067981f75eb6096236d6051efdea5e0f458364789752ff36665ba29dc7732d706a8ac243b26954e0b582468b6dfde66ee8a638b1145968c0a4a18ccc965640035f80d441a2efc9a53ca0a865cde68e662efab6955d5375b53ae26e51f69c849d901ab24b1a4cbe73b46390d2c398bb8689c172b02678fe8d523e3a6f318c9df416a6014ce4fd98b30a6c6827bf8edadd794b94afc61bfcd3d589369916df0d78eb7c26d7e0b5a8dfc5c8cdc0d7750481406e33fe688f62a86c2ec028f0fb1ae3faa89104bbf01308861389fd055eda4bb5f03825b931f4135ca74bbcc9cf44a79839bff3a3f7", 0x1000}, {&(0x7f0000002340)="57c58dceea54ef3f657d7e7e2db0e09dc36b9e549e1bc583982f5f71606bdf943fe92147a293ca1436a02ac269398023555899d1105486ed42f9d0e108d1df964c91e83f69f339c06bfe4cd18413c0fce08a57b43de1659221550050ca81bf932c9677609886b094bdf3235215035a6b28db817b5e21578951a28be91ceb8339ee9c2373fc8b6520e0ebeca3bb1bcc24a78b3f375999e441ca7ad672fb5b30b9626198926c6fefff19baf3", 0xab}], 0x4, &(0x7f0000002440)=[{0xf0, 0x119, 0x1ff, "839649fe51bffb8d709ea50312844ebc0acf4081166e8776ed1497b739ef677ad650c0b9fdc838edfff1089810c515653f3e9a3035f7e783f57d1d98a189b3cd604e2ec07bcab5f2dd2ac1ca816b212ccda383cda2158059782659880e2ed666aa230a84886f13d058e3d38d48c70aed322bfa1fd7d17458a7e161dba421b47fe8ed8d2c96488a65b7573edfd593b7f65eeb0783ee6080f9354c2e08e36f2154bdd1523affa65feb4a81c082a254dc201e68e2dbbe27a429c3717f518c2a16b451da5c773a307146d86bd96d66daedc93adee85252dfdb8c6497a0"}, {0x108, 0x1, 0x6bc640ea, "3c1dc8828b797c8e30dabb00d1452ef8efd370cf70d45b5ce339ff398a9babf396c948507b6c0538d70bfe39342e4d830c2243942d379ad6578eb43679ff593a86cf1d41fa6217a14e4e4e0b3b03a71f8b8efcaeb7c7614a3dd64d3ba15f0f428357fb12ed1d62947b4a019505014e08bd373ab6fd92f90d834c62936ae34031ee2bdbc97c61d5cf3a86b3f0b6303bc054feb788f0580ea8233e03a5ea5b725d05bcac91955ada391ae2a0883e94472e879ce5780e53aa9955b3cf2f45250dc820a11e4749eda0d3eb8132d7c311fd40e89d86053b843b927ed4c16ffe11c57165044966c3ca4176bb13dc9b8f880a17e9c0605ba8d4bdab"}, {0x40, 0x105, 0xff, "62ee2ff5226ab897b0d9c3e6361e835aa3e07acc58b2994f2c68bc8f917583048c64f8ad72e7936b62651c26"}, {0xa0, 0x111, 0xfffffffc, "3828d051c07f9888637519233d92725bd8dd053e90931fb45f0b7438899caa7f086e9d9b3a8cfb7efcc871bbd1a43ac04081c8104a24a5d9b181c8a1f9dd7a9cc1919271edadc04abf04b99cc84d0562d11ae1d055c8a664ca30f7382590f4837c28a42f2cc8ec0e7d9d56984d435374fa8c6e50ef7b9e5d354463ba2868db5d6a3e307172f0521d50993b214e1c23"}, {0xc0, 0x10f, 0x10000, "98c4de6f09a2ea936ae11376e54e0f28b7668d9dac93e457b8a7d241a96b1a43b32f03e7aa2526f5406255c995f4129e32a9b2c69e286998a611fbd66e4a4eb6ac00485d695ef79c2344a7b9c0d836c4ffe3af3371c1f4562b2e0ee302ad1b41b5d209ea21c4dca83e8800c01dfbbe6b59d6d6a7156e14b534e861ec8e784599b77a352d42aa440ffe7bae5ba240d98803696358aa514e9d968b0efccaeed023ce9e0ba3744bdb2dbca6146cf6551e86"}, {0x90, 0x103, 0x7, "0ff05477f69e90f357023bdbd1731c5625e6e75f2c48988774de00bf7fd0c4babac59bc544fea1d524918e165a9bb1d44676b04b53a7f735736a71626b8d382ea92b081ae39249a49a7fb6c0c7efd08d5ffd722daef47fd34a9160c0d22553bedfcafed6a61ed1daa5914396ef56b4be637ed33fc5f47dce11a470e8b9"}], 0x428}}, {{&(0x7f0000002880)=@phonet={0x23, 0xe4, 0x9, 0xff}, 0x80, &(0x7f0000002dc0)=[{&(0x7f0000002900)="98817a342d6ff5dc0ce22dbefb5c71577db771a370d2bac791335749c6785db871e6e686b14de7c02748611cc6cf7c169c869e90b4dfd88103733c18f067748fdae4edc5f38307f6359a32b5462153555c1bfda8d7b90b2c270192015752c8d141859e0ed6b0f7540e5d353d98741674553b9414dca140a096159854ca911adc2365b2db19e11004af76", 0x8a}, {&(0x7f00000029c0)="d465d13531f4e66e5c1a0b50b539c16437ffd0450fe5d110de6ae6d57a20283113f4a0d4af0f2b03f5dd7be6eef3eb0cd47f5b96aafc50d1a298449933c4c8a324e6190fc7ce0d886402521cabee479b2d3f6b152e198cd0054045305cc1b318a3801ce5a96e0eaf182ae014191c8cdbe0680b54abb267a483ebab837163663d67d0b369088a1d1fc0d9d7ef82c77bce2414d8e41b630487c78a619ad3dcc363092b8cbc59910caca68d4916f0de552e650126c96325c6f94d86e97cd9e18666a71375d7374e4bbd8fa74c9dee5a0aec0a203604908dbf9d2ee5393b0b03401c98089bdb2ba762ea7fef7f54cf7b30fb03cded", 0xf3}, {&(0x7f0000002ac0)="022891d6290282a410996348951150a85c1f29df8cb30b181a1e7bd7cf358ddc45340cf2a61a4c80279187069ddbe88430ac3d9a11fa41717546b8146ca5b063e01ae20c5a8ad7436be1ab6573b399e6", 0x50}, {&(0x7f0000002b40)="beee697f1b23f5ebbd6e8eeec78d8c5928bd0de147b48c99ce1490a6bd2fe76cb6158ca60c0c06bf9ab68f4f1bd17a3d5159894021376f6d290da5d362732e9454790a80e3", 0x45}, {&(0x7f0000002bc0)="e6a3fefa684af0451498b6ba809e22edf5ee7d755ffaf4dd7c48c518a61c895886f99d60ca79c51bca54485232829dec9c", 0x31}, {&(0x7f0000002c00)="59091470ae4d9c96f898be5532acf6526c7cbbb26cb42ecbad56675e619dee7533fd9157f6766c9254cab87a517a81c1b158afd13f16c8b6eb41ff781a6a74e98c05e10013d99c3e9b9478", 0x4b}, {&(0x7f0000002c80)="79fe169ce0261f1426e6c15e3b72d034eb3336b4ff3f391aa7ac4ed77a5a58472379", 0x22}, {&(0x7f0000002cc0)="a492a86e2f7e09e95d2d69a739c53f815b83a270232b0dfdfb8788d86574ffb9324a6e6543c50ff75abdf29f82d536eaa764797346a3abeb8b6913237577ce0d51528c8facce3e20fa606f669f7a1ec757b837487d2b2e0cefc9c0b7a2243315c7d8edaccf4887b4fb4bf66acc08f1aff2973043a5021bcb61590a1d97022fff3422aca587ccbebf0a756ca30c6f7a92f0fbdf6d64de0d6306f8f13535b2fe8d001b31bf00fc35ff8e099bb4806f8b3c94895b36f5467c7a7b3646b9527abac41cb990494956b8d3e4060dd412cd5eff3c1b5607a60b19a6009ee3cd99b08652", 0xe0}], 0x8, &(0x7f0000002e40)}}, {{0x0, 0x0, &(0x7f0000003180)=[{&(0x7f0000002e80)="83ca5ac84ad32b8872bd0381f0ad695ba9d5c478f2d3e2e4797425abed6a7083f53472cadce1dacf24e777e95f7a0db74b7865f83bedd1578485251434c571469199d981c2932899befd797e5de48bcf2af2807cc70a42dc4d7ec6f36e3532f22945fca8a5240ca7624ccd012215f734670520ca7f9501d3b2430f8ce90dd971627c599d7a4679d3b6416dc8", 0x8c}, {&(0x7f0000002f40)="7169d9e4315a954ad8b0a4128b598eb59975e9b1dbc6e99bb649ae53b294d37e5ac005bbbedee9b7e34985208e9c4e7b8c139dc497a8e192e17926b2a2901166e63107961ccb60d0512d4016b7946869706ab4bc184c6f9840657ea9f066df115adda46d9e8c9379ca9164a83929a806438a21", 0x73}, {&(0x7f0000002fc0)="c4f600b58726ab1683586e387a1cc6440586973ca088b0d7580bcbf9984bf775842ad85ae5077a75a6e4c1fd77f524238cb319e6ec9d632b5ef22721bf62f2fd1deee43121c4c0a9acd464690b98f01da3b948ade5e43bdc98575c031526b630c64a7bf7f42b14cbe88f8b394cbef30286c89e50d17c4c0b0c72249d0f3fe50a01f0847522663b99e60961fa3be2cd9d3478c3411b8433d8e9983064095bb967443daf", 0xa3}, {&(0x7f0000003080)="b536451a1fad995e28a9d43aee43d95b21f1b4cedec927a436dca541701b91034cbca83d444ccb40e8cbbea86acf26f5fb2a450cb1dc9cd49e0d7a53688271e618d35fc9c27b874bbe474ca3bbec0b0676af25e986c680b0dc181e8374a9fec986478caffe34bf57e12430c41232758723e01612610aecfb8c52819a0ff37296ce2c52d34211b2eac6b23aa0e468a42e5d32488aebced18ac38223c8cf70ee93a97dd15f900bef5913785085d874e49f89c3e538582ec3d3e2c3492b2c06b066d4e846f30131c78e188912abc3ef1c9f197f3b6c85bfac179bd5dc56ec85c8bbdbc718c3bd9d03077ad2", 0xea}], 0x4, &(0x7f0000003900)=[{0x1010, 0x10b, 0x3, "bca560c6cd37c0bb99e11863b8c323e48523c3aa218a2d171658ea69374364a941034db57c9d3b11da7d36e8e835e4e9f124cbdd78f3b42a1dec599619a0c1a569ba2e44915eac3ceee8399db6768bc1ce2e345753030d94fc3fa788f83fac2c6312a7e303ed6a3fbd9a492d80aa8c823e8fc6d002cdfaca8d65d5c218c29cf85700c3b7123e39e517173447fc4468a008c6ec23d3c750092a2a3796c23ef6cdcb37354b7a06621294943d44a3688f3c701657fced5a331828bc518315e9b23a15fcd76f513b5f9b90b50d1b5470d24b8918e749e167cd8e613d2df411ec997dbe039cb4ea05a8f69715bf64fd6afdb5d03b2788f63dd9232be63aba40e57dfff60598c1c08a96ce5ce147d56f96a592c4da481a0e7a1ca4f6767a6fbfbbd8499ab5ea0d26197f592ce1417af47090239c448a1553cc6fb75de589a90d864523cefb25bc62ee161a65b7d362f814dca47306eea708d37a316fc6d1d2ce1b7fe77b36737107a426f74a3285c1a8a6d80a550ce7e2d146c6c561ae4e180c49d130b81b3407411d5ffd164a0d1307658edce023be6b22e1642fe0425c41f8d9e03c3f1641408b55383622fd8a01593ec6428c1284d8066711688843ba27ca69e840198935da719758fc9f6f49008149a9091b3a2d9c8183b0e7be70cb1f7c5e5cced7dc9a8159d4da645d8e900136239f8443713e3d9853a9d754ca5d4a4fcc3c8779535ff058672b6ccca8b89a4b4bd4d6126e551d99356e36571fc7802d9e59797587237447152b8279dfbc6e71f182666224c895d116361f73ab1cad00b41da8be7121e002d9942b9325fe4d67aa894c9ea1d77e326c8a4eb566c300fdf2e89949d4cdbbdec88f1313872a8a95f1ff040a3fe095fc35bc3c50359bbc040d4f1a0ea2c163800c57a1439897364ef133c25584f9adfbf5487dea70e027b4c80bf8970f6750cace1d53171ae013b7849bae6b736e944398ea3575c9868341056a295533f687c571a7cf03d1703ad156eb27cfe05a37a86b62e661743162c31e420009def23fdbba68c8fef3b8c863e5ff6594c4ff6e49a9de048e9524533f2df16abb79bcb943fb653e6c910e01b2de08ac9ed0504c4a8b7f53291e2bcd83fd85ead2eadda759f9d0feec653a1bf000e9e3925cd104dc14a38cc0a7d4ce5b0a6e416afed9b39b7a0ccd34320f1a17fd6aede3e5fa181ddcfdc011cddf3e33e4aa7f5236629708c83be62ffd3b3396a285ac7392eedc36fb6d858a8df7e9466e3b9abaf54d07ae7b8ee91e92af902d9530ec5e98b8152ff0c4b587cd42a4bd931402be7b415b9c1110ae35bed2d83b906d7eff85b66f2344ff8d1ae9ecae2e376b16e5dee4753969903567fb8b2e291910bf353c16c7ce8c37097d51ea7d84a387a44203e89b55076978306f8838c752fa2323c74a14213fea490a5b34b0a244223e7cd6048ac382df010218967e9105707d7d4052c3215564ee8127b8d96a9b1f2236d3abc1e4a3881fc2721fad172d06a02500875f2a09e08e6fb884b77a4dcec1bf2dde2ad9b778011b51a80bf1fa8fb2b2a93c720645526097927d5fe65385e34142d5537f4848c968ca682a8907babdeea854fccc77ff9205f77d69d1f01bfa34960636f1617ee76547fb68dac9d49dbf828b1e1de49b01943b40b0454a3dee5e7f79bbefc41b57da851aa94e47e0b3a395fa73c8265fc614f8bfcfcb2429b652cc419538b25812154473819f2e3b7555c673e0aaf6a6e16a03b78f3b78341e62f79f96d4262d7aa21488386eb765dd293bb0e3909d8554e810963c01d34a91328b1715e23e930163ea6fec353df38db2ea6b4823aeb755cb889cd783fc2ec5b173c81834c82467bff2628a2f56c2ee02900b532d4689ea94f4d4e3cc592d0f7f173f621a93d1df812780e89d79b36385be9b27d4b8bc079640a4e838e2654b2b6f62806e6c83bef2a6932f3eef0023b3928f20dfff9c71e89498eb270ef28da7cc4fadf69d76ebf840136e69bad3ae57069be34a94ee3e8f39165673490a3f9b9835279829b1d034a45558adaf3821d459979797ed842d25bac34d8df8c732e9062c033c030c8fc3502b557251d09c4941a87790a638e2a00d2eb9f0dbc8f66ba2cd225c39dfc5731a94e4256c6592b71a0dcf8698dcb448e4b845cc83b924586a974df4a04cba12bbe9d2cc6f524917e9fb3b59e2ccadea50999d23a054d86c965fa4b1b4e31f5056b7c5f193bc6401c73b97a46cd2a2b9aa6fe72db7fb05f1eb2b605b96bfb9591c2d9c35c77c51d7ca2c60a204dcdc3ab6d8232dbfb82f398a495fa9b4babe202dbe36eda960e38b7d3383d5d25a05e6ab7ffeca5d1136f75e5374c3671e5ee40742af192daf188d2f2b7ab7d72ce6a37cf88dbc377c92db3531749ac3960a8f3744075102fbbde8d80a3c6cea8a4963b1033bab33937a64aaac17e0e0b6edf78de44d5548b5b5db3e03f97a3b96128641b9fd468e4c0533507899d90e8e9e2a9c750982c5788778f7c0ea06f83b7300b3cada2f625bc31230d5fc93a1f0b73a638d078cac365db952de5f73546660b3d18bb5f6f625a516587e34eeb2f5e1f25ed139cc5f16a99ee0770a9a58954d2308e6f33e25b21e5ca15e10bdd2e774b641e2de9e93942441a2cebcfde0eba8caf0582f6f8059afdceedf0f9f350540c7a9a20d61204c6a19a4d26c0d610a8547bc0542321c6e11575395674cfa3a1af74836af558c4b14c702b281ba4c52b253b8ea0e09463d2f2fcd92450d89b7ae0d246595076f9a0151765d052c56ca2c4a34207deab64d272d4b5879a9f0a97deff7e1412bac56460cf3ca8b167c529e818f790b5b48d55d812aecfa97f1278e5399af22b7193ca30bce33c22ec84d1dd740f2e9538d041420ae1e5914b8c96f18550b788967842f1caac76de918cf1571feb11bff53df2064e5551a637fe32ab1df27fe06c7926fe7bed00fdb279596ee2118c2149455814b6b02d443791d0868b8ed0b5fa3b869386970e4a99a872f596f87af6158b7ed8fd8efc35d499bfd64b3c2259ec1ca7098d82a39f26ce3ef906147c6adb5f9b90179498420f1805adcfe81f7d6ee8170d893ea3ad41e9cf3c4672f636650913dfff3620d187a05abcf805520d5869815f95c2e3449ea66f264e6479254c09fd48c9ad506b9e715eb5a096a0e264b99d9a560ce2d4b03f58f286ef5ab9e3de34da560688ef335db36a6c33f92390b60628dada4a3d1c3d7ca0b4b276c5a34ac17d83c42ce86c4d2dd551c4843ec4f4bedec2bea8a449e012c211b91b7ab1ce1e8dac9c1a84da005c6a3554b0663b509ba5e67dfd056f9926a6b6adc6d8c52ccc6bf5f57a91e69c5bf32642a9a878c1cce780c5609cd7eed1ebc32921c6eba67ca9a0e6604869951c192e677145b98b571406d386317c4aa4ecfef68b81bc466e0c9160c18ebe74ed64e629a1325c35e98997883e4ddb53fa463c2f2c01c890cdd1237a3a80cbb935335a745cef7fb75d3e0ceb060ee0322d09b28afc4a02e357504d96bcd6a4f2a2d9c07f4a8b3a12ab9795f07e368c46c5ca75f4b9d2a955cf02c3bc81a27861eecd85e1d4b38ea51aa5057e122da45e72eef91d248d9773a902f1ff2b22c8971e5ee70e02edbf535fd8d35426f2551f11c11759a32fa3976783844a4937aed1cf023025dbd640163eedca554d7249f3f87561c61a64f38138ae44a6176c27d87e5031b8d9487c8f5d894f32186716b879dff244e7d288ba03c7c96666ac196ee0573c7aa1b83f2ea8475627b501d56afc2bf430276683ab8195796889be3fbef5c2ef6ed6f7fae334d9e9926e73f817d3df76624aea87a45aa039c4dc65efbbea75c50ce5164d5f34546821c4d4294eaecc3bd56a726afe804abcf910daa890086835d4d4d866b9ecd4d2e135d3a4e3fba8ee4cda15eac5a2c33c2e427d4e91e485b2956228bac06358317759c39c47ae35308c2849bca27519eb265f99de0f0b7af44b1a7cf718c34ec5e543c9c927bd6cb360335ee7bc9c297633cfc563a3c4b267c83c17e94131bd80772ef976f7d455f19aefcfa474f084e4433470d00d6e64b95af9bb1af9ba03789ee33399a4793312a87e8c833e0ce15d6c1a84a4449ddba48683acd73798d676621aa09c2c20f21057f553865dac44d360ac8f0231c53180b4a652c71f516813667df9575655ac70a647ac14c74f3acf64344510440b0a12201ab3bc548beb759a51a454c197ad9ee6c3d0ccba08d53ac87a2e793567dd33ad2b23fdc202872e433a9d255d8d076ec166911ed4b68e45a46ff4588248d1d29f8f265bc44f4a4b6a7c1dd138d820b4dea73ab988a186c27bf8257cd17b08b99d7ba7f109d07204e1353fdbfb08cdf5e0952d504e7900e572bbf8bc6c017ddbfdfb6d6193543219e46a4c0c397e4ab7119ae57da853f56a1229a76b65c56a47c64e6e64cf2a06030670d8df42ec6771dde8913ec3fcbbf2a3b1bbcab7f3603125963ddfe306e045746e7f93b615b53547b637443ecb2d10cfa9c9725b3e6127ec2e3579c53b769a20e2f6830aa72707ab1999d3ffcd961e2ad295c1c5b6875549feb43b72408e6ce7cb5b0d9a240d5efa02937dc01c5541dc466b033518d42840af02ff64f15f0cefca4f8975615c0d5b13aedf7f677bffb8016a4c1b106c7645b9617453be9010a428680c3c51cf341d7a06daa674890f27d05bc9cbae9d2da9f4e499eddd09b8874011642bada6de141fe6a681549d7b15bbddcfe4634ea2cac8fbe74d234bf21b5650dca814ffbaa613d623145680505c61a8ddf0cf30e0294a55b5d100856cc3d5c5ef099b05f670100b10e9e9052c52a04ed7dabdd0a29c4adfba0202c291466d7ad38814b6c074748dea7c0c7d141539d21358787d7d715f9f7875fc5b943fc920c156a12ffc07abc2aa7a5a2fb9cea1b2f3f16f5081f16634939df34634f16e7c3a4af8c93fd3c671f238639dfa876c6f9f9b75c883d296d9db169692c76c7cd2973427392c1da42560abb9d4bfb97edc715ea6f200b3addabe20e77ae26da158b0a1b78102bde1de28c38e7e0454e938bc073673ff4ed1265b6681fa2360cc251d61694d73f17ab19e92c307d232b5c956cbf8e143f9480db8b91872d0a5b2e12b5cebc200096bd7c09ddb78e0620faee32579e78f39dc7faa725ea1eadc7a42e1b611741f8753f3de5767c30154f952975a0244a372180104e16bede661927c49e0a8b3c137c9ab2e2312e8355d3f19e6e4f5e0b4cbd1e6113eae26617e61360b91932f9f1866cd37cc6b666dcde7248686c0f8f64a761091d4705d262aa77105e058e13e7a9294f88049f5e9e6ad39243dbb39eec601a664f918a91268f6f025a540ab003a19eb18a633b7526135ff2dc5954f155a431dfaac1253f5a2a001e72885aead2a5d81ca8bc705a5b4f3731e67391cdb01721d407951fb65cfafe6d2d014856e01e24ee677bbd3c669dbdf5a3635919e22f46a269fe1cfe7ac824f3eb828063c67a8178d1035083ad20ffefc4bb95207c96ae03b7f3dfc1d08ca0bdb34f4ae050940a7162efb6dd9cb28440e90433f1e046bfde1ab61205a41766d8e3500e068b358ce82698ee6f3a23f6250ad2f4b7e8a33a0f8417f05039bbe0bc20be4b096c89204fa77bf0e82d3274f26cad27348d96e1cae3851d83a4383c62e119cb769065586fa7ad9acbfc6798f5bc3b10b7d894a4ca70b42db3c576180b148e48bae6343fc1271763cce4c3b1a58ae22be1c6fd9925114f1d7e72b91f755def59156c12cfd8844cbc"}], 0x1010}}], 0x5, 0x1) sendmmsg(r0, &(0x7f0000003880)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000004c0)="664bbd2dfde1e61e628ae2c68ee0b951cf294677fa8e8dddc9291b0d0af7e43fe49b0be6028b6812115533740c15707f5f9c49d01a41e7739765abbbd6edbc80c7f5eb370d43c847e809ce834ffe9c931899a7def72ed05de8ffb95022a898f2f6021bf32652951d1f0119eb9668f948ede709c0f598c0200300f0c9f1336a5a68b251a82ef41bea859e86569309e9851e9e23dd37e197d122ebedf8abb8efe326c2f703587ef620da0983e82844e3222ddbed0a393bd7472afcf9723aed8849f72551f4417c284354", 0xc9}, {&(0x7f0000000340)="0a7e830c4b2dfd", 0x7}], 0x2, 0x0, 0x1e}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000180)="00fb17513ea1cab479f8ed3fdf5eb705d1f4f2a381482e9f6689fa9a080993269cc415386163bb5767025d6c0da3c609961deb55f9baa0ea3d8d0d0996b70a89b056a3000b932d12a64f4ad874f782032a417867f661097d7da3aed94f434672534cbaf78ce12040cf8e928de9db4f3f785f7e22725c78cdb25030da66ff32570f24cac912410150770eee96deac237c17af2f1bced99729e961a9d53999eda90d5f22360a1ffed79c72747354b5f67fa402b41890fd680c6764d5f26b", 0xbd}], 0x1}}], 0x2, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='dctcp\x00', 0x6) [ 111.728320][T10061] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 111.736729][T10061] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 111.744683][T10061] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 111.752635][T10061] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 111.760590][T10061] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 111.768623][T10061] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 111.802134][T10083] EXT4-fs warning (device sda1): ext4_group_extend:1822: will only finish group (524288 blocks, 256 new) [ 111.823194][T10061] EXT4-fs (loop2): mounted filesystem without journal. Opts: nolazytime,,errors=continue. Quota mode: none. [ 111.824122][T10083] EXT4-fs warning (device sda1): ext4_group_extend:1827: can't read last block, resize aborted [ 111.969550][ T1040] loop0: p1 p2 p3 p4 [ 111.991621][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 111.997613][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 112.005465][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 112.013329][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:44 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000", 0x1c}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:44 executing program 4: syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r0, r1, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r2, 0x0}, 0x10001) syz_io_uring_submit(r0, r1, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x227d, &(0x7f0000000480)) 00:39:44 executing program 2 (fault-call:0 fault-nth:55): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:44 executing program 0: r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r0, 0x58c5d59eacbb39c3, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x44800}, 0x4000001) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2020}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x30, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_ENABLED={0x5, 0x1e, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0xc000}, 0x20000040) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_KEY(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x300, 0x70bd2d, 0x25dfdbff, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x20040011) sendmsg$NL80211_CMD_LEAVE_MESH(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, 0x0, 0x1, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4048090}, 0x4000) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001600)={&(0x7f00000004c0)={0x1124, 0x0, 0x8, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x800, 0x74}}}}, [@NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0xff}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x3}, @NL80211_ATTR_MGMT_SUBTYPE={0x5}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x1004, 0xac, "5f487e8010460b0c2a6ebb2a12e7c2d3e62cc1cc8c03689289d557b6d5607bd5d12b41a9a78b5ec51232eeb64b7270c312c0d0efcabbb0a8a418ebcc090e77c44d7bea55fff5444c025ee7de5af98960bb65ef330ba491b72cb383630ab835428edf7ab7034b8b7fa74d1673af163052734361ac23f829301c1b1660a13ae6c4d1411fb822452d7b125049c2f07a29a1903ae9546985437e3967554170475e78e530f729f80f8b537b4c4b0a364d8c9152cd2221663fbad947a39b9ecb753279a8035bebfbd86a5034106741df16051a89d12324a2ca4e3fb87a60162f56c6da2f0140bc17c00c4f57e0bf089126581e0661fc397316400496be8244cea7da398dd946e5c0da310abeab232d2ae2ebb5951d8d43590ec60956402be2b2d26073540992e15d13c5668cd339023dfa85d194588e4dd4d83250f5383c938acc6622574845d8a5322e089a460445d9de867b6a0b420cf647cccbd3fe2f379b0c591280feacd7a93ebe050fcffbb43ed5046f474b1012e52cb43658c4d4875b55e99d50a0c5cf2952e9e2866ed67d69bb1a5ba60bc9c2ccac13d1bb249e6e8dcf7b417fa282994496b6997ff6d979043052843a1cb4609cc08b3468f60de30c62e06368d5ad1b1a803d6b2005fe4cfe8940f31378cf1d6f00a4e6bcce16e8187d2b56e88749c18168010e2d4fff439fa6142e396da67ac5dca5ee98a8fae3b6d9956321bb024c48f811bce229498fd3c4aa188bda53588850845485e43f946f7a27e25e68151ac8d4af2a589bf219dbf31948c6a40a21565fc6ae0c768d967b7398c496bea5d1d65a1bbe32616b4b2ae0604eb3a959b3caa43369a6b1edef9547e2e5c4e88c53530254f73a8e29411f5de03f3f42cb38db12d047db6785d014baabd59b88f5b89d44f2c668467a20facc19fc5e2190908bdafb8dfb713bdf8be08068d79160c9b811f8162fa202f868162f37a76ed58d3dd64de24d0359e3313a72e164b5d4b8ab284032827e69bdfa3cb554a6ca81d01443b1598737659f87e44d11343330f1639d7bb63606910663411fbb90d1dbb246c5e73a758390708afd1ff95f30969f8a5130203ae3b23130436be73143dd688b02d1585f7dc81405053e531be7c64f31f2a0b864ec251eab7594b0b3818db8e5171468a5b8b22170a1cd4849066121e263ae1d8fcc7f1ebdd3919e2593f718e8175eb17db5a53af20419ee27fa8f198efcaff114cade18d281fc7702512ce562190caa386570dc1480d13549d124294ca0785c1b1569c2cb9a8b3f2e2ad6ca90cf95e8fea5da04ed60ef7044a3f935c2bae395d400b614bd115cea73199e571185dccb155eda9e05c228b03653457ecbfbdc5db148b798b836a9b92c74c7b9e5605e98f75706c513e3d905f46c99ab23fe2637c85db4ce5ba240f41cfef6fc9d766e36dbd4751ed5de839e5d126b2048fc5e66314efd95a0dd825a16149133601586991648c7bf9310a6d4bdde5ff7e9c96ef25d5ecac69d45f952cbeb05354fd5d85d877ad43e9cd6cb7c38fd430f20e62542b7a4fc51c884d007b5f08127fe875147c58ab036f85336b25a28df4010f9d341dbc64579ff9d1da5c97a52176a135034d6545f4e92f9645be0186cf4ba114465452a7f4ccf2dc897da53f27a88124f85d3a8ace435635f22fed3fbac24ac8dc8496af004e44eaea31a9d57c4daf5238a46c1ef4c5ca0f720d3006cf15a657c165a3ea0fafce60168f3018b20909c43b7c43718cc52630b4542222c65fed726c7df717700912cdf382684fc25861f8b22a8033d3fafdc0a17867dc7ae0d968d9dd9decdde3405162b0c33a0a9f696dfab698a322ecf13bee60feacd3d5ba04809178005c1fb48654d9e3eaf743b9a22f629c3fe51abeb572d85fcdd68d3ca8b0f6418813880bb925c4e13af89d408219ac54715864fe87e30384c900b792ea78b2a78bbe079633b67f537916a42e25233bea4da4b7f3ef0388c8fc983090bcbb520fc730ac326aa18dd6ed1510bce79e91df84cefee9d76129e3c74d4de372fde5252c669b8c70285b5f5ebe4c4835e0b7defa4e309fe3cd69da9b7e6c089e7385525d9c2cd5918fa7200e5cf0b660fb57cca1ab47acd1b4a39172ad7c109f95fcc2df9e366dea3396f18ecbd3493bf256db9766461809d24dc20b9bedf69b45f225f18fb510bc67e3124d4d934ea61a2fcb47cd2a05db54c7e52b16ca4d3f391f32122ea6479cdeb5bd7a4b29dba393f611e4518a5d54d59b938ead37261d1eb54de9259f3ebdf732b7cf87bdf410167e4d9365616045aef6fb933f886326e52e9c3ddb664d2429444c980f021ffc8bed3f1374ef12037f846552f7a34b1d4af92896a78907890bc2491c51958e1685330f53a0fe08fa2e215207df2383011308e1a491474bea42c032063735b2f7ef4680288bebcef7a5dad9435fcde97c439d1c368a48026a30551efc121f911bdbd8cb4746bbb31b4f912def4a0e04fcc55e0fb17eae24365f69e2b92b3e9108fcc0778122f47c500a10d6bc51169c25b098f5ebd5bb31023b7c133e494b403f4fb2011ac749b482c9a7e9e152f3eb101bbe19caf79b8a2c5a84e0a734209e88bb7c80ced744e70bf0f0d883ca289c38118b1d91ed745840d73ddb55d71f2fd837aee911d4235fe0365f0f32a06116cdfdb45b1b86b5b2d2f67230f622a8e66ded8dc1bf1adc922b9527e1107db906a09df3ed9b33297566dd637f5c96a1456a7fe7390db1663e8a616b801f999e3e4f1cd6cb12dbbcb72ecf1f6c4a952fa59cbd778a3a099fdf2eedc79932cdca203bba86d23e30222f75670953eff78de30cb83deac0ee8e2715f2f951b72ca2cc5c7deb9ffbe3892664a9167e330006f5939e94d2ceb058758560432130070ea19efe21fcee2caf74a4ab597f84f8994c7cdd9f83441c759efe6c1617819a51e9b3b4921fad379cdb4429e9a646d21964e667d86fb502946d4edfec078e2354c024757e5c2f05453f1a92e27f945703649e9efd2283e7f57e2a9e99397733cdba75ca6da078d6e4dfc7c348ac5cc5ef1720fdb90c28459c91179aebad47c07fd81f7d2f9ff065626970d142923c3a495caaa6afd84f25807e4af260e21c93ccce642fbdc05eacf02435bd192b17cd8dae54bd5a7a30844bf25625baa29bc308569abb59a5659046c3f8633a6f9834edc6ac28f9aa472d4235af09dc5c4b93329b3e05d0d49249f60732d83c05b34cbac9518f7d3f40f9fc835495fb1e5d66831808ac70397415fc32b85592495865ba0680d58e4a88d9fb971a7f849ccf52d2159019e9c61d9c2edfcf537b0229a13b6dc59c7fd95658fab82ad547d8f044d7062a346799de5326dacca8b2a522ccc45dbce4fd0f7f138195393b69aec0baf339152794d9083f18f7b9a6b1d782c273fcfa37db7867c29b67a97fad3a0f50b0ff22ef0773f3b3cfb8fbac7b82d1785f08839bfdee77454c6e5a61a9c66c54d6817e25c431c5b37dd15588ddc6b92bb395061308dfa4720cd05a94cc5bdb88d45b9c091865f0e6471ee8c856b0d544b96634288d08b03232725920545add414b8e64a01684ed7092a913027938f2fce8ad1b253eee85f88870689e685baf417af9d6284a901afda12b42640235b37d0c2fd57036aa4313e51b208feec5172285f5b117a7cc7abaf9610e13c374945d45eecdddf4bab49bb344d2c8b5223edc7d87dba13c7bccdf8f6f5131438ad9074a7a94cf17264a26d8ac3b0fd9e2ac316e535bdee1db3c2e98264082aafea75a077006b4bad8e57dde0763cfce4371d4ac37b18c4778b004addf918325e40c18b597670b4ebc7698211e88d7a409a63638737e01e81cf3bc7467014ce14e2d7fb965106b484819cb31a86feec244fa86d6396f63b381b68951d493a3312921ca9ff549550530ab8d875eb9c475ae81452cd8d353c87d6e22aba3539bb2808516ade635048855ba6dfeedab73e485ccbfcb5cccd8e58d8b761cbe2d81c970192cffdfb720927b1456f007510d16ae08bbc396eb2f259c4a99d7ed7e6aef76f9f4f9322eaab1fee9cce0a87aea601f07c6f873e4aea286f4aaa2e62d1ede686ee995cf0758d07d65c962d4054c5f90f16c1f432705089b4c36699101cd5922586637ef38da296ab527c5a295d52f7a41896f9789f08ac875144dad6aded1f7e4ad4261c43165add1babcc8a4e95c2628e31edfdbce951d1fad62edc74b8cd6c66a93f5687b1167307551ad927aebb20910a8de9ca534407722b2fb4f11c645077e83d0614aec1b4441f0fb4440dd3079d2c9b2e440c908f47b36730b35574726d05da074d1423fc2ba80f6150d622ed56b981c0bf9464e19284f4466793aadb17044d16fd5b88a0f88466742f9eda4f8ed788bd8cf9693615b75e8dfb7cdebe2c211f7cf6827e5ce8d1c210dd2b5ccc845835dd2353f9f6f8c75f3aae413531be06403a9139d288f8d1b0b84856a7db9e9e36bf751e8fb7b16f4a5480782031dfd9be4c35dbf5baf21419a10e0926054de6be8f6e096a425be98c3b66949b3c787683d758eab3f64285920661ff100c452251e02f0ad328d512a1e09f874352d736db3aee2f4df43f859adfd913e290834cdefc45a564d85c89ba2204d69931c0080af83478e29be553a26bb0d553829b3b6356ca8b39c1fe221827e7a24e9493f6a20be230d4f911599cf5aaf4efd8d5f53dbb25cee45ec37118242f64b8f9e9ed0b887543160094ad0bf3338ce352497a9b43523576f13515cea1a84130f7f88e2c1e0ee003210e8ba2fad45664f310f9af55b87e596086a206fbcb0534ad3662bb8625a9aea0d5e6a11779f79d002e74d30ec8e91189e9c3b489d5e0573aaa9b99a9c89cd0d427b2e45b25ea59aced1947713e8ea09e5771ecff500678c555e108a93b8df8061065703ae1688517ab00b4cec1815afda071e763f34786ffa5a212c76e37e130be0352f6a599965913cb684c8a77e4115bd895b6b46c3869f3023f6c9fdc50b755b6b31775fb7bb1c8ba81aa01e0ff33e0bf294f58cf549d56c157a66d2569556dcbad67bca905ddc681f45ff53401ced0403511ad77615681144bc46d3c42ebb4dd4b40d3eb854a0377d6d5dbba4b892cc361fc0f97dd5b3a8781aff213eabb1144ca12af7b49cd2494bc702a9e704bd575bb554f49c8d2f8eb00fc6adb7a8508960456d2eef38a67b8237b1b8a8b4124ca2d09ab24d2b5057b8ad06951890a0e5038e327b02fe612335926a231d3e68b853fe0d704a885cd0d953ef4bceb886f1a81c92aacd3fd1e8abe2cfc3584f1cd70a01e7c179a441eec3a4507930952ce50292fb99b23259ddc6188e5fdef939f0957d26fc6ca7532d2189e287f32d7267479a4bfda71864fb292ae75091eaca0e1f21aac1038f4274c91da94b4d741b873c58a4f69dc9abfa8a187b1404d3f670fab4deefffbdc13a1bbe28f422840536a1f0e249008e4a25f119069d2159f756e004f176c1c45530e700a4ebe5530dcce2f12d2621a78969edd4b3b2cd5e8dd2a6cb1b5fd10dcc4c7a09fa0ff9882a4726b664a3f219dc736a626cb4e3a3ef621ba34bb8be7dd78734098be318b20ee30bd60958f761c2fa1bfdc06e043bf20ddf1e02557a728743e516807a553e2712e7f14363cf8b97e7d624ebc4d1d712b76164dcf5f5a0a5fd911e3d5abd659d76f871a151918c9b8f1fb032f191df21683daff0f11d5cdc137852a25b6d2164584647dbdc872b78f7a43572cc81e89481274caab38a0c767575bcd3b6e102e11111cd48332"}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xc}, @NL80211_ATTR_STA_EXT_CAPABILITY={0xbd, 0xac, "d2d668813cd26f10bf93710b42b90650e684590fa87ced455a74538319e920d47a5cf9fbe6e2cbb06cba896a562986754b921de4ffd5b871eb4df136ef061e88e226007039ee444a70a48143b48b91295bbadad65db82695d3a2ce68c2da8318deab96a2b213fa13630d39ef1c41618e1f40d5eb544e481c520abab7e3502ccdf872eab1a3b150b2f0f09b5504ebefa05c6f25cbbd31ae7c0777f129582d84cf5dfe0ef1a47f79cc2a37d225072fcce83bc2e9c2c283552c6d"}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x8, 0x13, [{0x5}, {0x1b}, {0x6, 0x1}, {0x1}]}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x1}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x101}]}, 0x1124}, 0x1, 0x0, 0x0, 0x8080}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000016c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000001780)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001740)={&(0x7f0000001700)={0x1c, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4c0e0}, 0x60000040) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NET_DM_CMD_START(r5, &(0x7f0000001880)={&(0x7f00000017c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001840)={&(0x7f0000001800)={0x14, 0x0, 0x8, 0x70bd28, 0x25dfdbfd, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4050}, 0x40) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001900), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r6, &(0x7f00000019c0)={&(0x7f00000018c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001980)={&(0x7f0000001940)={0x34, r7, 0x120, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x34}, 0x1, 0x0, 0x0, 0x84}, 0x40000) r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001a40), r5) sendmsg$IEEE802154_LLSEC_LIST_DEV(r1, &(0x7f0000001b00)={&(0x7f0000001a00)={0x10, 0x0, 0x0, 0x20008}, 0xc, &(0x7f0000001ac0)={&(0x7f0000001a80)={0x14, r8, 0x400, 0x70bd2d, 0x25dfdbfc, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20044046}, 0x4000090) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000001b80)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r6, &(0x7f0000001c40)={&(0x7f0000001b40)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001c00)={&(0x7f0000001bc0)={0x1c, r7, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x4000) 00:39:44 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x74, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x10, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6}]}]}]}, 0x74}}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$TIPC_NL_NET_GET(r1, &(0x7f00000021c0)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000002180)={&(0x7f0000000f80)={0x11f8, 0x0, 0x800, 0x70bd29, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x4c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @l2={'ib', 0x3a, 'veth0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x3, @empty}}}}]}, @TIPC_NLA_SOCK={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x74628ddc}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80000001}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x74}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x200}]}, @TIPC_NLA_NODE={0x1058, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x1004, 0x3, "913d495f675348975d4d24881235b75a8fa328862bef69ea937fa1b8eec0252d0483fdaf5f1ec6f07e4edbb56ef4372b7d115d66121fd00e567a872e9c8c5346f3c2be6d447296208ffbc319e06bc9e093df5a061797591abb5156e559a1daa6b648ba30f23f50cc4437dccf61103f27aab84073de172157b79626b39412345cc7f7c3f5594ad72c6f0565581e239e58a6ecb818f2c05f0e7a584ed5b6f3bd003aff097004cd77907adabf7ca93f18ab8e55d287acfc085be7850ca655099c0cb3ad23f13bb22db058dc7a1032a1189eade5a7b5e0e89946e9d8ff678b48f91696fff6ac745d7f902f48e14d4c6b933d6d0161f58b350b810042fe8a1d412d18358635a3be0c13f2e146869634ad316a2d73ca551bbab52f377808e2a2fa9184dfd38ffa1f35936ce0033252576fdeab4e2467e63e3828c12d9bbfbd4bc7fb81a4cfde90ec7f5aeef2326109c78aeacdef9e563dfa53b63b7cd7a3c1c75bb0279a26d0a06f1a5f76e79324f0a64c8a6108db8a1eff6f082cf04c275739d9f1a69c1b847baf4cb50b5360a6b9be23ba25e0bb56236da244995a04ea2b3f109a24a344a46f49a51a153691e9b6268465f9589966a2b12e816b78fc5121cff7ac3ca6a1f038bd9f87f12990f5e51062a23b6763ffb37736e913d166127a98250bca5349b673454538598c161863cbc2b397c6a99742ef36d3e42089db3a69beae035fb62f1e65345c985b730ede618dbd60006c7a525afabd1f34d7103416943cd3d2af92d9d620c6f53b92134b5ca2c7f12cbd37a50fcdad9599e6c1affa30f272b0b91b4292e93212b9726f324285d708d02f53bf2fdf41478af7b675d4046d7c0b39febd9142eb1488a15fb6f77fb540cbc2adfb8fd805f2f5894b13b0cb7a8ee5058bea3dc55f877acb01954b70056eb8f981979b805a0c85db8e4345116aaee89f299b9603c3d4941d1eca9609f12d04fd4abc07a2bfd6668c774357012b1b4213c959e102fac6a355cbb3320f1f56f4e714ce4fdef63f8750438af744bf69332a5958fd4e62591837be309e377eb1b60c61a934a454b2b2dbebce5788c3ee96cf199b1066c64dbfdf05847982693d59323ddc1a6e90441e671963e7fe9a700e245db50587ab15fbafe743d62e32e9b9796473c16f66b0ce3bf99f9355b85df12269ac038e5ddcde7a330d1b8e6e607411aea6789e6b3254b8fd8c74709e0d8f05d311cc42d1238e118deb22066e9af0d58f19774772238c908402b0890395145abdcd302245e5f628dba3828f77c9b34debc92265878d223a894c5d47f2aa3d96896d17f66e4d3fe7e455ce2fdf5a4d3fdc23ef4d3f3fab38dee62547308b54d49ebad76619a6698a7d1d90e16333f6cd31c9c9ea2eea12caac048c23b5bb717962c31b05ea4aa02e0902aeb16aa025894ec6fb42e7bc5d0362fe41385b21f65b7bab4e4eb98b449b911253bc821c88fd71cbc992d13f491001d47c25be10de496afa7ba25fbad4144c29c6893902d40ed7d4ebee9b7c7b0e2a8069e1f986336fedaab9fac9f3c6e69ec46246ed7e07886558e2d6727d65b9b49dccca91ce16a33014dbd437c6a562965e1a31d09e7909572d0b896106fa9f46a37f5fd9414a82af653a3e3cadb5a0dbe0a4787b2f524b00cc9addb8deccb7d7d6d475022783ce907eb3547740ff926ccbd2354fc2d99156b94d583df944f65cb95a3baceb934bfd6d66da61c7e00beed665db87fb4d02cf2e93dc590f30b49d2de80a70483981b76f8f2971a8b61360f87591916db5f310fe44761170252e714e141860533f4f24e5cabe167cd97bcef90732665f1f4018824e0d252017bbdee9147ed7c52f525653cdc458759414c333e39c7cb3f7f318bad972e1e70a189e446e85f36c2c2d67d5224e48b4b3393fc8b7e793af929518224e0ead7bceb2b5f54d2535834e202376bfa923315d6b3e2d1f3607ea0153804a826b18562dbfc67d5cb5a2dfc2d6bf5cb5b79e5db6e2e21cd2b24992bbaef671d5a0ee0be8af3f6f365dd66c52bbf7035af7ba965900c5f26442d576383175081d1e87ccf8fc1fe13c7042dfc8ada322fb1f7bcb0ad2e17fbfc8d59cc0226475b4d8fdee58640d9f5f68709c560bcf0051d9c24f370b5820bd5fd42496254bd9d516b694e23f60be3f673bcf043f6128f4b2c350570a843f7ef373ad921b73143209fec2b4b862f44138bdba33befbefe967b48eaa94d96ecb77b2ce92611b1f3efcaf6a4041194f569958ee2c5ab733bfc3bc8215131a4df6d92519f67bf462170a0aa5b7163780011209890b0e4166710899f21660c409b1d041bd81c0ecec0891e86c425e3fbb53dd46e6346b4efbece225ec6a7ae88c0796b776ed9aabaa4b5033196ce0634bfecc387d01a959b06b9e93b4f28773a1b623dcddf4b814dad9cd751f4f0d9e91bcf511eb1a694650dd55e42d2e8f5b3a130c0ebbe91fdaafab5d25766b517660de980a201f70889eb3f186b28e3445b217da98c2e756d76add09b88e070ee12c96bf8657f326a3fe2d4d57b6274f0b32f48f2a15615af8ae8032ab0747b4c3df7b2ade06f89088d9ee94d0dfcda38ec7cfc9340bbc03ec8ecc4277e44348c2c1793cc0eb5049d0aa48afa4657ea03a8ee1e8060de13d58fba9d134e2b187612e66562c64681b60be212e86e421850f3fb3677228ca23918f749628b0adf54ad9878995710fd714bab161067d8105922357d0903dd94d25276ececa300509be5711fb02e4a4546fcef99305e753aba81a32917ccb121acba8be19196266a77dc1c6eba72afe182ed383fcffd38a8e3bbdc7c4e0123f9ab3c9bcf6ab12ecf50db7efb5ecd192a87c8f664abadc594d6d4913282bc5cf15e15d3fa2fc6e62cda37b0fed46ea7edf59326197a0118ecd01456f6b36bf89682fc11db51950b3463047a3366ff2c2047df3cdfcfeb6da283383a850c69f295c053db2eb832944db42ee3040658a168c033e688e92aef09b6980214d6156109c23a5c1ff4387a4de5f7af61db80a4c43654cad6d228bec35c7e022d903bf7fdc2f93c81ff03a9d837a51777022a5e7c5137af72824d34586641650395827d22bf752b660cb46bf9a55e9bcb0bebd989081e5eb2b50e0431f56b4303714f95f99b787d80339bcfd8a2caa2d3c1a87da53803cb0570b30c22bb02f9108a928ebea0537646c694231ca498f9b0eaa157e8e969face2e3168cd581144da62bd96b3e53c8e0996327bcbc996b154ba52d6e28c64dfbd257eff6d56f599febca3ba293ba3200d7b7f01f2d5fbe3b80575028d0b90c1702e247df0e804354b1f258129db32950f37269075089121cb271e60fb2fbb82f399e125d898d5ac8c8034ce0eef6e148201d9abdd1c7ff40a8a5547cb49b51f218b56bd7af10530920331a6544f1e67f5975693fb015420a01e0fb4f08b51d2899ffbede2b4b491aac7bdfa8d354dfbd6e0d671c0848dd531024a871a3d53f015bc549e7f92937d2c3bea0fbf08b2ab61f0e0167a54ebc0a5d9b7d14c057d8b55ee85b420dcadf119f64e5ab6be3f4d2d908b9250d0438b82679b800ffa4b6986aeaeb48c3eea15f2c4c8362a3b5046e7612e8204b2c9310508ad02edb0c4c5ce580b6d365d7ccfd9117b74739d084661535be96739735454616c853d1663d2fffaa427e5bea26821c9397ebdc997602c214ce3decc570f9408384008f2d19730bcfccb675999c3a477740fbf00f3a5a2ca801df00059c480fb3822c3a205878e831ac67bf17376a76672ebdab75b8060b6868b107f6b48a7812f51ee338bfe27d0f4f917333bd93d1a00a5854466809abc24399211a7b8a7f36926bab11bc6e4f1dfd038589692bb46635449448963f45e26a2846731f558ace0ae4603d3998d8abfa372f8570960d1c1b59435420f8a69985debc5e425033454baabfe5db1df6ac4e4089235571114d4be3f7515a1664b0a9859eadab511eeae414e489a130be56560776ff5dca2549ea69e562e44f95a27e41ff0f05081719f10bc77580db7245f8e947a2283dee6f01b35909cbaa9941dc0cc7ea86352d321125817c4558e5d9a1a3be011316251aeec353570db3d7328c8850e1aee7e074e668c23d0b0db11b9ed64f5aa488124a5615e66d203030d851d9c67d53b7c2c790fe77b78cbae8534776324b4a657cd12593d20c88b355e6179f1a864f6f04b7b0bc530d75a1a8bd1fcd277be2438ecb1780628c59dc8be9dacfca84c912d009e3e9dfe53baff4b0ba1a399a7d3f88a5334fd647bc920d41eaab4c72907276096c240f617cb9f76478b12a0678eecc13ee1fff9ea2492a5ec8578967766596b9bfeeb93753b6dcae97a2afd57f6e0fbfe5d49f0e3fc03ec0befb563309ba66a25dabc1bd184338f0e58b0bdf21a56dfdc45cefbc4759e42b6a05ee7f5b4eb7a76f00570fa23694848aa0fa6949b381b095b5db86eabc6acdf9ecd0521164a0f548c9cfa0b3f3348d05f15f1cde40ff98bc1f3846a420426fb2116d84a0eb9edb9e277c249d20da7257acc3ed00704b59b26d98edba4fcfb690343ca2448be901d2b4c0ec809483219d8d39b6c097e744b3a1cc8e67a149a99d20d3c4c3f2f710f851a1bb05420e375099e701ef407affc78e5e98ec47175c62c111ed24f6527dc3168795293aa25cd35edf0a0561128061c06b786a287b3bfe99cba591f7245e7e9a31bc0df26628614ee0f2922bcccbfe53375076989946d7de16ce2a0a3d1aa34512d9a7176b39f7ed81c7ca17d682fca1ffe1b6beddbdcfa2e94e2f55eab9a78342cad93e06326cf42943f16c9c038b6652b22607e73d0a284da6ba679d65c5793e7cb6a912c0d570ec2d1d36ad8b5e2d2cb4f04996b2cf05006524f659f1a48495b92216663b59f9b496c28e5aa08ff73148ce3662b77f1f964a222da25c7f33e9de46a028715a4f3550b86aa5d7c4260ccea057c60faaed6ee89ea10ccdac75dfd89b19bce780ec7a784cd63c4d26dfbec2eb361b5f1017173ab9b1080afe3f46eb52d49b5fd3940d5b53a1c77811962310497f20bafbede42f790a18c33db5cde01a13e69b092614aee91fc33bdfe1268b9998db41f82cd2aa056335afb5de3973ff6a4953611078930eb2af7069798ccf6cb45956e444601139402043a70c027c9bae23556ef9a9613cfc68d8d8a722e414049ccf89f55ba0a988265bf2449ea56802b67fe0b9fdcc14ca26823a65887e3df569d1bc2ba4f6e784d90b3620eb44f8283a7c3ddbe5220a92f31e4d9340dd130642d04048790fe47a36c9a0e606d37e62bbec577a88e0fda3de37115abad39ab06e225e2ba246b4595feda194c6c0c2d4e5cc010a0a4c289e39c8ede5bb83f8de896ef9ee711a63ebb2db75a3035be3c5a9720cd40417aa040bba77972d003b228b2c93103752e63ca2992cd182a3a4cda0bd4735a4a5c6614fcb640943358263bc83bbdcead8a0e030bb8d809c2ccda7cf2cdbdf2ec2ea7f63fc3d147625ba16c7ab1572fd9c8961307387f10fb6090f102cb4c44e66724cc1820312856ca417ea22ef3a9f3a59615ae7720a632fd77b2dfe1d69e8edcb755424af2994143e01498d5df68728d652e4c9c84c3e2f96a92e61bf3df36e0dbe06d5ac3501a102d5e5091e27291577f44b9aa2905e1a1c1938aec46a8c6b7c807dc130f3992dda65a0c514a52043489b09a3b050d7717dad7144924a58bf7c62e4be1acd48b6095886b4d2026f2e42828fdd4c839edd9a5e19e368ae8434a9be8b41d2a6ebd192457d2892a21e26454d618aee"}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xcbca}, @TIPC_NLA_NODE_KEY={0x44, 0x4, {'gcm(aes)\x00', 0x1c, "46d32ffc4044e1df4f3f4b3d70365536aedd2e579a4c428763e907df"}}]}, @TIPC_NLA_SOCK={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xff}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_CON={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_NODE={0x4c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3d, 0x4, {'gcm(aes)\x00', 0x15, "14ed5100250902e89d947f8754aa9dd68a96db86c2"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5c34a615}]}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}]}, @TIPC_NLA_NODE={0x7c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xc82}, @TIPC_NLA_NODE_ID={0x6a, 0x3, "e67e2d7036404043556e1bde061240de43d4c48fb72479c135a0dd718d60b1e3dc2f5a2be1bd69aedf872c27d97a69344d32d5a21a831cca238473e5a83410230f86f1111d0e15491c79b5fb85f962f7df37dd55b50145e07f9b1de1fcc8dabed9ad452be150"}]}]}, 0x11f8}, 0x1, 0x0, 0x0, 0x10}, 0x8040) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_ASSOCIATE(r4, &(0x7f0000000bc0)={&(0x7f0000000ac0), 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB='3\f\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) syz_genetlink_get_family_id$ipvs(&(0x7f0000000f00), r2) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000ec0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000e80)={&(0x7f0000000200)={0xc64, r3, 0x100, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0xa6, 0x73}}}}, [@NL80211_ATTR_TID_CONFIG={0xc3c, 0x11d, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xc2}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xf0}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8865}]}, {0x54, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x58}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x53}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0x414, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xfeff}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xb1}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x3d8, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x5c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x3b, 0x2, [{0x7, 0x5}, {0x4, 0x3}, {0x5, 0x1}, {0x2, 0x4}, {0x0, 0x4}, {0x2, 0x8}, {0x0, 0x2}, {0x5, 0x4}, {0x3, 0x6}, {0x4, 0x1}, {0x4}, {0x7, 0x2}, {0x5, 0x9}, {0x0, 0x8}, {0x2, 0xa}, {0x0, 0x3}, {0x4, 0x6}, {0x2, 0x14}, {0x5, 0x2}, {0x4, 0x5}, {0x4, 0x3}, {0x4, 0x1}, {0x3, 0x1}, {0x3, 0x9}, {0x2, 0xa}, {0x1, 0x4}, {0x5, 0x8}, {0x1, 0x9}, {0x5, 0xa}, {0x7, 0x2}, {0x2, 0x4}, {0x3, 0x5}, {0x6, 0x3}, {0x4, 0x8}, {0x5}, {0x7, 0x6}, {0x5, 0xa}, {0x1, 0x4}, {0x0, 0x4}, {0x4, 0x5}, {0x1, 0x6}, {0x1, 0x4}, {0x4, 0x6}, {0x7, 0x2}, {0x7, 0x1}, {0x2, 0x3}, {0x4}, {0x5, 0x7}, {0x7, 0x8}, {0x0, 0x9}, {0x6, 0x1}, {0x5, 0x7}, {0x4, 0x2}, {0x5, 0x9}, {0x7, 0x1}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x20, 0x1f, 0x3, 0x5b0a, 0xb, 0x401, 0x9, 0x83]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_2GHZ={0x20, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x8001, 0xffb9, 0x1000, 0x3, 0x9, 0x81, 0x1000]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_60GHZ={0x74, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x9, 0x3, 0x2, 0x1, 0x8, 0x6, 0xea5]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x23d5f369711c9252, 0xc, 0x6c, 0x12]}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x16, 0x49, 0x18, 0x1b, 0x48, 0x16, 0x9, 0x9, 0x1, 0x3, 0x0, 0x48, 0x6, 0x6c, 0x9, 0x2, 0x14, 0x48, 0x1, 0xc, 0x3f]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x30, 0x30, 0x2e, 0x9, 0x3, 0x6f]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfff9, 0xb569, 0x9bd, 0x0, 0x5c9, 0x1, 0x100, 0x1000]}}]}, @NL80211_BAND_5GHZ={0x10c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x9, 0x1, 0x3ff, 0x800, 0x80, 0x0, 0x35]}}, @NL80211_TXRATE_HT={0x34, 0x2, [{0x7, 0x2}, {0x1, 0x6}, {0x0, 0x9}, {0x2, 0x9}, {0x0, 0x6}, {0x1, 0x7}, {0x0, 0xa}, {0x1, 0xa}, {0x4}, {0x4, 0x4}, {0x0, 0x2}, {0x0, 0x9}, {0x4, 0x8}, {0x6, 0x7}, {0x6}, {0x3, 0x4}, {0x3, 0x5}, {0x4, 0x8}, {0x6, 0x5}, {0x3, 0x3}, {0x1, 0xa}, {0x4, 0x2}, {0x0, 0x3}, {0x1, 0x6}, {0x5, 0x7}, {}, {0x3, 0x1}, {0x0, 0x5}, {0x1, 0xa}, {0x2, 0x8}, {0x6, 0x5}, {0x5, 0x6}, {0x7, 0x4}, {0x1, 0x4}, {0x2, 0x9}, {0x0, 0x6}, {}, {0x4, 0x6}, {0x4, 0x3}, {0x7, 0x8}, {0x5, 0x5}, {0x5}, {0x0, 0x2}, {0x2, 0x3}, {0x4, 0x3}, {0x0, 0x5}, {0x0, 0x1}, {0x4, 0x6}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xff80, 0x7fff, 0x6, 0x1c64, 0xff, 0x0, 0x3, 0x6]}}, @NL80211_TXRATE_HT={0x34, 0x2, [{}, {0x7, 0x8}, {0x1, 0x8}, {0x5, 0xa}, {0x1, 0x9}, {0x2, 0x7}, {0x3}, {0x4, 0x4}, {0x4, 0x3}, {0x2, 0xa}, {0x7, 0x9}, {0x6}, {0x1, 0xa}, {0x2, 0xa}, {0x3, 0x9}, {0x6, 0x3}, {}, {0x2, 0x3}, {0x0, 0x3}, {0x1, 0x9}, {0x2, 0x1}, {0x4, 0x3}, {0x4, 0x4}, {0x3, 0x2}, {0x7, 0x1}, {0x5, 0x6}, {0x6, 0x8}, {0x4, 0x5}, {0x2, 0x3}, {0x1, 0x4}, {0x3, 0x1}, {0x7, 0x5}, {0x5, 0x3}, {0x2, 0x5}, {0x5, 0x5}, {}, {0x4}, {0x5, 0x2}, {0x4, 0x8}, {0x2, 0x1}, {0x7, 0xa}, {0x6, 0x4}, {0x1, 0x3}, {0x4, 0x9}, {0x0, 0x5}, {0x0, 0x5}, {0x6, 0x7}, {0x2, 0x1}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x101, 0x9, 0x7, 0x200, 0x7, 0xfbde, 0x8000, 0x9]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0x43, 0x2, [{0x6, 0xa}, {0x1, 0x2}, {0x0, 0x4}, {}, {0x1}, {0x1, 0x7}, {0x5, 0x4}, {0x0, 0x5}, {0x0, 0x9}, {0x3, 0x4}, {0x0, 0x3}, {0x3, 0x1}, {0x1, 0x4}, {0x7, 0x7}, {0x5, 0xa}, {0x7, 0x1}, {0x5, 0x1}, {0x0, 0x5}, {0x6, 0x3}, {0x6, 0x4}, {0x4, 0x8}, {0x6, 0x4}, {0x6, 0x2}, {}, {0x3, 0x9}, {0x1, 0x3}, {0x6, 0x8}, {0x5, 0x8}, {0x4, 0x8}, {0x6, 0x2}, {0x0, 0x9}, {0x0, 0x7}, {0x0, 0x4}, {0x1, 0x7}, {0x5, 0xa}, {0x1, 0x9}, {0x3, 0x8}, {0x3, 0x6}, {0x7, 0x2}, {0x4, 0x5}, {0x2, 0xa}, {0x0, 0xa}, {0x4, 0x8}, {0x1, 0x4}, {0x2, 0xa}, {0x1, 0x5}, {0x0, 0x1}, {}, {0x0, 0x7}, {0x6, 0x9}, {0x6}, {0x0, 0x1}, {0x7, 0x1}, {0x2, 0x6}, {0x2, 0x3}, {0x3, 0x7}, {0x7}, {0x5, 0x8}, {0x1}, {0x0, 0x1}, {0x6, 0x1}, {0x0, 0x7}, {0x4, 0x8}]}]}, @NL80211_BAND_6GHZ={0xc0, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x80, 0x2, 0xfffa, 0x7f, 0x5, 0x0, 0x3ff]}}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0x6, 0x0, 0x5, 0xb, 0x3, 0x48, 0x18, 0x30, 0x5]}, @NL80211_TXRATE_HT={0x1f, 0x2, [{0x3, 0x9}, {0x4, 0x6}, {0x1, 0x7}, {0x5, 0x5}, {0x1, 0x3}, {0x6, 0x2}, {0x4}, {0x6, 0x8}, {0x5, 0x8}, {0x2, 0xa}, {0x1, 0x7}, {0x6, 0x2}, {0x4, 0x9}, {0x1, 0x8}, {0x0, 0xa}, {0x5, 0x7}, {0x1, 0x9}, {0x2, 0x9}, {0x3, 0x6}, {0x5, 0x4}, {0x0, 0x8}, {0x2}, {0x6, 0x6}, {0x4, 0xa}, {0x6, 0xa}, {0x7, 0x3}, {0x3, 0xa}]}, @NL80211_TXRATE_HT={0x2d, 0x2, [{0x0, 0x4}, {0x4, 0x3}, {0x0, 0x7}, {0x4}, {0x0, 0x2}, {0x7, 0x2}, {0x4, 0x4}, {0x0, 0x3}, {0x1, 0x9}, {0x3, 0x9}, {0x7, 0x1}, {0x5, 0x4}, {0x3, 0x1}, {0x0, 0x2}, {0x4, 0x2}, {0x1, 0x8}, {0x2, 0x4}, {0x4, 0x5}, {0x5, 0x8}, {0x2, 0x1}, {0x1, 0x5}, {}, {0x3}, {0x6, 0x1}, {0x3, 0x8}, {0x5, 0xa}, {0x6, 0x2}, {0x4, 0x3}, {0x4}, {0x5, 0x7}, {0x0, 0x3}, {0x7, 0x4}, {0x6, 0x4}, {0x1, 0x4}, {0x0, 0x1}, {0x0, 0x8}, {0x5, 0x6}, {0x1, 0x1f}, {0x6, 0x3}, {0x2}, {0x1, 0x9}]}, @NL80211_TXRATE_HT={0x46, 0x2, [{0x0, 0x4}, {0x6, 0x4}, {0x1, 0xa}, {0x6, 0x7}, {0x7}, {0x4, 0x5}, {0x5, 0x3}, {0x6, 0x2}, {0x7, 0x6}, {0x0, 0xa}, {0x3, 0xa}, {0x2, 0x6}, {0x7, 0x6}, {0x4, 0x2}, {0x3, 0x8}, {0x7, 0x6}, {0x0, 0x9}, {0x0, 0x7}, {0x2, 0x3}, {0x7}, {0x1}, {0x0, 0x3}, {0x2, 0xa}, {0x0, 0x9}, {0x7}, {0x4, 0x6}, {0x6}, {0x5, 0xa}, {0x0, 0x5}, {0x2, 0x7}, {0x1, 0x3}, {0x7, 0x6}, {0x7, 0x9}, {0x6, 0x6}, {0x7, 0x3}, {0x3, 0x3}, {0x0, 0x9}, {0x1, 0x8}, {}, {0x2, 0xa}, {0x7, 0x3}, {0x1, 0xa}, {0x0, 0x3}, {0x3, 0x8}, {0x4}, {0x3, 0x6}, {0x2, 0x3}, {0x6, 0x5}, {0x6}, {0x4, 0x1}, {0x1, 0x3}, {0x7, 0x9}, {0x1, 0x2}, {0x4, 0x9}, {0x4, 0x2}, {0x7, 0x9}, {}, {0x7}, {0x0, 0x2}, {0x7, 0x8}, {0x5, 0x6}, {0x4, 0x5}, {0x7, 0x4}, {0x4, 0x4}, {0x4, 0x6}, {0x1, 0x5}]}]}, @NL80211_BAND_2GHZ={0x20, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x1, 0x0, 0xbdb, 0x8, 0x3, 0x800, 0x9]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_6GHZ={0xf8, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x23, 0x2, [{0x6, 0x2}, {0x6, 0x2}, {0x0, 0x7}, {0x5, 0x8}, {0x1, 0x7}, {0x2, 0x6}, {0x7, 0x4}, {0x7}, {0x5, 0x8}, {0x7, 0x9}, {0x0, 0x7}, {0x4, 0x5}, {0x6, 0xa}, {0x5, 0x9}, {0x5}, {0x0, 0x9}, {0x3}, {0x3, 0x8}, {0x0, 0x5}, {0x0, 0x2}, {0x1, 0x1}, {0x2, 0xa}, {0x7, 0xa}, {0x5, 0x2}, {0x0, 0x9}, {0x6}, {0x0, 0x6}, {0x6, 0x2}, {0x7, 0x6}, {0x0, 0x3}, {0x6, 0x9}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x4a, 0x2, [{0x5, 0xa}, {0x0, 0x8}, {0x7, 0x8}, {0x4}, {}, {0x2, 0x9}, {0x1, 0xa}, {0x5, 0x8}, {0x4, 0x15}, {0x1, 0x7}, {0x2, 0x8}, {0x5}, {0x4, 0x7}, {0x3, 0xa}, {0x0, 0x5}, {0x7, 0x8}, {0x3, 0x6}, {0x0, 0x9}, {0x7, 0x2}, {0x4, 0xa}, {0x7, 0x9}, {0x0, 0x5}, {0x0, 0x5}, {0x5, 0x7}, {0x5, 0x8}, {0x7, 0x6}, {0x7}, {0x3}, {0x5, 0x7}, {0x2, 0x4}, {0x1, 0x4}, {0x7, 0x5}, {0x3, 0x7}, {0x4, 0x6}, {0x3, 0x5}, {0x3, 0x4}, {0x1, 0x5}, {0x0, 0x9}, {0x3, 0x5}, {0x4, 0x4}, {0x6, 0x4}, {0x4, 0x3}, {0x3, 0xa}, {0x2, 0x1}, {0x2, 0x4}, {0x2, 0x8}, {0x1, 0x9}, {0x0, 0x3}, {0x0, 0x7}, {0x1, 0x5}, {0x7, 0x5}, {0x6, 0x5}, {0x6, 0xa}, {0x0, 0x3}, {0x1, 0x6}, {0x5, 0x9}, {0x2, 0x3}, {0x1, 0x1}, {0x0, 0x3}, {0x0, 0x8}, {0x7, 0x4}, {0x6, 0x4}, {0x1, 0xa}, {0x3, 0x8}, {0x0, 0x5}, {0x6, 0x7}, {0x1, 0x5}, {0x4, 0x7}, {0x3, 0x1}, {0x7, 0x6}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x1, 0x4, 0x8001, 0x5ec, 0xff, 0x0, 0xfff]}}, @NL80211_TXRATE_HT={0x3c, 0x2, [{0x6, 0x9}, {0x5, 0x5}, {0x1, 0x5}, {0x5, 0x9}, {0x6, 0x6}, {0x0, 0x6}, {0x5, 0x4}, {0x7, 0xc}, {0x6}, {0x5, 0x8}, {0x5, 0x9}, {0x4, 0x5}, {0x3, 0xa}, {0x4, 0x3}, {0x1, 0x2}, {0x3, 0x3}, {0x4, 0x1}, {0x1, 0xa}, {0x1, 0x5}, {0x2, 0x9}, {0x3, 0x2}, {0x0, 0x6}, {0x7, 0x2}, {0x7, 0x9}, {0x6, 0x1}, {0x0, 0x4}, {0x6, 0x4}, {}, {0x0, 0x2}, {0x1, 0x8}, {0x5, 0x4}, {0x1, 0x4}, {0x3, 0x7}, {0x3, 0x7}, {0x6, 0x4}, {0x7, 0x6}, {0x0, 0x7}, {0x7, 0x3}, {0x3, 0x8}, {0x6, 0x9}, {0x5, 0x9}, {0x0, 0x6}, {0x4, 0x4}, {0x3, 0x3}, {0x2, 0x8}, {0x6, 0x1}, {0x6, 0x9}, {0x5}, {0x6, 0x1}, {0x0, 0x9}, {0x1, 0x7}, {0x6, 0x2}, {0x5}, {0x4, 0x8}, {0x3, 0x3}, {0x2, 0x2}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x4, 0x12, 0x30, 0x60, 0x36, 0x1b, 0x60, 0xb, 0x12, 0x9, 0x1b, 0x269853f7fd3775c7, 0x9, 0x24, 0xc, 0x16, 0x6c, 0x9, 0x5, 0x24, 0x2, 0x18, 0x24, 0x12, 0x36, 0x60, 0xc, 0x1b, 0x4]}]}]}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x4c}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x5f}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}]}, {0x778, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xc0}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x57c, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x88, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0xfff, 0x1, 0x8000, 0x4, 0x9, 0x1, 0xffff]}}, @NL80211_TXRATE_HT={0x16, 0x2, [{0x6, 0xa}, {0x1}, {0x3, 0x2}, {0x3, 0x9}, {0x7, 0xa}, {0x1, 0x1}, {0x5, 0x6}, {0x0, 0x8}, {0x5, 0xa}, {0x0, 0x3}, {0x3, 0x3}, {0x0, 0x4}, {0x4, 0x6}, {0x0, 0xa}, {0x4, 0x2}, {0x7, 0x1}, {0x4, 0x6}, {0x6, 0x9}]}, @NL80211_TXRATE_HT={0x41, 0x2, [{0x0, 0x6}, {0x6, 0x5}, {0x3, 0x5}, {0x6, 0x4}, {0x3}, {0x0, 0x1}, {0x4, 0x1}, {0x6, 0xa}, {0x5, 0x4}, {0x1, 0x4}, {0x2, 0x2}, {}, {0x5, 0xa}, {0x4, 0x7}, {0x7}, {0x5, 0x8}, {0x2, 0xa}, {0x0, 0x2}, {0x3, 0x9}, {}, {0x0, 0x8}, {0x2, 0x7}, {0x5, 0xa}, {0x6, 0x6}, {0x4, 0x9}, {0x3, 0xa}, {0x0, 0x3}, {0x6, 0x7}, {0x2, 0x4}, {0x1, 0x1a}, {0x7, 0x2}, {0x4, 0x3}, {0x4, 0x1}, {0x6, 0x8}, {0x0, 0x8}, {0x5, 0x7}, {0x5, 0xf}, {0x1, 0x7}, {0x1, 0x3}, {0x3, 0x9}, {0x1, 0x7}, {0x4, 0x8}, {0x4, 0x3}, {0x6, 0x4}, {0x3, 0x2}, {0x0, 0x9}, {0x7}, {0x0, 0x4}, {0x0, 0x6}, {0x0, 0x6}, {0x0, 0x7}, {0x3, 0x8}, {0x1, 0x4}, {0x2}, {0x0, 0x4}, {0x3, 0x5}, {0x5}, {0x0, 0xa}, {0x3, 0x8}, {0x3, 0x8}, {}]}, @NL80211_TXRATE_HT={0x6, 0x2, [{0x4, 0x8}, {0x0, 0x3}]}, @NL80211_TXRATE_HT={0x9, 0x2, [{0x0, 0x2}, {0x0, 0x7}, {0x5, 0x2}, {0x7, 0x5}, {0x4, 0x1}]}]}, @NL80211_BAND_60GHZ={0x60, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x6, 0x1, 0x80, 0x6, 0x2, 0x9, 0x5]}}, @NL80211_TXRATE_HT={0x8, 0x2, [{0x1, 0x5}, {0x5, 0x2}, {0x4, 0xa}, {0x4, 0x4}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x3}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xcc00, 0x1da3, 0xfff, 0x7f, 0xae, 0x8, 0x1, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x5, 0x40, 0x1000, 0x400, 0x720, 0x9, 0x8000]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_2GHZ={0x130, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x5, 0x1, [0x16]}, @NL80211_TXRATE_HT={0x50, 0x2, [{0x5, 0x3}, {0x0, 0x4}, {0x4}, {0x5, 0x2}, {0x7, 0xa}, {0x0, 0x2}, {0x0, 0x7}, {0x4, 0x6}, {0x5, 0x8}, {0x2, 0x5}, {0x1, 0x7}, {0x3, 0x2}, {0x0, 0x2}, {0x0, 0x8}, {0x7, 0x9}, {0x0, 0x6}, {0x5, 0x7}, {0x0, 0x3}, {0x3, 0xa}, {0x7, 0xa}, {0x0, 0x8}, {0x7, 0xa}, {0x3, 0x5}, {0x1, 0x4}, {0x1, 0x7}, {0x6, 0x1}, {0x6, 0x3}, {0x6, 0x3}, {0x3, 0x3}, {0x1, 0x9}, {0x2, 0x7}, {0x1, 0x1}, {0x6, 0x7}, {0x7, 0x5}, {0x6, 0x7}, {0x1, 0x8}, {0x4, 0xa}, {0x2, 0x9}, {0x2, 0x4}, {0x7}, {0x5, 0x4}, {0x1, 0x3}, {0x7, 0x9}, {0x2, 0x2}, {0x3, 0x8}, {0x3, 0x7}, {0x5, 0x1}, {0x7, 0x5}, {0x4, 0x8}, {0x1, 0x1}, {0x6}, {0x4, 0x1}, {0x2, 0x1}, {0x0, 0x9}, {0x4, 0x3}, {}, {0x7, 0x7}, {0x5, 0x1}, {0x0, 0x7}, {0x6, 0x5}, {0x4, 0x4}, {0x6}, {0x3, 0x7}, {0x2, 0x7}, {0x4, 0x1}, {0x2}, {0x7, 0x7}, {0x5, 0x2}, {0x7, 0x1}, {0x4, 0x4}, {0x3, 0x9}, {0x0, 0x3}, {0x7, 0x2}, {0x6, 0x4}, {0x0, 0x1}, {0x3, 0x8}]}, @NL80211_TXRATE_HT={0x38, 0x2, [{0x3, 0x2}, {0x1}, {0x5, 0x2}, {0x0, 0xa}, {0x4, 0x7}, {0x1, 0x6}, {0x1, 0xa}, {0x2, 0x9}, {0x1, 0x6}, {0x7, 0xa}, {0x4, 0x2}, {0x0, 0xa}, {0x0, 0x4}, {0x0, 0x9}, {0x2, 0x9}, {0x0, 0x4}, {0x7, 0x4}, {0x1, 0x4}, {0x0, 0x4}, {0x5, 0x9}, {0x0, 0x2}, {0x7, 0x5}, {0x6, 0x4}, {0x1, 0x5}, {0x4, 0x1}, {0x1, 0x3}, {0x3, 0x4}, {0x7, 0x1}, {0x7}, {0x7, 0x1}, {0x7, 0x7}, {0x1, 0x1}, {0x0, 0xa}, {0x0, 0x9}, {0x0, 0x9}, {0x1}, {0x1}, {0x7, 0x5}, {0x6, 0x7}, {0x2, 0x2}, {0x5, 0x5}, {0x7, 0x8}, {0x3, 0x4}, {0x5, 0x4}, {0x5, 0x2}, {0x7, 0x7}, {0x7, 0x6}, {0x7, 0xa}, {0x2}, {0x0, 0x1}, {0x7, 0x9}, {0x7, 0x4}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1f, 0x8, 0x40, 0x6, 0xf000, 0x800, 0x7, 0x200]}}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x7, 0x6}, {}, {0x3}, {0x3, 0x5}, {0x5, 0x9}, {0x4, 0xa}, {0x5, 0x9}, {0x0, 0x2}, {0x2, 0x4}, {0x5, 0x9}, {0x1, 0x7}, {0x0, 0xa}, {0x0, 0x2}, {0x7, 0x1}, {0x6, 0x5}, {0x0, 0x9}, {0x5}, {0x2, 0x9}, {0x0, 0x8}, {0x6, 0x4}, {0x1, 0x4}, {0x5, 0x5}, {0x5, 0x3}, {0x7, 0xa}, {0x1, 0x6}, {0x5, 0xa}, {0x6}, {0x6, 0xa}, {}, {0x6, 0x5}, {0x3, 0x4}, {0x0, 0x3}, {0x4, 0x5}, {0x7, 0x4}, {0x5, 0x6}, {0x7, 0x4}, {0x2, 0x2}, {0x2}, {0x7, 0x8}, {0x6, 0x5}, {0x5, 0x8}, {0x1, 0xa}, {0x0, 0x4}, {0x1, 0x9}, {0x7, 0x5}, {0x2, 0xa}, {0x4, 0x6}, {0x6, 0x5}, {0x0, 0x8}, {0x5}, {0x4, 0x8}, {0x3, 0x4}, {0x0, 0x4}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x1b, 0xb, 0x3, 0x16, 0x12, 0x6c]}, @NL80211_TXRATE_HT={0x2d, 0x2, [{0x1}, {0x7, 0x3}, {0x6, 0x9}, {0x0, 0x6}, {0x2, 0x2}, {0x0, 0x2}, {0x1, 0x8}, {0x3, 0x2}, {0x0, 0x7}, {0x3, 0x2}, {0x2}, {0x6, 0x6}, {0x2, 0x3}, {0x1, 0x2}, {0x3, 0x4}, {0x0, 0x1}, {0x5, 0x3}, {0x5, 0x2}, {0x7, 0x4}, {0x5, 0x1}, {0x5, 0x2}, {0x0, 0x7}, {0x4, 0xa}, {0x7, 0x5}, {0x1, 0x7}, {0x1, 0x3}, {}, {0x6}, {0x3, 0x8}, {0x6, 0x5}, {0x0, 0x5}, {0x0, 0x1}, {0x1, 0x4}, {0x7, 0x2}, {0x6, 0x9}, {0x6, 0xa}, {0x6, 0x5}, {0x3}, {0x1, 0x8}, {0x3, 0x6}, {0x4, 0x3}]}]}, @NL80211_BAND_2GHZ={0x60, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x1e, 0x2, [{0x1, 0x9}, {0x1, 0x1}, {0x7}, {0x0, 0x2}, {0x4}, {0x2, 0x2}, {0x5, 0xa}, {0x3, 0x3}, {0x1, 0x2}, {0x0, 0x2}, {0x3, 0xa}, {}, {0x1}, {0x2, 0x8}, {0x2, 0x7}, {0x5, 0x5}, {0x5, 0x5}, {0x5, 0x7}, {0x0, 0x9}, {0x6, 0xa}, {0x1, 0x7}, {0x0, 0x4}, {0x6, 0x7}, {0x4, 0x6}, {0x7, 0x4}, {0x3, 0x8}]}, @NL80211_TXRATE_HT={0x3a, 0x2, [{0x0, 0x8}, {0x0, 0x1}, {0x4, 0xa}, {0x4, 0x1}, {0x3, 0x6}, {0x2, 0x6}, {0x1, 0x9}, {0x0, 0x5}, {0x3, 0x1}, {0x4, 0x6}, {0x7}, {0x6, 0x5}, {0x6, 0x9}, {0x4, 0x3}, {0x0, 0x9}, {0x4, 0x3}, {0x3, 0x8}, {0x2, 0x9}, {0x0, 0x8}, {0x4}, {0x6, 0xa}, {0x6, 0x3}, {0x5, 0x9}, {0x5}, {0x0, 0x6}, {0x3, 0x9}, {0x0, 0x7}, {0x1, 0x6}, {0x6}, {0x4}, {0x1, 0x2}, {0x1, 0x6}, {0x7}, {0x0, 0x4}, {0x1, 0x9}, {0x7, 0x8}, {0x2}, {0x3, 0x8}, {0x7, 0x4}, {0x4, 0x2}, {0x6, 0x6}, {0x2, 0x4}, {0x0, 0x2}, {0x0, 0x6}, {0x3, 0x6}, {0x1, 0xa}, {0x0, 0x3}, {}, {0x3, 0x8}, {0x6, 0x1}, {0x4, 0x3}, {0x7, 0x6}, {0x4, 0x1}, {}]}]}, @NL80211_BAND_60GHZ={0xb4, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x80, 0xffff, 0x8, 0x7, 0x22, 0x7fff, 0x4, 0x4]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x5, 0x40, 0x2, 0xfffd, 0x800, 0x5, 0x1ff]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x24, 0x2, [{0x0, 0x2}, {0x1, 0x8}, {0x3}, {0x4, 0x6}, {0x5, 0xa}, {0x5, 0x9}, {0x2, 0xa}, {0x4, 0x3}, {0x7, 0x2}, {0x0, 0x9}, {0x5, 0x7}, {0x4, 0x5}, {0x5, 0x1}, {0x3, 0x8}, {0x6, 0x4}, {}, {0x7, 0x3}, {0x2, 0x8}, {0x3, 0x1}, {0x7, 0x1}, {0x5, 0x3}, {0x6, 0x7}, {0x0, 0x6}, {0x3, 0xa}, {0x7}, {0x3, 0x4}, {0x0, 0xa}, {0x2, 0x3}, {0x0, 0x1}, {0x5, 0x2}, {0x2, 0x9}, {0x0, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x3, 0x0, 0x8, 0x2eb4, 0xd520, 0x2, 0x9fb]}}, @NL80211_TXRATE_LEGACY={0xe, 0x1, [0x1b, 0x16, 0x1b, 0x24, 0x3, 0x3, 0xc, 0x6c, 0x4, 0xb]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x140, 0x4, 0x1, 0x4, 0x33, 0xfffa, 0x0, 0x4]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3ff, 0x1f, 0x1, 0x0, 0x6f, 0x3, 0x6, 0x3]}}]}, @NL80211_BAND_5GHZ={0x3c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x81, 0x401, 0x3, 0x5, 0x0, 0x3, 0x1ff, 0x20]}}, @NL80211_TXRATE_LEGACY={0x10, 0x1, [0xb, 0xb, 0x5, 0x48, 0x24, 0x5, 0x3, 0x48, 0x34, 0x12, 0xc, 0x5]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7f, 0xc73, 0x3, 0x1f, 0x20, 0x80, 0x1, 0x4000]}}]}, @NL80211_BAND_5GHZ={0x84, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x43, 0x2, [{0x2, 0x8}, {}, {0x4, 0x7}, {0x0, 0x3}, {0x6, 0x3}, {0x1, 0xa}, {0x3, 0x1}, {0x4, 0x1}, {0x0, 0x2}, {0x4, 0x5}, {0x0, 0x8}, {0x7}, {0x5, 0x6}, {0x4, 0xa}, {0x0, 0x6}, {0x7, 0x3}, {0x4, 0x9}, {0x5, 0x3}, {0x0, 0x2}, {0x4, 0x9}, {0x0, 0x5}, {0x1, 0x3}, {0x3, 0x5}, {}, {0x1, 0x7}, {0x2, 0x2}, {0x1, 0x4}, {0x4, 0x9}, {0x4, 0xa}, {0x7, 0x2}, {0x5, 0x9}, {0x1, 0x9}, {0x3, 0x9}, {}, {0x1, 0x2}, {0x1, 0x3}, {0x0, 0x7}, {0x7, 0x1}, {0x5}, {0x6, 0xa}, {0x4, 0xf}, {0x1, 0x2}, {0x3, 0x9}, {0x4, 0x3}, {0x3, 0x9}, {0x0, 0x9}, {0x7, 0x9}, {0x4, 0x9}, {0x7, 0x9}, {0x1, 0x4}, {0x5}, {0x5, 0xa}, {0x5, 0x5}, {0x2}, {0x6, 0x6}, {0x0, 0x3}, {0x0, 0x9}, {0x2, 0x6}, {0x3, 0x6}, {0x6, 0x8}, {0x1, 0x9}, {0x1, 0x5}, {0x3}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x800, 0xb78, 0x1000, 0x9, 0x4, 0x7fff, 0x8000, 0x3]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x822d, 0xffff, 0x6, 0x7, 0x3, 0x72a, 0x4]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x4, 0xfff, 0x1ff, 0x77, 0x7, 0x7ff, 0x3ff]}}]}, @NL80211_BAND_5GHZ={0xac, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x24, 0x1, [0x60, 0x2, 0x1b, 0x48, 0x4, 0x4, 0x0, 0x18, 0x3, 0x1, 0x24, 0x12, 0x1b, 0x6, 0x1, 0x621301444b84e3e8, 0x1, 0x30, 0x24, 0x60, 0x6c, 0x9, 0xb, 0x6c, 0x12, 0x1b, 0x74, 0x24, 0x6c, 0x6c, 0x24, 0x3]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x7, 0x3f, 0x3, 0x401, 0x7ff, 0x1000, 0x3]}}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x60, 0x22, 0x16, 0x6c, 0x1, 0x13, 0x30, 0x6, 0x6c, 0x18, 0x6c, 0x3b, 0x6, 0x60, 0x18]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1d, 0x81, 0x976b, 0xdf59, 0x1f, 0x0, 0x0, 0x8001]}}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x0, 0x2}, {0x2, 0x2}, {0x2, 0x5}, {0x0, 0x7}, {0x7, 0x5}, {0x0, 0xa}, {0x3, 0x9}, {0x3, 0xa}, {0x2, 0x5}, {0x2, 0x8}, {0x0, 0x5}, {0x6, 0x3}, {0x4, 0x9}, {0x0, 0x8}, {0x1}, {0x3, 0x4}, {0x0, 0x9}, {0x6, 0x8}, {0x1, 0xa}, {0x7, 0x5}, {0x7, 0x5}, {0x3, 0xa}, {0x7, 0x5}, {0x7, 0x2}, {0x7, 0x6}, {0x2, 0x4}, {0x1, 0x5}, {0x5, 0x9}, {0x3, 0x9}, {0x5, 0x8}, {0x0, 0x4}, {0x5, 0x5}, {0x3, 0x5}, {0x1, 0x8}, {0x4, 0x3}, {0x0, 0x2}, {0x6, 0xa}, {0x4, 0x2}, {0x2, 0x4}, {0x4, 0xa}, {0x2, 0x9}, {0x1, 0x6}, {0x2, 0x8}, {0x4, 0x5}, {0x1, 0x4}, {0x3, 0xa}, {0x6, 0xa}, {0x7, 0x6}, {0x3, 0x1}, {0x7, 0x5}, {}, {0x5}, {0x1, 0x4}, {0x5, 0x3}, {0x1, 0x6}, {0x5, 0x7}, {0x0, 0x1}, {0x1, 0x8}, {0x2, 0x8}, {0x7, 0x2}, {0x0, 0x5}, {0x0, 0x8}, {0x1, 0x4}, {0x4, 0x3}]}, @NL80211_TXRATE_HT={0x4}]}, @NL80211_BAND_2GHZ={0xe0, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x11, 0x2, [{}, {0x0, 0x2}, {}, {0x4, 0x1}, {0x5, 0x2}, {0x2, 0x2}, {0x7, 0x5}, {0x2, 0x5}, {0x1, 0x2}, {0x7, 0x5}, {0x0, 0x3}, {0x4, 0x9}, {0x7, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0xfc00, 0x9, 0x41, 0x21a0, 0xfff7, 0x7ff, 0x1ff]}}, @NL80211_TXRATE_LEGACY={0x16, 0x1, [0x24, 0x12, 0x21, 0x1, 0x2, 0x1b, 0x9, 0x1, 0x60, 0x9, 0x36, 0x12, 0x30, 0xd, 0x9, 0x1b, 0x85944a49225f1b2a, 0x5]}, @NL80211_TXRATE_HT={0xe, 0x2, [{0x5, 0x6}, {0x3, 0x1}, {0x0, 0x7}, {0x5, 0xa}, {0x0, 0x2}, {0x1, 0xa}, {0x4, 0x5}, {0x6, 0x9}, {0x0, 0x9}, {0x2, 0x8}]}, @NL80211_TXRATE_LEGACY={0x9, 0x1, [0x4, 0x16, 0x5, 0x24, 0x16]}, @NL80211_TXRATE_LEGACY={0xe, 0x1, [0x7e, 0xc, 0x24, 0x6c, 0xb, 0x3, 0x48, 0x0, 0x3, 0x2]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x23, 0x1, [0x2, 0x24, 0x30, 0x3, 0x6c, 0x6c, 0x4, 0x24, 0x24, 0x6c, 0x48, 0x1b, 0x5, 0x3, 0x6, 0x0, 0xb, 0x24, 0x1b, 0x60, 0x4, 0x4, 0x1b, 0x6, 0x6c, 0x1, 0x1b, 0x5, 0x2, 0x60, 0x60]}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0xca6dad6af363aba7, 0x60, 0x1, 0x9, 0x36, 0x60, 0x60, 0xc, 0x5, 0x1b, 0xc, 0x4, 0x60, 0x18, 0x24, 0xb, 0x1, 0x1, 0x3, 0x9, 0x6, 0x36, 0x5e, 0x30, 0x3, 0x24, 0x3, 0x6c, 0x36]}, @NL80211_TXRATE_HT={0x1d, 0x2, [{0x2, 0x8}, {0x3, 0x2}, {0x5, 0xa}, {0x4, 0x6}, {0x0, 0x6}, {0x3, 0x6}, {0x7, 0x3}, {0x2, 0x9}, {0x6, 0x1}, {0x2, 0xa}, {0x2, 0x8}, {0x0, 0x6}, {0x2, 0x1}, {0x6, 0xa}, {0x3}, {0x2, 0x7}, {0x2, 0x8}, {0x3, 0x8}, {0x6, 0x6}, {0x1, 0x6}, {0x0, 0xa}, {0x7, 0x8}, {0x2, 0x7}, {0x2}, {0x3, 0x4}]}]}]}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xe3}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x30, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x2c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x18, 0x1, [0x48, 0x48, 0x2, 0x1b, 0x1b, 0x17, 0x2, 0x12, 0x5, 0x16, 0x9, 0x36, 0x3, 0x0, 0x3b, 0x6, 0x12, 0xc, 0x60, 0xc]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x1a8, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x44, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x23, 0x1, [0x5, 0x18, 0x24, 0x41, 0x36, 0x6c, 0x3, 0x0, 0xb, 0x5e, 0xc, 0x48, 0x60, 0x0, 0x1, 0x3, 0x1, 0x4, 0x24, 0x2, 0x5, 0x6c, 0x30, 0x90, 0x12, 0x16, 0x7c, 0x12, 0x6d, 0x1b, 0x9]}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x1b, 0x16, 0x2, 0x5, 0x6, 0x16, 0x60, 0x3, 0x30, 0x4, 0x2, 0x6, 0x24, 0x6c, 0xc, 0xc, 0x2, 0x30, 0x6, 0x60, 0x30]}]}, @NL80211_BAND_6GHZ={0x44, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xf045, 0x8, 0x40d, 0xe77, 0x1, 0x101, 0x7, 0x5]}}, @NL80211_TXRATE_HT={0x6, 0x2, [{0x3, 0x6}, {0x4, 0x6}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x400, 0x0, 0x8000, 0x8, 0x7, 0x80, 0x9]}}]}, @NL80211_BAND_60GHZ={0x8c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x6, 0x7, 0xfff9, 0x1945, 0x7, 0x1ff, 0xff]}}, @NL80211_TXRATE_HT={0x33, 0x2, [{0x3, 0x1}, {0x6, 0x9}, {0x6}, {0x3, 0x5}, {0x1, 0x9}, {0x6, 0x2}, {0x5, 0x7}, {0x3, 0x6}, {0x5, 0x2}, {0x4, 0x4}, {0x6, 0x2}, {0x6, 0x1}, {0x3, 0x5}, {0x2, 0xa}, {0x1, 0x2}, {0x4, 0x9}, {0x1, 0x3}, {0x3, 0xa}, {0x0, 0x8}, {0x3, 0x1}, {0x1, 0x3}, {0x7, 0x1}, {0x4, 0x3}, {0x3, 0x4}, {0x2, 0x2}, {0x2, 0x6}, {0x4, 0x1}, {0x3, 0x8}, {0x2, 0x9}, {0x2, 0x3}, {0x2, 0x7}, {0x2, 0xa}, {0x1, 0x4}, {0x1, 0x1}, {0x2, 0x2}, {0x3, 0x6}, {0x7}, {0x0, 0xa}, {0x0, 0x8}, {0x2, 0x4}, {0x0, 0x7}, {0x2, 0x5}, {0x3, 0x9}, {0x5, 0x9}, {0x4, 0x13}, {0x4, 0x4}, {0x3, 0x6}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x2, 0x2, 0x7ff, 0x5, 0x4, 0x6, 0xef6b]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x0, 0xfff9, 0x7f, 0x81, 0x2, 0xe2f]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0x60, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x10, 0x1, [0x1, 0x60, 0x24, 0x1, 0x30, 0x6c, 0x6, 0x24, 0x24, 0x16, 0x3, 0x5]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x4, 0x3, 0x81, 0x81, 0x1, 0x80, 0x6]}}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x36, 0x2, 0x4, 0x36, 0xc, 0xc, 0x6c, 0x6c, 0x71, 0x26, 0x1, 0x5, 0x48, 0x6c, 0x18, 0x1, 0x6, 0x18, 0x6, 0x2, 0x18, 0x12, 0x5, 0x3, 0x16, 0x16, 0x6c, 0x2, 0x24]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x9, 0x9, 0x81, 0x8, 0x1000, 0x4, 0x6]}}]}, @NL80211_BAND_6GHZ={0x24, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x6, 0x1, [0x22, 0x5]}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x24, 0x24, 0x2, 0x2]}, @NL80211_TXRATE_LEGACY={0xe, 0x1, [0x1, 0xc, 0x9, 0x8, 0xb, 0x48, 0xb, 0xb, 0x24, 0x24]}]}, @NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}]}, {0x4}]}]}, 0xc64}, 0x1, 0x0, 0x0, 0x10}, 0x4004040) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r6, r2, 0x0, 0x100000300) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 00:39:45 executing program 4: syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r0, r1, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r2, 0x0}, 0x10001) syz_io_uring_submit(r0, r1, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x227d, &(0x7f0000000480)) [ 112.449591][T10119] loop2: detected capacity change from 0 to 512 [ 112.469792][T10128] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 112.474598][T10129] loop1: detected capacity change from 0 to 264192 [ 112.491709][T10128] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 112.496432][T10119] FAULT_INJECTION: forcing a failure. [ 112.496432][T10119] name failslab, interval 1, probability 0, space 0, times 0 [ 112.513847][T10119] CPU: 1 PID: 10119 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 112.522611][T10119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.523746][T10128] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 112.532680][T10119] Call Trace: [ 112.532689][T10119] dump_stack_lvl+0xb7/0x103 [ 112.532711][T10119] dump_stack+0x11/0x1a [ 112.553950][T10119] should_fail+0x23c/0x250 [ 112.558372][T10119] ? getname_flags+0x84/0x3d0 [ 112.560984][T10128] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 112.563063][T10119] __should_failslab+0x81/0x90 [ 112.563083][T10119] should_failslab+0x5/0x20 [ 112.581838][T10119] kmem_cache_alloc+0x46/0x2e0 [ 112.586635][T10119] ? should_fail+0xd6/0x250 [ 112.591146][T10119] getname_flags+0x84/0x3d0 [ 112.595683][T10119] ? should_fail+0xd6/0x250 [ 112.600243][T10119] user_path_at_empty+0x28/0x50 [ 112.605099][T10119] __se_sys_mount+0x209/0x2e0 [ 112.609769][T10119] ? mntput+0x45/0x70 [ 112.613748][T10119] __x64_sys_mount+0x63/0x70 [ 112.618344][T10119] do_syscall_64+0x3d/0x90 [ 112.622834][T10119] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 112.628745][T10119] RIP: 0033:0x467b0a 00:39:45 executing program 4: r0 = syz_open_dev$sg(0x0, 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:45 executing program 4: r0 = syz_open_dev$sg(0x0, 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:45 executing program 4: r0 = syz_open_dev$sg(0x0, 0x0, 0x5) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:45 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x81) sendto$inet6(r0, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) syz_io_uring_setup(0x187, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r7 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r7, 0x0}, 0x10001) sendto$inet6(0xffffffffffffffff, &(0x7f0000001280)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a54cb7826db184a284c7a02ce539104970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5750700fe05f33e5f91045540836c95d6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d000000000000000000000958392ac1cfc29deb12b60a13c2b82350f9e4036aeb9499b467dfd65a3a6ae72eaf95fdc9e876c77b969ac6f2dcfecd8df1768ef598d3233caf04000000000000005a8e07f387e0e5438029d0f3bedc5fc7a43d40f06f9b8b893f65b297f87fff7db30f0b09d22ba55e32e2178fc042a11ec0be8909b247d403123c334a266048cecb1f66c97d52028da409b72b7c2a7e2380e8fc905289f78cc787f055e89b7d40fa2ae5ff7f071d2c77ee67191a814a96ac756b99e62e726871148e69a905770c76c907aedcf5f9054f2dfb568bed6327f36ec3c63e6d19b1cbb298d031f557fba3f85dabd36a2d31360bcf5c4971f6b7f0792f7fff1c922510dc41540b3334656507b270d5d53ee4459412a5f78cb2d852c6ee24b4666f667f58d89ea4b95bf581e55c55625cdd529cbf062e252ae940d868fa775db344", 0xfffffffffffffeb1, 0x800, 0x0, 0x0) r8 = socket$netlink(0x10, 0x3, 0x2) r9 = fork() sendmsg$netlink(r8, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r9, 0xee01, 0xee00}}}], 0x20}, 0x0) fcntl$setownex(r8, 0xf, &(0x7f0000001240)={0x1, 0xffffffffffffffff}) shutdown(r0, 0x1) r10 = accept4$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @local}, &(0x7f00000001c0)=0x1c, 0x91ba207da7d58bb) recvfrom$inet6(r10, &(0x7f0000000200)=""/4096, 0x1000, 0x20, &(0x7f0000001200)={0xa, 0x4e20, 0xfffffff7, @mcast1, 0xf9}, 0x1c) 00:39:45 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 112.632630][T10119] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 112.652239][T10119] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 112.660657][T10119] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 112.668628][T10119] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 112.676597][T10119] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 112.684572][T10119] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 112.692541][T10119] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 112.732389][ T25] kauditd_printk_skb: 57 callbacks suppressed [ 112.732400][ T25] audit: type=1400 audit(1628469585.293:161): avc: denied { ingress } for pid=10151 comm="syz-executor.5" saddr=::1 src=2 daddr=::1 dest=2 netif=lo scontext=system_u:object_r:semanage_trans_lock_t:s0 tcontext=system_u:object_r:netif_t:s0 tclass=netif permissive=1 00:39:45 executing program 3: set_mempolicy(0x2, &(0x7f0000000000)=0x100000001, 0x3) r0 = socket$inet6(0xa, 0x80003, 0xff) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f00000000c0)={'syzkaller1\x00', {0x2, 0x0, @private}}) ioctl$sock_inet6_udp_SIOCOUTQ(r4, 0x5411, &(0x7f0000000040)) setsockopt$inet6_MCAST_LEAVE_GROUP(r0, 0x29, 0x2d, &(0x7f0000000140)={0xb0, {{0xa, 0x4e20, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}, 0x400}}}, 0x88) setsockopt$inet6_int(r0, 0x29, 0x16, &(0x7f0000fcb000), 0x4) [ 112.834407][ T25] audit: type=1400 audit(1628469585.293:162): avc: denied { recvfrom } for pid=10151 comm="syz-executor.5" saddr=::1 src=2 daddr=::1 dest=2 netif=lo scontext=system_u:object_r:semanage_trans_lock_t:s0 tcontext=system_u:object_r:node_t:s0 tclass=node permissive=1 [ 112.921287][ T25] audit: type=1400 audit(1628469585.293:163): avc: denied { recv } for pid=10151 comm="syz-executor.5" saddr=::1 src=2 daddr=::1 dest=2 netif=lo scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:semanage_trans_lock_t:s0 tclass=peer permissive=1 [ 112.941572][ T1040] loop0: p1 p2 p3 p4 [ 112.953400][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 112.959441][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 112.985840][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 113.001827][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:45 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000", 0x1c}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:45 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x81) sendto$inet6(r0, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) syz_io_uring_setup(0x187, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r7 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r7, 0x0}, 0x10001) sendto$inet6(0xffffffffffffffff, &(0x7f0000001280)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a54cb7826db184a284c7a02ce539104970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5750700fe05f33e5f91045540836c95d6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d000000000000000000000958392ac1cfc29deb12b60a13c2b82350f9e4036aeb9499b467dfd65a3a6ae72eaf95fdc9e876c77b969ac6f2dcfecd8df1768ef598d3233caf04000000000000005a8e07f387e0e5438029d0f3bedc5fc7a43d40f06f9b8b893f65b297f87fff7db30f0b09d22ba55e32e2178fc042a11ec0be8909b247d403123c334a266048cecb1f66c97d52028da409b72b7c2a7e2380e8fc905289f78cc787f055e89b7d40fa2ae5ff7f071d2c77ee67191a814a96ac756b99e62e726871148e69a905770c76c907aedcf5f9054f2dfb568bed6327f36ec3c63e6d19b1cbb298d031f557fba3f85dabd36a2d31360bcf5c4971f6b7f0792f7fff1c922510dc41540b3334656507b270d5d53ee4459412a5f78cb2d852c6ee24b4666f667f58d89ea4b95bf581e55c55625cdd529cbf062e252ae940d868fa775db344", 0xfffffffffffffeb1, 0x800, 0x0, 0x0) r8 = socket$netlink(0x10, 0x3, 0x2) r9 = fork() sendmsg$netlink(r8, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r9, 0xee01, 0xee00}}}], 0x20}, 0x0) fcntl$setownex(r8, 0xf, &(0x7f0000001240)={0x1, 0xffffffffffffffff}) shutdown(r0, 0x1) r10 = accept4$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @local}, &(0x7f00000001c0)=0x1c, 0x91ba207da7d58bb) recvfrom$inet6(r10, &(0x7f0000000200)=""/4096, 0x1000, 0x20, &(0x7f0000001200)={0xa, 0x4e20, 0xfffffff7, @mcast1, 0xf9}, 0x1c) 00:39:45 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:45 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x72d78dd094c7db66, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x43, 0xd9f, 0x0) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x18a, &(0x7f0000000300)="8d31e1d55b6939000000e28c0b1dd2a357b264c8745b78376e18cd3d3dfcb946cf885a21539a0c4a081ceeb24a1d9273bc98f78631776333afd16d66c13830c1beaa1b950e000000000000ab69347b9a915308c482353c485f8bb2965cd7e1292aaa6375f12e59f92cba4a37c9686d403d3a82d09ecbe57d3c3ec2117496b2dd4837334f2de9a39640516defd1e86cdf7a3585dea46ced4a31aaeddba0fa19737336aa9a0edba44df0b8138ed7f91262b41da05a13cd0bdb0d9ababc3074e95d7298a63d1be6978b3cb28d1eafc9615c7a9fb113bd94e0825e7850f5d86a23757ac244d58d632599ea5929fe74774d989ea9d90e9ee65d489860e678532bfa9deb3078094f165f2800b2e237639a4c2ef5fb36f7763e95066727bc95a9beeb326008c56b13fd52f09b7b160f994b94db76b612886c59c05415f209f4e28505e32865e8c4b67e0bb7c1453270778ae4398ddc291693e42a0a01e9606b371d288e505b186453333af8a0aa956c941503b2369ba00aacd293196af32450b1a13b860d5cf2301d4b9de2ec15"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) wait4(0x0, 0x0, 0x0, 0x0) r2 = gettid() wait4(0x0, 0x0, 0x0, 0x0) tkill(r2, 0x34) 00:39:45 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x2) r1 = fork() sendmsg$netlink(r0, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xee01, 0xee00}}}], 0x20}, 0x0) syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0x9, 0xaaaa8de, &(0x7f0000000280)=[{&(0x7f0000000200)="040005090000000066617400040409000200027400f801", 0x17, 0x2}], 0x0, &(0x7f0000000240)=ANY=[@ANYRESHEX=r0]) chdir(&(0x7f0000000000)='./file1\x00') r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r2, 0x4, 0x4100) ftruncate(r2, 0x800) lseek(r2, 0x1200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x8400fffffffa) r4 = open(&(0x7f0000000080)='./bus\x00', 0x14103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r4, 0x0) accept$inet(r3, &(0x7f0000000100)={0x2, 0x0, @dev}, &(0x7f00000001c0)=0x10) r5 = socket$nl_route(0x10, 0x3, 0x0) read(r5, &(0x7f0000000180)=""/6, 0x6) 00:39:45 executing program 2 (fault-call:0 fault-nth:56): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 113.324584][T10207] loop2: detected capacity change from 0 to 512 [ 113.343032][T10207] FAULT_INJECTION: forcing a failure. [ 113.343032][T10207] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 113.347178][T10219] loop1: detected capacity change from 0 to 264192 [ 113.356139][T10207] CPU: 1 PID: 10207 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 00:39:45 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x81) sendto$inet6(r0, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) syz_io_uring_setup(0x187, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r7 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r7, 0x0}, 0x10001) sendto$inet6(0xffffffffffffffff, &(0x7f0000001280)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a54cb7826db184a284c7a02ce539104970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5750700fe05f33e5f91045540836c95d6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d000000000000000000000958392ac1cfc29deb12b60a13c2b82350f9e4036aeb9499b467dfd65a3a6ae72eaf95fdc9e876c77b969ac6f2dcfecd8df1768ef598d3233caf04000000000000005a8e07f387e0e5438029d0f3bedc5fc7a43d40f06f9b8b893f65b297f87fff7db30f0b09d22ba55e32e2178fc042a11ec0be8909b247d403123c334a266048cecb1f66c97d52028da409b72b7c2a7e2380e8fc905289f78cc787f055e89b7d40fa2ae5ff7f071d2c77ee67191a814a96ac756b99e62e726871148e69a905770c76c907aedcf5f9054f2dfb568bed6327f36ec3c63e6d19b1cbb298d031f557fba3f85dabd36a2d31360bcf5c4971f6b7f0792f7fff1c922510dc41540b3334656507b270d5d53ee4459412a5f78cb2d852c6ee24b4666f667f58d89ea4b95bf581e55c55625cdd529cbf062e252ae940d868fa775db344", 0xfffffffffffffeb1, 0x800, 0x0, 0x0) r8 = socket$netlink(0x10, 0x3, 0x2) r9 = fork() sendmsg$netlink(r8, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r9, 0xee01, 0xee00}}}], 0x20}, 0x0) fcntl$setownex(r8, 0xf, &(0x7f0000001240)={0x1, 0xffffffffffffffff}) shutdown(r0, 0x1) r10 = accept4$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @local}, &(0x7f00000001c0)=0x1c, 0x91ba207da7d58bb) recvfrom$inet6(r10, &(0x7f0000000200)=""/4096, 0x1000, 0x20, &(0x7f0000001200)={0xa, 0x4e20, 0xfffffff7, @mcast1, 0xf9}, 0x1c) 00:39:45 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 113.371459][T10207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 113.371470][T10207] Call Trace: [ 113.371477][T10207] dump_stack_lvl+0xb7/0x103 [ 113.371498][T10207] dump_stack+0x11/0x1a [ 113.371515][T10207] should_fail+0x23c/0x250 [ 113.371538][T10207] should_fail_usercopy+0x16/0x20 [ 113.371559][T10207] strncpy_from_user+0x21/0x250 [ 113.407909][T10207] getname_flags+0xb8/0x3d0 [ 113.412506][T10207] ? should_fail+0xd6/0x250 [ 113.417119][T10207] user_path_at_empty+0x28/0x50 [ 113.422058][T10207] __se_sys_mount+0x209/0x2e0 [ 113.426829][T10207] ? mntput+0x45/0x70 [ 113.430817][T10207] __x64_sys_mount+0x63/0x70 [ 113.435418][T10207] do_syscall_64+0x3d/0x90 [ 113.439842][T10207] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 113.445878][T10207] RIP: 0033:0x467b0a [ 113.446899][T10219] FAT-fs (loop1): bogus number of FAT sectors [ 113.449777][T10207] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 113.449795][T10207] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 113.449814][T10207] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 113.455962][T10219] FAT-fs (loop1): Can't find a valid FAT filesystem [ 113.475442][T10207] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 113.475457][T10207] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 113.475467][T10207] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 00:39:46 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 113.475478][T10207] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 00:39:46 executing program 3: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(r0, 0x0, 0x8000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000002c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x2f, &(0x7f0000000300)="f43970da7cfeb6d42fd54103666c5762306aa60696c2a76e59b65fa78fb184da006cabbd4ef89083bfc0c54f4a36f7"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 00:39:46 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x81) sendto$inet6(r0, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) syz_io_uring_setup(0x187, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r7 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r7, 0x0}, 0x10001) sendto$inet6(0xffffffffffffffff, &(0x7f0000001280)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a54cb7826db184a284c7a02ce539104970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5750700fe05f33e5f91045540836c95d6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d000000000000000000000958392ac1cfc29deb12b60a13c2b82350f9e4036aeb9499b467dfd65a3a6ae72eaf95fdc9e876c77b969ac6f2dcfecd8df1768ef598d3233caf04000000000000005a8e07f387e0e5438029d0f3bedc5fc7a43d40f06f9b8b893f65b297f87fff7db30f0b09d22ba55e32e2178fc042a11ec0be8909b247d403123c334a266048cecb1f66c97d52028da409b72b7c2a7e2380e8fc905289f78cc787f055e89b7d40fa2ae5ff7f071d2c77ee67191a814a96ac756b99e62e726871148e69a905770c76c907aedcf5f9054f2dfb568bed6327f36ec3c63e6d19b1cbb298d031f557fba3f85dabd36a2d31360bcf5c4971f6b7f0792f7fff1c922510dc41540b3334656507b270d5d53ee4459412a5f78cb2d852c6ee24b4666f667f58d89ea4b95bf581e55c55625cdd529cbf062e252ae940d868fa775db344", 0xfffffffffffffeb1, 0x800, 0x0, 0x0) r8 = socket$netlink(0x10, 0x3, 0x2) r9 = fork() sendmsg$netlink(r8, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r9, 0xee01, 0xee00}}}], 0x20}, 0x0) fcntl$setownex(r8, 0xf, &(0x7f0000001240)={0x1, 0xffffffffffffffff}) shutdown(r0, 0x1) r10 = accept4$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @local}, &(0x7f00000001c0)=0x1c, 0x91ba207da7d58bb) recvfrom$inet6(r10, &(0x7f0000000200)=""/4096, 0x1000, 0x20, &(0x7f0000001200)={0xa, 0x4e20, 0xfffffff7, @mcast1, 0xf9}, 0x1c) 00:39:46 executing program 3: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0), 0x1, 0x10280) sendmsg$ETHTOOL_MSG_FEATURES_GET(r0, 0xfffffffffffffffd, 0x48008) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000040)={&(0x7f0000000140)={0x54, 0x0, 0x800, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x3c}}}}, [@NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}, @NL80211_ATTR_REASON_CODE={0x6}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x20044040}, 0x4004) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102374, 0x18fe6}], 0x3, 0x0, 0x0, 0x0) tkill(r1, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) r2 = gettid() tkill(r2, 0x40) 00:39:46 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f80000200040000000000000", 0x21}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:46 executing program 2 (fault-call:0 fault-nth:57): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:46 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:46 executing program 3: r0 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)='devices.deny\x00', 0x2, 0x0) ioctl$BTRFS_IOC_GET_FEATURES(r0, 0x80189439, &(0x7f0000000080)) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000140)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14) sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x64, r2, 0x1, 0x0, 0x25dfdbfb, {}, [@ETHTOOL_A_FEATURES_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x10}, 0x200000a0) sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000380)={0x34, r2, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @ETHTOOL_A_FEATURES_WANTED={0x14, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x5, '\x00'}]}]}]}]}, 0x34}}, 0x0) [ 114.223025][T10275] loop2: detected capacity change from 0 to 512 [ 114.238004][T10275] FAULT_INJECTION: forcing a failure. [ 114.238004][T10275] name failslab, interval 1, probability 0, space 0, times 0 [ 114.246117][T10280] loop1: detected capacity change from 0 to 264192 [ 114.250664][T10275] CPU: 1 PID: 10275 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 114.265881][T10275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 114.275930][T10275] Call Trace: [ 114.279196][T10275] dump_stack_lvl+0xb7/0x103 [ 114.283831][T10275] dump_stack+0x11/0x1a [ 114.287967][T10275] should_fail+0x23c/0x250 [ 114.292505][T10275] __should_failslab+0x81/0x90 [ 114.297250][T10275] ? alloc_fs_context+0x46/0x500 [ 114.302174][T10275] should_failslab+0x5/0x20 [ 114.306663][T10275] kmem_cache_alloc_trace+0x49/0x310 [ 114.312037][T10275] alloc_fs_context+0x46/0x500 [ 114.316788][T10275] ? strncmp+0x34/0x70 [ 114.320922][T10275] fs_context_for_mount+0x1d/0x20 [ 114.325931][T10275] path_mount+0xdf5/0x1ce0 [ 114.330520][T10275] __se_sys_mount+0x23d/0x2e0 [ 114.335194][T10275] ? mntput+0x45/0x70 [ 114.339165][T10275] __x64_sys_mount+0x63/0x70 [ 114.343741][T10275] do_syscall_64+0x3d/0x90 [ 114.348203][T10275] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 114.354112][T10275] RIP: 0033:0x467b0a [ 114.358002][T10275] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 114.377789][T10275] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 114.386189][T10275] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 114.394221][T10275] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 114.402179][T10275] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 114.410172][T10275] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 00:39:46 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x2) r2 = fork() preadv(r1, &(0x7f0000000780)=[{&(0x7f0000000680)=""/222, 0xde}], 0x1, 0x9, 0x10000) sendmsg$netlink(r1, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01, 0xee00}}}], 0x20}, 0x0) preadv(r1, &(0x7f0000000600)=[{&(0x7f0000000140)=""/252, 0xfc}, {&(0x7f0000000040)=""/125, 0x7d}, {&(0x7f0000000240)=""/80, 0x50}, {&(0x7f00000002c0)=""/69, 0x45}, {&(0x7f0000000340)=""/248, 0xf8}, {&(0x7f0000000440)=""/56, 0x38}, {&(0x7f0000000480)=""/166, 0xa6}, {&(0x7f0000000540)=""/178, 0xb2}], 0x8, 0xfffffff9, 0x2) perf_event_open(&(0x7f00000000c0)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xdc03}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup(r0) 00:39:46 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x2}, {0x14}, {0x6, 0x0, 0x0, 0x80000003}]}) r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) openat(r0, &(0x7f0000000000)='./file0\x00', 0x2000, 0x80) 00:39:47 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0xffc00004, 0x2, &(0x7f0000000100)=[{&(0x7f0000000040)="040800090000ff01e66174000404090a0200027400f8", 0x16}, {&(0x7f00000004c0)="dbed7d4cac17", 0x6, 0x1f}], 0x0, &(0x7f0000000080)={[{@fat=@codepage={'codepage', 0x3d, '865'}}]}) chdir(&(0x7f0000000140)='./file0/file0\x00') [ 114.418148][T10275] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 114.438748][T10280] FAT-fs (loop1): bogus number of FAT sectors [ 114.444923][T10280] FAT-fs (loop1): Can't find a valid FAT filesystem [ 114.453443][ T1040] loop0: p1 p2 p3 p4 [ 114.464951][ T1040] loop0: p1 start 1 is beyond EOD, truncated 00:39:47 executing program 2 (fault-call:0 fault-nth:58): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 114.470963][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 114.483986][ T25] audit: type=1326 audit(1628469587.034:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=10288 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665e9 code=0x80000000 [ 114.512459][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated 00:39:47 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 114.525547][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 114.533143][T10299] loop2: detected capacity change from 0 to 512 [ 114.549538][T10299] FAULT_INJECTION: forcing a failure. [ 114.549538][T10299] name failslab, interval 1, probability 0, space 0, times 0 [ 114.562228][T10299] CPU: 0 PID: 10299 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 114.571053][T10299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 114.581237][T10299] Call Trace: [ 114.584511][T10299] dump_stack_lvl+0xb7/0x103 [ 114.589103][T10299] dump_stack+0x11/0x1a [ 114.593261][T10299] should_fail+0x23c/0x250 [ 114.597722][T10299] __should_failslab+0x81/0x90 [ 114.602581][T10299] ? legacy_init_fs_context+0x2d/0x70 [ 114.607962][T10299] should_failslab+0x5/0x20 [ 114.612519][T10299] kmem_cache_alloc_trace+0x49/0x310 [ 114.617816][T10299] ? kmem_cache_alloc_trace+0x20f/0x310 [ 114.623371][T10299] ? alloc_fs_context+0x46/0x500 [ 114.628457][T10299] legacy_init_fs_context+0x2d/0x70 [ 114.633719][T10299] alloc_fs_context+0x419/0x500 [ 114.638635][T10299] fs_context_for_mount+0x1d/0x20 [ 114.643670][T10299] path_mount+0xdf5/0x1ce0 [ 114.648094][T10299] __se_sys_mount+0x23d/0x2e0 [ 114.652847][T10299] ? mntput+0x45/0x70 [ 114.656903][T10299] __x64_sys_mount+0x63/0x70 [ 114.661646][T10299] do_syscall_64+0x3d/0x90 [ 114.666151][T10299] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 114.672054][T10299] RIP: 0033:0x467b0a [ 114.675956][T10299] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 114.695567][T10299] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 114.704015][T10299] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 114.711988][T10299] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 00:39:47 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:47 executing program 5: r0 = syz_io_uring_setup(0x3ede, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) io_uring_enter(r0, 0x51ab, 0xac13, 0x1, &(0x7f00000001c0)={[0x49]}, 0x8) r2 = dup(r0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r5, 0x0}, 0x10001) r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r6}, 0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r1, &(0x7f0000000180)=@IORING_OP_ACCEPT={0xd, 0x2, 0x0, r2, &(0x7f0000000080), 0x0, 0x0, 0x800, 0x1, {0x0, r7}}, 0x1d) r8 = socket$inet_udplite(0x2, 0x2, 0x88) r9 = dup(r8) r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00000}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r10, 0xc0502100, &(0x7f0000000300)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r10, 0x40182103, &(0x7f0000001580)={r11, 0x1, r10, 0x4}) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wDdno=', @ANYRESHEX=r9, @ANYBLOB=',\x00']) 00:39:47 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000780)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) clone3(&(0x7f00000005c0)={0x8a40000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 114.720063][T10299] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 114.728096][T10299] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 114.736143][T10299] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 114.814275][ T1040] loop0: p1 p2 p3 p4 [ 114.826814][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 114.832899][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 114.842011][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 114.851883][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 114.944916][T10343] 9pnet: Insufficient options for proto=fd 00:39:47 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f80000200040000000000000", 0x21}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:47 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r2, 0x0}, 0x10001) syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:47 executing program 0: r0 = syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_setup(0x4c97, &(0x7f0000000140)={0x0, 0x8123, 0x0, 0x1, 0x37c, 0x0, r0}, &(0x7f0000ee6000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000200)) syz_io_uring_submit(r3, r2, &(0x7f0000000240)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x2, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1}, 0x3) r4 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r4, 0x0}, 0x10001) r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r5}, 0x0) ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000040)={0x0, 0x8, 0x2}) r6 = socket$netlink(0x10, 0x3, 0x2) r7 = fork() sendmsg$netlink(r6, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r7, 0xee01, 0xee00}}}], 0x20}, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file1/file0\x00', 0x1, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)=ANY=[]) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x4) 00:39:47 executing program 2 (fault-call:0 fault-nth:59): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:47 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800009, 0x10, 0xffffffffffffffff, 0x25573000) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="0400050900000000666174000404090a020002740ef801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000200)=ANY=[], 0x208e24b) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000004) r3 = socket$netlink(0x10, 0x3, 0x2) r4 = fork() sendmsg$netlink(r3, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r4, 0xee01, 0xee00}}}], 0x20}, 0x0) write$binfmt_elf64(r3, &(0x7f0000000400)={{0x7f, 0x45, 0x4c, 0x46, 0x6, 0xbb, 0xff, 0x5, 0x6, 0x3, 0x0, 0x2, 0x2e3, 0x40, 0xb4, 0x4, 0x6, 0x38, 0x1, 0x4, 0x7fff, 0x8}, [{0x5, 0x7f, 0x10000, 0x3, 0x2, 0x8, 0x81, 0x3}], "d8af61f9402cdbfe936b9263f4e4e7125c7b68fd47ac91", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x78f) sched_setattr(0xffffffffffffffff, 0x0, 0x0) [ 115.103589][T10347] loop1: detected capacity change from 0 to 264192 [ 115.118157][T10347] FAT-fs (loop1): bogus number of FAT sectors [ 115.124275][T10347] FAT-fs (loop1): Can't find a valid FAT filesystem [ 115.134087][T10354] loop2: detected capacity change from 0 to 512 [ 115.160088][T10354] FAULT_INJECTION: forcing a failure. [ 115.160088][T10354] name failslab, interval 1, probability 0, space 0, times 0 [ 115.172745][T10354] CPU: 1 PID: 10354 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 115.181500][T10354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 115.191597][T10354] Call Trace: [ 115.194868][T10354] dump_stack_lvl+0xb7/0x103 [ 115.199477][T10354] dump_stack+0x11/0x1a [ 115.203642][T10354] should_fail+0x23c/0x250 [ 115.208072][T10354] ? vfs_parse_fs_string+0x5e/0xc0 [ 115.213178][T10354] __should_failslab+0x81/0x90 [ 115.218146][T10354] should_failslab+0x5/0x20 [ 115.222649][T10354] __kmalloc_track_caller+0x64/0x340 [ 115.227979][T10354] kmemdup_nul+0x27/0x70 [ 115.232216][T10354] vfs_parse_fs_string+0x5e/0xc0 [ 115.237149][T10354] path_mount+0xf99/0x1ce0 [ 115.241561][T10354] __se_sys_mount+0x23d/0x2e0 [ 115.246234][T10354] ? mntput+0x45/0x70 [ 115.250206][T10354] __x64_sys_mount+0x63/0x70 [ 115.254788][T10354] do_syscall_64+0x3d/0x90 [ 115.259262][T10354] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 115.265182][T10354] RIP: 0033:0x467b0a [ 115.269068][T10354] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 115.288675][T10354] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 115.297095][T10354] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 115.305059][T10354] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 115.313035][T10354] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 115.321056][T10354] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 115.329019][T10354] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 00:39:47 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lgetxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=@random={'security.', 'ext4\x00'}, &(0x7f00000001c0)=""/33, 0x21) mount$bind(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x135807, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x20f0860, &(0x7f0000000200)=ANY=[@ANYBLOB='usrJquota=./file0,\x00']) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) mkdirat(r0, &(0x7f0000000040)='./file0/file0\x00', 0x142) 00:39:47 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r2, 0x0}, 0x10001) syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 115.394314][ T1040] loop0: p1 p2 p3 p4 00:39:48 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r2, 0x0}, 0x10001) syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 115.430764][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 115.436860][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 115.468857][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated 00:39:48 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r1, 0x0}, 0x10001) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 115.509244][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:48 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r1, 0x0}, 0x10001) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:48 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) r1 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_config_ext={0x5, 0x8}, 0x0, 0x0, 0x9, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) fcntl$setsig(0xffffffffffffffff, 0xa, 0x18) recvfrom(0xffffffffffffffff, &(0x7f0000000540)=""/157, 0x9d, 0x40000001, &(0x7f0000000600)=@l2tp6={0xa, 0x0, 0xe17e, @loopback, 0x0, 0x1}, 0x80) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000000780)={{0x0, 0x0, 0x3, 0x1, 0x1000, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x12, 0x4, 0xf1b, 0x1, 0x5}}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f00000019c0)={0x0, 0xfffffffffffffffb, 0xde, 0x1f, @scatter={0x0, 0x0, &(0x7f0000000340)}, &(0x7f0000001880)="7cadda365895a0622a1cdc251e3f61c15d67f06ab6415ee8348b02bca207c320ffec475c470b73be02d0aaf059d5d234cf0f63c215ddce6f037b1c492ecbeb90aca0dc315862feb85bba7217d5a7597b4c471cb70b4aca94cb941e68128daec96a8558fea9188af8fb38f7ee27b82bc971381f76f9621295170c2da22e1857f7d9f3f5c54fe8ea0b4e77177b3b18c6f5a17ad41a833d0be5f2774f85f1715040e11d70876f3b11b9044aa8f0fe2c39f2235d48124cede7d58e09dd2054537650c6f59634fa513ba123c128f3220e85fafef80cc8497b8cae45fa54756d91", &(0x7f0000002c40)=""/4096, 0xb5c, 0x10012, 0x0, &(0x7f0000001980)}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000000440)={0x0, 0x0, "4f78d28e221a2bd0f30b2d26f0b118b9184a5ff0ea567f7bfb8edbdb92539c8f2081dd74acfcbf8c2b6045bc4c7eef07761191f0914f3bb109706c4e41be05f88060d2cc8f454a571db35596359fa45ad9c69465cd642407c93971e654d120c8d36658d1580e1740e45b2eb38233ae757279e358e6921e528189978c2eb9c97b9f18ee7d0e7545c9ec858d3f059a144eda6a4d4fe516c11699eaf20566c00d53773673270c14a1d488b29f5cb056590cae67e39a500f1569aef8ca682ab59efc9aebdd8901d3413883da228c4d56e3397241eb7ae2e8f5ef2184337309951e0ab693faf224eddde48ab408b21d5c7d5bdb3fb0bc6f985b089e40db066a09b8ea", "d9c643dfb0e77befd29002f9d1d876fc5e35ca6762c80c305cbc3b49a4b7bdb68950c37ca0f6e2513863cd7e92ed1334b0b04fce1679f41f10d93d14ad2171e39ec372f89b41070fd163095e6757296ec12626423d639cee95bbcc57a80123f73722590e286c0f9345d2710e39df228078683f0e609a415cccbb944a4138ca03a81c552b9c70ed7dc52f45fc57b87899bdff3ca90278f1e97fab974e7b58dc9fde3d0b4838774b47310fbb9581b115523061bada18caaeb337591a093ee0a2bba2a67422c5f7bdb5267c6aaea57b55af51be53b7d720cb43f7da45a3df9374fb68b7849626b78963d08adc252128caacf32b4f685ab24884497801de2c0d3d2d36910f3d10462538d276bfa3db544368e6d660d1f5f9946cc526d2cc135cb86d04f3715ce2e5154a7ab7bf169a7bfd2775bcd5dd7c2f15750879991d93527d75dcf7f50fb827a55f079ddf0ba5ba67ed091f31ad04de165882c229f8aedf29b790dc51f6364890c3df47d3866ff36114e28da2d40ab648eb26996e012ebbbd962c7427cb3ac0dffea94bab9bc053caba95f85807350cdc3cbe83353d7db78b4429024a94c7b6ce871f1e50f22841ec416c4261121271e8329c03308369e70ae6aa3f79fbbf73f861366a078f7cb8c3fba235c4c6a34f8f4ae3e046e64dbe69d3bec6041da35cae0b4891ef947e4ae0c3e07f799a3010aa8ec99098309c589cf1b908cd23f00c52a4359fd20d8c93f1d77e46a679eb08108e628714bb3ec631cc69ba189855d01c21b91b090b3f54483250ede9607e671989530fd6cacd2e76f04b639ab9673038c79365f7f4f8d2023ae47553feaef902acca1056c91fb72c41b44cfee19480cde8e885bcfbd125dc88ed5b43b3bf4279ed7f1a90783d2ca9eb64a60a42cbec08804ef41701ee41f06d467b433e442fe0f0d7e76058bd3136687e08f0f3493c1caea0c8e29c94a7264c6a4f4587f763a56343ec75f8f44b392464c6518a7e22052e040e116a638b67824fea4ed99600d0c51ccab449c746bb6b17f861613791cc557a29dd9d9ec65827d3fb6f069594462db7e0e06aec5ae9bf01ebc8b1127c58db9e842519e2b2abcd5374e2e5ed9ec089fd4fa911ed2f4f937df2686b71a9be370acd35ba379476828bbd71efb9201313fbffbfe99fb34fb1ead5830f1807cae9132f35f8f397db691b9accf46bafb5814094432402350039cbf4b26444d431d52289b4321e63201317141ef4da29ec930ebb52d0578992e17b5eb72699d58cf4a53f312bf33b541fa73a838671e06210fae811ab536cb6cc643c8bfc65ea8ee78eb7f20512251f3f88afb5f5d25f949f71c9c0917cbe5fb728bc467bd0882684aa1672e5ec555f1bb2069a5b40c60d2cc7720f3f26202194f776b6889a76fe7911c766759c910051646fff966e14ce8bd9b0665b55290a81291d8f37bd641c654b07d208acd99c550163feda22faaef4decf088f00ec99560ccd70a259e600f7f305de26c9b12af1c942b90cba00f3a11851b38379a06734498fda144c672c5ca4ea943d33807730306370b41fc2969479ab60d1508f899571e8bdbc01bd54eb2113a2d0b8f30d7e80716d9d6c5562945c3745f2f84f3089cd30ad73c4f64aa6af18c691259fbce3ce64be358db25edf047b0afe59692b9f8241f4ebb7a9a8f576f1dd0a7d56a79b42b83a39f5689758f8e48112bd3f66d48c869049769f487d242dc592b659464c126c7005bd4a75a69f3a8eb0129541c4c2bc49664748475b20df73fe81168d680f3bb5fab77a66d660712024a6d3fa7e59546348d28ac26e53bb4dfb027b7675d16ea5879a62c75f51c100c754e5fe011b53ed7cfc2728b203f0396c1a686fe8405ba706a329ab1dc2a84ea56d851d42ea2ba3f19d87556ecaf5ee5249d1c83b2fb99570a99294e33d855580981c3f791cf8148230789d35199fc54283fc5ddd0954ceaa5bc247513acb2590ff07878b71e9dddf462a8c6d6291f27c876fd2bb463f1f6694d80946a66e0166457551a7b85173d63d589b720f3973fd9635d3463a4f36609b6c2be98ab916df407e8f7290f41c7e0d273dbae1ad169f76dd537ee8ab7b6b736233573877fe1c1c493ac1aaca9209da4a3e1be5d06582eb66b5e8fe4542ba46a9594144328ac76b38e3f2a49b371ae54662f48d53763349c612822e0f4a35a867293438144dcab962329f3217ea760fc1e67176c3a7ec1db301b008b6ae2e430a53f025122f608c3cfc675ef6e3417ca1a2bce4281deb376dd781b2e9c111056b132f1e3151437c5353f158bff052d5c6f8e0eb108e015a347241dc1ad3377cde6d7b04222ec52e1d526aab7af627905cb93b5719f2ee412af951cd2af598df3acca4be15156b1deea31b4a21546ccdc134ae313aac35e6bca5810a28069398d3ec141e6f0ac48d20ca442ff80c371eef574dfc2d8aced34dfc10e3fe9289d370bc9af127a00fefa66621ae951f3f62bd09e26fff0823bcd92c092569001fbc392a4296efcfbfec1706382af230fa64ee9fcf33213c081d12d425abded52d837c9e5bd90e653473b09a9f09be58c0d5f0e44e61fda7032300ae450ba21ca7c0856785ac0574b9825e77c36d511cf6778a6674cf9910b1761aa40ba213f19bbce378032e054dc4be31ec31d61532949bc8da67eb6b2d53bff2c92460fe468ab59c254aa2ecd7e2e758368e94ca97d05fa591706b3e8e482d9e0593c5528099503c797be3a5bf5f745f6ce47c711b931f35a9979aad675e3ce52ad3d4e092fdff62a5713486bb44512535c27a1fab360b350905b4e4b28ec1eafdd499fda367f96540921921bd89d65ad96df9c0ddd9b460dd1e2be4a3277ec161ad60cefcb4186c04b05071654d980d80e55b993f3d7758ac397b0aed65f5bf5e40876052cc6690d8298949017c86ad84641ac85de255c1378008f0aedb11c62e834b842acc2308471cc5601ac34d5ec159109dacf7f2fea04c5512875f1f37467509b00b63a0d0ccaaa65a607be95a0d48a7da2ed7e11fd70656a439968ad1b41a40204bdbfbc5fc127c3835e7b6f291fb3b4a74554b9b0e9c0d49d8f495e9093e4442f8dadab395b7829b9e1b842905648aa894fd3bf3f95ea40091f6cd4ce01ecd3d8321ff3264c7c9ebf1e3b28fd78292c43367c3f7439081c2881579c36612dc4d56281579b10d28e2a9e0ac1354a84e902534c3b2a098ab0b10ffb3d0aba798ef58bc1480059c34414fc01622ddacceb43aca754c1a35eafda64b0a3e8f8b0e612cd811646dcba986ce7a86bf048d39939770bbbeddd5561318d4ca83bd6862ad513153115b29a8a8ff9d8278e7dc196ac48c8a2deab71ccd83d69c7967e7c310bd69311c41363c25d273772570706839aa70523fa0ffcce3637d8ebe80b8277c07b254807bb114bbd9ac462570bdd999e021ccdf135e10233c59e765379c9e58f234dbb321bba181025b520dac778f6138706441276550934d15362835a8777c4451e0b4f72763f1c44f28b97db63400d21fead99a4f33f63fb0d67bb43881d94fe803e941e57c59a4706eaf52fadc731eb5cda7e91d4cb62bd77fb1a719fbcf2a76703d2e843d6a6a855e20b42818b48278f2bd179f499b9f8ca640f6b28c61b2392c1abe4ebca641f871400009aab998380e1a6a21af5b158f6583949d8bdcfb90d6fc51f6f6149dee2ea3f1b7283f8705913130870d4bd07e5ee32547aa151edcf88edd3b29811b1be41d5fc280024e34c1dd56bd41298ac733d566f7d0bb0611002a682a49cd60ea2b12229b80845f5d738b0183a1c397ea7275a8bb410365042a13fcd8be2ae789b8a9bf483a4b50e4337b0077cd28e122939883b5279bc4d94130ebcebfb10f376f4371dc82a6532670b8ba4dcc9c884f20dcd4bdd680dbcde4e6ec168869ddf5a26877f082f52e9b8312854f2f554d3a5978ee963dd54df969635e6cb9ead2b001841532c28fcc666a6a9bd384ce6137d13f3e81669bd681ab5785e08a3a7f511b7dc38876bfc8763170ab401145bcbbbcd752dd5701e1adb1c0289204583cc1a3b92ce22db010bf437794fc02071351beda4a89a681fc9b8696cd64c85c0ce6a13c8ff4fce5df942913c3c839cfcc255a73a86d24acdb5f982ea9004410a3108737639f8b672cc1d0deffbf3d61a12a6de87a8548d2b6b26eceb4a92ca16019635951c1260690ef3115cb18a6420084021f908258f7b4810175b23c9c9f9c59470309ebefd20b1618e130b8b1222f9df5effc99588a58a8a6eb69cf09a549cf74919aae56b7a1a7adf745fc39c4c2c55bda051648752a0a4ea5cd27d132b19f4705ef7df77645b23a90c8afff07ff08d9362c8dae07e1ad1a6192fec5491e89f14ef5738238bac05b45a7b8d7caeb56cdcfb54461c6a7cc5f72562799b5b52a6b0ed22f5075b7af549add74492f30bb734bd328b1582780fc72fbd2676c8d72717202633e28faee589d35170067e8b22697ee1c55ae1e0caee861806e7ac83d655a7c5226bce5e97a0250585c5a9f09941bd4ee7b86f802bd21d5f6d3db50d0ce5e9fa3c4cfd747e39e55c1f5fc1fbffd89a1fcd745e2887d0e51f499c15de4a162e21084a62c755f5732f3652767cf2eadfbd9a7f5e40c40810b7985110c5ab0188a7d1db7e7cb33a86f0b92a090bb441d4cdcb1bbbbccbba9d00326214d7a6e1a223f61995a5e854e1c9b4fb3544437cbbb1719bc4f87e3265f88600f3e6f4b4a13af33022d5165d4ae5e9b4d993e66c50ccbf35e069fa6475c2f21b5bf8dbe45bf383a90612bdee5c2857de6f00ea359a50f059e6e2012b206975e1bdf3140887d96b87ebe91eb97457fa1c8a45fb1b0f469ff14aaa645dd7ec0517fb80430e91f65db1e244f7c592872c52a368415b837d353086996a9a29554b1981b43c2c1fe029f8b453c7a511ed7fee72c0fab18e84525c06a5ddeb1031d1e02e2c0fb8d7d9de1b7d90c9b41d68ac466e6b85749cf06bd5f06c5a4085776030937ef06914d8641d3b7b4ea3f4049db263c7a422a9dd34fd4695599e8529cacf3baf31596de73e242abede187c2764527a5509afe9c7b37151b5bd3388bb83aec0c9b4841b6abea25d2676813de10ab8fac345f48e36b398caad43dcfa3b704e41d0dcf007362839505b397ec4495f3e47a1a68c35b08ad649ab0d0ac0d93b72e86371493d79d854b51a8b0db61069e5e23b8676d152c9e992bd8f27d960ac9bf5295ada72377a1bad405ebed96568a3cd686d4e62d812b83ea84c2d281c2287b55a193e7e888490bb7be318717de83e1548f8f96eab05ac60c42ae752486448b5a9d82ad7c266e20afc3fb14c8038406b50957eaa9d34c00c387f4fdc245058da44c12d49cf6c2a24980c8f460b3d1a312cc0adb80c8"}) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/ldiscs\x00', 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0x8, 0x2, 0x0) gettid() clone(0x40808000, 0x0, 0x0, 0x0, 0x0) r2 = gettid() tkill(r2, 0x1e) 00:39:48 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r1, 0x0}, 0x10001) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 115.708967][ T1040] loop0: p1 p2 p3 p4 [ 115.722383][T10385] EXT4-fs (sda1): Unrecognized mount option "usrJquota=./file0" or missing value [ 115.732896][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 115.739001][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 115.748524][T10385] EXT4-fs (sda1): Unrecognized mount option "usrJquota=./file0" or missing value [ 115.759566][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 115.778668][ C0] sd 0:0:1:0: [sg0] tag#146 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 115.788980][ C0] sd 0:0:1:0: [sg0] tag#146 CDB: opcode=0xe5 (vendor) [ 115.795785][ C0] sd 0:0:1:0: [sg0] tag#146 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 115.800106][ T1040] loop0: p4 size 32768 extends beyond EOD, [ 115.805260][ C0] sd 0:0:1:0: [sg0] tag#146 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 115.805265][ T1040] truncated [ 115.805282][ C0] sd 0:0:1:0: [sg0] tag#146 CDB[20]: ba 00:39:48 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f80000200040000000000000", 0x21}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:48 executing program 2 (fault-call:0 fault-nth:60): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:48 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r2, 0x0}, 0x10001) syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 115.992878][T10421] loop1: detected capacity change from 0 to 264192 [ 116.013389][T10421] FAT-fs (loop1): bogus number of FAT sectors [ 116.019502][T10421] FAT-fs (loop1): Can't find a valid FAT filesystem [ 116.168210][T10429] loop2: detected capacity change from 0 to 512 [ 116.202986][T10429] FAULT_INJECTION: forcing a failure. [ 116.202986][T10429] name failslab, interval 1, probability 0, space 0, times 0 [ 116.215702][T10429] CPU: 0 PID: 10429 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 116.224522][T10429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 116.234569][T10429] Call Trace: [ 116.237845][T10429] dump_stack_lvl+0xb7/0x103 [ 116.242442][T10429] dump_stack+0x11/0x1a [ 116.246605][T10429] should_fail+0x23c/0x250 [ 116.251097][T10429] ? ext4_mount+0x40/0x40 [ 116.255424][T10429] ? getname_kernel+0x37/0x1d0 [ 116.260260][T10429] __should_failslab+0x81/0x90 00:39:48 executing program 3: r0 = socket(0x1000000010, 0x80003, 0x0) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) r2 = syz_open_dev$vcsu(&(0x7f00000000c0), 0x0, 0x230000) io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[r1, r1, r1, r1, r0]}, 0x5) ioctl$sock_SIOCDELDLCI(r1, 0x8981, &(0x7f0000000080)={'syz_tun\x00', 0xfffc}) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000040), 0x4) sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="cc050000130001fffffffffffff000000200000a01000000120a010300000000f2e004007ffffff20900010073797a31000000001c030000160a0102000053cd00009c00600000060c000380080001406f00000001ed43557c0c00054000000000000004059800038068000380140001007465616d5f736c6176655f3000000100140001006970360400746930ee0014e38b16fdc4320109006170365f767469300000000000000000140001"], 0x5cc}}, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000005, 0x2010, r1, 0xf1ae3000) r3 = socket$netlink(0x10, 0x3, 0x2) r4 = fork() sendmsg$netlink(r3, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r4, 0xee01, 0xee00}}}], 0x20}, 0x0) dup(r3) 00:39:48 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff) r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r5, 0x4018f50b, &(0x7f0000000000)={0x0, 0x5, 0xfff}) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x10) sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000140000000c00018008000100", @ANYRES32=0x0, @ANYBLOB='\x00'/11], 0x20}}, 0x0) sendfile(r3, r2, 0x0, 0x7ffff000) 00:39:48 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r2, 0x0}, 0x10001) syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:48 executing program 5: sendmsg$DEVLINK_CMD_TRAP_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="100028bd70003a8d00003e0000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7469636173740005008300000000009a78b8bf9c051c90a31838dd14c23eae798cf24ac121478022c81873205210786d6b2382baeaf89f4140a6103ca91428837b386e1cc6dc5ff288477085833637bb97520720a73fe5cd3c5830def520cc5805b96a3f8b7f8dce9c7ef80b9d1ebf2118f95a74856ccafa19c2db026ec44d31b38f0469536987a723edcadde238302dfc5580222c"], 0x58}, 0x1, 0x0, 0x0, 0x20018011}, 0x4000000) r0 = socket$netlink(0x10, 0x3, 0x2) sendmsg$netlink(r0, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, 0xee00}}}], 0x20}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x18, r2, 0x1, 0x0, 0x0, {0xa}, [@ETHTOOL_A_FEATURES_HEADER={0x4}]}, 0x18}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket(0x200000100000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r4, &(0x7f0000000200)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)={0x74, r2, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x40}, 0x80) socketpair$unix(0x1, 0x80003, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r7, 0x0) preadv(r7, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmmsg$unix(r6, &(0x7f0000002400)=[{{&(0x7f0000000080)=@abs={0x1}, 0x6e, 0x0}}], 0x1, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r8) mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440), 0x1101086, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {}, 0x2c, {[{@nodevmap}, {@fscache}, {@uname={'uname', 0x3d, 'wg2\x00'}}, {@dfltuid={'dfltuid', 0x3d, r8}}, {@mmap}, {@msize={'msize', 0x3d, 0x4}}, {@dfltgid={'dfltgid', 0x3d, 0xee00}}], [{@appraise}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}]}}) [ 116.265024][T10429] should_failslab+0x5/0x20 [ 116.269530][T10429] kmem_cache_alloc+0x46/0x2e0 [ 116.274388][T10429] ? avc_has_perm_noaudit+0x19a/0x240 [ 116.279766][T10429] ? ext4_mount+0x40/0x40 [ 116.284108][T10429] getname_kernel+0x37/0x1d0 [ 116.288710][T10429] ? ext4_mount+0x40/0x40 [ 116.293075][T10429] kern_path+0x19/0x40 [ 116.297166][T10429] blkdev_get_by_path+0x54/0x1b0 [ 116.302173][T10429] mount_bdev+0x47/0x290 [ 116.306427][T10429] ? ext4_errno_to_code+0x110/0x110 [ 116.311659][T10429] ext4_mount+0x2d/0x40 [ 116.315911][T10429] legacy_get_tree+0x70/0xc0 [ 116.320510][T10429] vfs_get_tree+0x4a/0x1a0 [ 116.324989][T10429] path_mount+0x11d4/0x1ce0 [ 116.329495][T10429] __se_sys_mount+0x23d/0x2e0 [ 116.334298][T10429] ? mntput+0x45/0x70 [ 116.338279][T10429] __x64_sys_mount+0x63/0x70 [ 116.342922][T10429] do_syscall_64+0x3d/0x90 [ 116.347347][T10429] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 116.353397][T10429] RIP: 0033:0x467b0a [ 116.357288][T10429] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 116.376910][T10429] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 116.385398][T10429] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 116.393370][T10429] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 00:39:49 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000100)={r0, 0x6, 0x0, 0x2}) write$binfmt_misc(r1, &(0x7f0000000340)={'syz0', "1eda5c12873344ff551cc431f37313e3a430e43bcdb8a6fd2efc7c814786482a88a0c766eb0883978cde509be7ed80b65ec804f37eb630d6a6177b5271882a19ba7a167819e83cd354a62f921aa862420b22f5404502617d28a6027c381ad036d7418c6beec0363879fa7291f5e8592269edbf4c4857f48317c130bb8218c7b874d86ff7c5989ec3f348b39f6e045a74e18021da2918edbabe3637cffd39"}, 0xa2) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) shutdown(0xffffffffffffffff, 0x0) setsockopt$inet6_opts(r2, 0x29, 0x3b, &(0x7f00000001c0)=ANY=[@ANYBLOB="b42992e25f907549698fbea1bc97064191492690f8b917fc2b42e6c8ae41680e0431564ea8136368dc3f1e0a8b932fae294c78d22a6f1f0a7673ae46e84d63dd523aee060fd7daec0b7c8d29b582a0e77a6a43f635533e5d4ec4d55aeba7e36e1297ec568584b6972882bf7e59a3c55f4c9c9d8ac827f3a1d442a4160728eac8131ea175e5cf6152e240cba3c9c3875f3ab87881d102f733c10dec6233d7d0864ccb79ab5dac4bb061c50747088e7a4f5a10a7a5542055e583c086ab41806536e3bbdb59f63e41973fdc847d1534042226c9f8e66cce5e4fa53a298eb278d9cca01679a14ebad18cc73237af0cee67df812c67a286ce17d6b1522e4fadfa67fe7313e1db2b5b77977fa6129354a5cfe940b5d19fffbb2008fd56084ec6d90a4bf013eaf61a430bca1898240e2784b01042041fb883c8e4f309879f2c374317d8702a47ddd28de421f52c3b3a59d955bd1b28a3ff5adeaefc5adb86ff6451b7e69b7150e45e3cbe3d1b09e780d7d16f3c852d09b14fb001bb"], 0x28) close(r2) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), &(0x7f00000000c0)=@sha1={0x1, "c056e99e0161ef6844f9911a79cbd11cd08bfe84"}, 0x15, 0x1) 00:39:49 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r2, 0x0}, 0x10001) syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 116.401348][T10429] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 00:39:49 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 116.401366][T10429] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 116.401379][T10429] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 00:39:49 executing program 5: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9}, 0x0) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000180)=[0xffffffffffffffff], 0x1) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000000ce0000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00']) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000200), 0x6e, &(0x7f0000001640)=[{&(0x7f0000000380)=""/166, 0xa6}, {&(0x7f0000000440)=""/148, 0x94}, {&(0x7f0000000500)=""/95, 0x5f}, {&(0x7f0000000580)=""/147, 0x93}, {&(0x7f0000000040)=""/46, 0x2e}, {&(0x7f0000000640)=""/4096, 0x1000}], 0x6, &(0x7f00000016c0)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}, 0x21) io_uring_register$IORING_UNREGISTER_FILES(r0, 0x3, 0x0, 0x0) 00:39:49 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 116.433039][T10447] netlink: 1452 bytes leftover after parsing attributes in process `syz-executor.3'. [ 116.433060][T10447] device Y­4`Ò˜ left promiscuous mode [ 116.438170][T10448] netlink: 1452 bytes leftover after parsing attributes in process `syz-executor.3'. [ 116.675133][ T1040] loop0: p1 p2 p3 p4 [ 116.679208][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 116.685212][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 116.693019][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 116.708445][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:49 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f800002000400000000000000000", 0x23}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:49 executing program 3: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x20, r0, 0x400, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x20}, 0x1, 0x0, 0x0, 0x2000c000}, 0x8044) set_mempolicy(0x3, &(0x7f0000000140)=0x1f, 0x800) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='cpuset\x00', 0x10000, 0x0) 00:39:49 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001240)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000001100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000b, 0x28011, r0, 0x0) fsync(r0) r1 = socket$netlink(0x10, 0x3, 0x2) r2 = fork() sendmsg$netlink(r1, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01, 0xee00}}}], 0x20}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x2) r4 = fork() sendmsg$netlink(r3, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r4, 0xee01, 0xee00}}}], 0x20}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x2) r6 = fork() sendmsg$netlink(r5, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r6, 0xee01, 0xee00}}}], 0x20}, 0x0) clock_gettime(0x0, &(0x7f0000000540)={0x0, 0x0}) recvmmsg(r5, &(0x7f0000000500)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000380)=""/70, 0x46}], 0x1, &(0x7f0000000440)=""/192, 0xc0}, 0x9}], 0x1, 0x40, &(0x7f0000000580)={r7, r8+10000000}) ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f0000000640)={0x7fffffff, 0x5, 0x7, 0x1, 0xa, [{0x8, 0x6c12cbf0, 0x90, '\x00', 0x402}, {0x9, 0x1ff, 0x3, '\x00', 0x188}, {0x3ff, 0x8, 0x8, '\x00', 0x10a}, {0x100000000, 0x3, 0x77c, '\x00', 0x800}, {0x81, 0x8, 0x0, '\x00', 0x888}, {0x5, 0x7, 0x2, '\x00', 0x1909}, {0x4b1, 0xffffffff, 0x9, '\x00', 0x1002}, {0x1, 0x9, 0x1000000000, '\x00', 0x100}, {0x2b, 0xc00000000000, 0xfffffffffffffffb, '\x00', 0x801}, {0x0, 0x7fffffff, 0x3ff, '\x00', 0x284}]}) pselect6(0x40, &(0x7f00000008c0)={0x3ff, 0xff, 0xfff, 0xbb2f, 0x80000001, 0x9d42, 0x6, 0x1}, &(0x7f0000000900)={0x2, 0x7, 0x7e, 0x279f, 0x4, 0x2, 0xac, 0x7f}, &(0x7f0000000940)={0x7fffffff, 0x4, 0x0, 0x3ff, 0x9, 0x6, 0x97, 0x1}, &(0x7f0000000980)={0x77359400}, &(0x7f0000000a00)={&(0x7f00000009c0)={[0x7]}, 0x8}) sendmsg$inet(r1, &(0x7f0000000340)={&(0x7f0000000140)={0x2, 0x4e24, @empty}, 0x10, &(0x7f0000000280)=[{&(0x7f0000000180)="3a656033a74ef9f344e725f8e76c31f8cf66a127fefd6563eadd22f417740b7f5ee376cea6508dae7e80628702ce057bfc4d4218bb7ec48a4b99c1", 0x3b}, {&(0x7f00000001c0)="4fdf135c223f3ecae9e24d97de7de8adec61ee08549277f6acbf823c7805e404a69bcc822311249a4a08786e3e9d720332d8149425b07dbeacaa00f4750ed1d4850d418f58f9774ee35dda9a9b78dc94c4f49abbee3567308b67257dbc7226cdead1dbe6d6daa44f254651007452f8eeb19c1c8facbacc086a808d2e4a3c69c40131babc31b3a3cdcbba6b603e61b7625b4563793d5885e5435b5d01cedbe0de10df1d469fd23763", 0xa8}], 0x2, &(0x7f00000002c0)=[@ip_retopts={{0x58, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x44, 0xb4, 0x3, 0x6, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x200}, {@broadcast, 0x3ff}, {@rand_addr=0x64010101, 0x8}, {@dev={0xac, 0x14, 0x14, 0x42}, 0xffff0001}, {@empty, 0xad0}, {@broadcast, 0x400000}, {@empty, 0x7ff0000}, {@empty, 0x8988}]}, @generic={0x82, 0x2}, @end]}}}], 0x58}, 0x4000080) getpeername$packet(r0, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000100)=0x14) syz_io_uring_setup(0x0, &(0x7f0000000040), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ee7000/0x4000)=nil, &(0x7f00000014c0), &(0x7f0000000000)) 00:39:49 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:49 executing program 5: timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000000200)) clock_gettime(0x0, &(0x7f00000001c0)={0x0}) clock_gettime(0x3, &(0x7f0000000180)) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {r0}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) clock_nanosleep(0x2, 0x0, &(0x7f0000000100), &(0x7f0000000140)) timer_settime(r1, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 00:39:49 executing program 2 (fault-call:0 fault-nth:61): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:49 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 116.870365][T10501] loop1: detected capacity change from 0 to 264192 [ 116.880774][T10504] loop2: detected capacity change from 0 to 512 00:39:49 executing program 3: r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat$cgroup(r0, &(0x7f0000000140)='syz0\x00', 0x1ff) r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000000, 0x4010, r1, 0xc9654000) r2 = syz_mount_image$nfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x3, 0x6, &(0x7f0000000440)=[{&(0x7f0000000240)="402a87e5ad7f71c2a584a105e0cea847af7ded29736fd034a485", 0x1a, 0x3f80000000000}, {&(0x7f0000000280)="ce4fd4e0f294291e9285134510d94f78bffa28b1e8bebde2807c31", 0x1b, 0x7}, {&(0x7f00000002c0)="84fbdd6fe95e7eba2b11c6710f0f2b0ce5b97249d24ac6539f658be56b464cf34bb25fbaa022a5617d2e055366b43bdf0b41f3d1a402987c307a3912c5db662dc9b985275fa33a95d1812db4b8eb2a16ca4d770480c66a43f9eebebf1d5d237f688b8ffb6f4b144e249fa2697a6cd16f461016a61a27454c562bf9f17fe2df8de9de6d6e029c3d3e6e36e588169b13", 0x8f, 0x7}, {&(0x7f0000000380)="522264a4cb36020e00fc5e2edff697f08ee55ba49f0e", 0x16, 0x2}, {&(0x7f0000000640)="65bf9f8c7154442cd9ad9a026a77cb19aa1923dd412c1d247f8eb2baadc499691df5f0c23d50ff08c106dcab3cb1b8635b6bba381cf2d98c235ba0ea723190c86b79d88480b8b5904959dbfce1cfd2d2ad8d4f2304ccb60fd7610c46c23f60e18c9e8f44fadf0232c684978c14776c4f84d7d05cb2b1207dc2391e92860d921683a6ed367b67df72fa1d01556e188ff78fc452acc1d0f3dedcec29eedf7aab9c905297250c8eec05f59195d75f0bca75ec8fde92663e95e6c23b59984207766e299bc771ebd9be0d411dbe4a8bf3655cf14e64f2aadbdace94defd56ba0028dd95a90855ceb1e8bad1d463af9b3cfaf68eedb30633d2c0627d47d8dbd002a651b14ae7e6539f6afda2d6824667cfa6116a54d64af6c58430eb3ec7dea8f16d3ec384f239e18feaaf883a9f4098177cf6327c399692104baacabf65b5365b8a64d024ffac999042e3907fc422d6bd7c1c6d045a839e12936747ae8c38624511f90fa54d413e44f63df584e07e0868c401e76c6c388ba95df05c3af367c0b9fdb8b9edf2c32c7e5c2db5de076e6766ff273fa139734ac077b8c173dcfc7e1f014db47245cedd4525e18335f2b872da581b85efd052511e545d1405bda1bd187d144837563131ccca7a5109874ce3f566310f4b4129ee1adf1273f6589e56cce73601f3e6e1232415ec936f452b1f7485503d39e49d264fde9c73bcff7a79e9b4ff765558f6ff22917f7fdb6b58435b91a1c1fd5e350bf341d3770fa8f18c77e54d2c929922a022be76b0cd1d55c8865edc415fc130a7177472c6244e5582c002914f49cf5bfb37dc82acd8bf6214643a81fcc1b3e4073d2f5169820a37494ba0e2dc0c91ccd8e23f6d14e2b1f7b02d5fbc1232838e6e5b6976cba73f8d43a1d2e1f6d82fa9898ab21ff638e53019781c582473260fb5050b808956c97a9ff72f6aa01825ba2cff51c1129d6fbecb50f1aedb0495499a9454fd42907bb5f8d3bce4b91534ca3153511be2ac91d118296701ec199309e352498db4709b0e59760bead8fc82bc91ce8dda30744bc7b6e6c376fb539fa7b11602f1d8bc5e24a5cb1016a2d45ef02b1255d42e08945e85445fa08f55e7be35950853bad874ad5fbac9bb3d896f4a0fca0083f0365a34e5f2d4d69b908444fd7bf05354ad23d855f163f38549b590e18fd2464729d3e9927cb7917e034f032dbb995ac985b38f65bab6eccbe3a70684723bd228ebc97106f05d0a36b25788915c132aacdcc159e91e6c2240046b641d580bf2b06be8d8a4bf97045e2f6ec2bad4357cde5cee1b8ba4dded7d231fbf9ff8e89b004d79a0381c149c6ffa9cc4ccc06799709fd6d104dc4a01542845d38e91d14981220f841ebdd4a451254ebf748f43ad55d513528a15e120efdfddc0883f7fff6bbcde0275589d4b8c1170cd7d08874e4d0c70cae6b73378e840217decd7f78627cb75d1fffde796067226af0f80706ad9ebaa51760259a8d7e586198bff105a5d422557a3c6ebd9067fb25d64eedc747949d4b001cc29d5ca8271a868126783c299d9434ddb41a02d69e6dcdfc02c450347a34dd3467c2de6d7fa4f25bf3a183534ddf7eaf65c78e92a18b3fac545b3e1d0dd56e9ec3d899dd0d4f8aa50d3c4f8ca3189e047faad820235127c92cbd216ffc16a98a750e64e2e8a69f99656e1559dbf0280c625d9ae300827fdce49511e0a84c2ebd8fef0a900c774a60b2d7c7b219786ff63985c33d7b7b32ff8079df1c1b05225f09fca7c80cfd74a26ae3ae63b062ccaa76e059315ee92c593c0095635367efaa4c33d64b2cb9ccccfca9aecbdcb3b1bd8660f7c7e8abc1141d43917a2806da4bce2a0ac3a3d5803609b52166bbdc37bde0445c16bef696bd58cc4cbf8507fcdaeb1c3d5893b442cf1c80ce9c5108a96c44324296a2a23be6b04404021bd7f0e5df2e4758b5a12ef35945b4e97a5299232e70b82ce962fe42e13f5f1a9e23db1b4b19a015975277dfb4936e93b05c349bec3d91a2214d1739aa327721ca3877a443b80f6379217a24ed813fbeae953e74f38cfe99d31b82593f02067092d24bd37b2f1bd55378c9a38a0713de87c8bb349e335a3018959d1ba36d9583c7b80a46b86d9619f3bd40c3beab809d9995512bdf4fdfaeb4289ab7fa38d97d45791d0a894ec29b3d58d8bae2fc056cfd56e9a0f4132380076975c34683a3ac28ed01865daba38c151194ee38b565c26269e2b786033c6fafab1e8470df1282abd48d85dfff4259f2b77a9ebd5f880aafbc5d86bfa3dd44656b94cb44016195a8ff742ca3c2c654ae717fab6f12b0cb5f2bd7df6f4f8569c3b6a92609f6e47f8e91c2cebdabff109e7212ff5897037160185039d8db819b4b6d9165a6fc280bdec069072938e5c8cca7de4db1e66c04b5ff062bce568eadd1472d7cf94dc5a9f38bc9a637d1fa6e3ec577860ab26544400181a19af9c1bd5093152e0ec82421b3f6578f0d2800677f933a9a47e2ea38ac55bc89f1808db96b2b766d80d01b8ca4332fc62a4422c85553c1f0261f92b57d6d857f682421d32dbd25cd4004ecbdb92c14699ffeb3300751da38ab0e35bd1488e33b1c20d91f075811156807c170c794c8eca43dcb496d245d89782f32c2e5788ef476393091332f10a69f52b2db628f66a9ba95ef0a0e22388164e2cd3e596aad0a8dab9aaf007f859cff008cd8c2397795f96a03294f53fca2db2b5da04bb64fb30319c2ae07353f6bcb955698895cf34b560634155f8e3cbde675988914882cbd397bcf886af89e8e81b5e877eca6e4e54a05bf445ef03a76c2be27400c9caef816e00ed3c13d1868b559dd03781b1cdccb4b1f591fd872c9c16d5bd47de88233ccaeda21a496dce4cccf04b461140a003200f406dae55063feb08eba11d2a8235328ee05e3e7acf1022c802587b931009e73f9855bf750bfd453d364767450a29cea3ecbc5947d8d963091fd752edf9b98b23adcdc481bcfc0f8a55b1618b0a83c83ec8f71f7ec47c2419c784bf273183348c46dfa1bd9f392a4cfb0325c305accee15f67373f57f05189ef62b5ae10aa62137afc0956dbe4264c2ff42b4e0fd9935d9a2c46dd86d81edbdf984c94c1fa24563c56571c3fccb539ff654d6e3a2ff335a9980e45970cf580b318888a4d0800fc07df9eaa3fda1327137a3c4764424df7f72faf816346db72db5d1df5b6c9406009d55e43c710fc8db4d2bd854e5b84cd66ac6a13e19c5f9793a94d6efbb7ca26796d982e48ecb38d3bab3774fc866b0aed54df85249b1b46a8235db78dff54d872cdb6b6da7b37770d027196adc0a60314a1871255f77f875976ade036ddaad41ae6f002ec56080793e5331a8d12c266ba5f852b59c9fdc75499e35eedaec6f4c31d333f8026754f709e5c171eb3c551bf22b1fe919f87f5278dc46c5c059701e1d484dac908d4ac5b38f0e960d2b8f403ef7d1bac5c613e59a841ba1853b647f36d711f7408cb4b0937203bdc248d2e6a6e47628634f7e2f0285bb809e38de3d58cbb965ce639c86649c3593328c1abed0fd8f77a2fe2e1b43711b5a7fbe27f8bec6e7aaf16fcb57696c21825e7666b407c2855ff806565154aa1f13aafbec5225e8f36f248f5e728dc2c18429274c3ad29f68016644b3a0c061985c89de1604fdc5887f24f7d8f4671ee4c39fcff4215859f3c422f1807af8eb43e6261719b941228b4ae6ccd3cce37ffd01c01ca4cef6453be4fb846534ea426d31dad2202d468b48c6b45d2e96872c365931f3ca7520197024fa3ef78a8ec316d2106f25da67e98bdfbd6ddbe3c8fd3cf962ba884be3b1b5cb42d11f483ad26eaa3ebf565c2c8713a18bbe6b7efba334b3ee0917e3e13eb369c992293d0c95e51be10b1d40d0c2be69bb080f3e616ec6164d7c5ed4a0dcb1387ad6f282a1bf8d304963c3ba8f665b3dca07c12d6e085218e3b597dacd2c9f552cef1dc4dc22b83124a3ea2c198996821b5ba65cb62b8dc212de5685e30a42742e7c9a9ffb1667a20438f7ba24bd4355a2a8c5fb5484e7ec71694d88fff5ebccecdc159ed6467a416795c091774c9664c3ebdccd96c140299e62fd748ff250a500d0361e61ca6fa88e72743b987929cab024582fe8618235989b80f57b4eed927868c7b0dc62a5165e8f8ae7408b8717d861afc7a1982df2dc70907ff2d91edb57b5e3634ea6f0aac40ffc36bae3d08b3bc35a4d9b6c8b3fc6552b0c448f4cb0315823a51d21921fa05d5559c72526b5d12e893312de07d05846170f6bf0abc8623a6a881aa824867fcd9a7c1cfe8951b5b59ca601b0559a5bc8b3f2b261212103dded5ba189a9e7445834dea1ef13efe1e19fb136efd07a89f79a91008fa209c1998ab8d271bc1c0af11bbf519c7000d7bb030f3c20a9aa2e2ee7c8b7b424e653d0b4196c7fdf67aaa951fc5fe790dd3ca8338f0af7c8c8c7de59d8640c9c8e6b2a4d2167b5e4eb258ac5136d736185346f52c3d1235e98cfcaad46db007a901f63d5189180be1c03be908ecb03ce029a516d3edfb13634e652b0e341345faa1968eca8b2e58e5419e639e1928e13f5a83b72d6e33bb8b0b768dee28be6d8dc0fa0f8449008ae6601f68271979d45f11d6feebad1438ac4036ac28573374a20f4c8a917f639a0283f7e208ef8e7d069363e2e337547918730f8097e2dd2c9cc22c4fdd788605a8459b224d079d602acef6f5cd90ee63d87f06c3c260d6558dd720b1e9c572c0bc17597487b53cef96d11d0c7ec17a887f99859c5bc9c02d4fad7da4db4beb960f30df1d9673f12e1eefe150e2211be88c31d32842f28ff4cbdbc5a7d0fa1b338fd7cb20a6351fa8eb7ea1176f35ce577f7c97c10a82daff78ff1deff4dda48d562c1c784c1f41e562d38d56f39ad797d3f7541379074a6d0aaeebfe033754a02addaa6e4282fd7a92395e6368369f31f1cc7076ab9e3e33324c5ee49e49142e437232ba4676bb5b1890067d0e0a6123e46f182ec0dc0752fbe69d510bb1d7669d9539e520310fa5f2292a4805ab0143c7c98dfee236807c3281f19a16cda65f265973d3eb4520e5df58f7d12994403a020e974ce795fc68633f513146a0a90f5ddd545b6034b241b29fc0b3e316a6f0c54179ca6a47c0f976ba77c58d2944c2f07c722d5d2bb15548aa074704f650453bccbb1e49bd85033f5ccdb70bfabbba5dd1b4211261e3cdf2eaf5c1bb3ff822db2f517431af30404504164da5975090172e8e53b6244ada0cf4b04de3b7e83e30381b9803c7618f4ba0dfceecba97cd117d8d74d978815741d43123eeb2b3e12ca7c248f4834bc66144de3179e395eee44978c2ac83d4568678428a21b17efdba401d0728f67e645c0fcd5806261543e31f59201a7118e87ba0fc703e07c53bb403c0471a34760a4789b7f4d33403e785662d2c170a17bfd7b6391f084a88326a9de661fbaab2ada6d9687b1a291e269b2177bf6560695b7a3a3e3cde5bd9565094897db293a95450ff2a523347b1a873bc2381baf9c4c68dda9c5afce2a25d3600fd090f3b574d1875fae4c08bfcf98ad7ee0926e71dafd136519b47f95d943963957681e8b671a5139bdf862dffb53935a3d82a6d9ec6116210940e1f1fd0299dcaea1c765199888a988b99ce4ef76f0f56b20bf4f6807e2df0c1f007a223ffe5a5d066686d4d33067c021e09e542b8f7c7697d142c3644025c4e66483a146b7c0a834587824d56a4683768c63ed52ad6b86a2669dce037ea65c1f2debde83b3733d32864df2296679f00a892a7ef185f7103c9", 0x1000, 0xfff}, {&(0x7f00000003c0)="65f4b3f5dcd8ca563d4a0c359ad7681d78cba59d582dd8b706cb3dac5677857c4c0296b34f379b6db36541178b4aeeb6c176eb897aaaaec2399b7d7a472ffd358b787201ba05b73a76f7477e74b327a341c8b6a9d3e94f2f2136a60f46247800c6fe072223d69f225081ef2267983cf109bb71", 0x73, 0x8}], 0x100404, &(0x7f0000000500)={[{}, {'\xe2$systemnodevGPL-GPL\x00'}, {'trusted.overlay.opaque\x00'}, {'@((&[}[!\',%'}, {'trusted.overlay.opaque\x00'}, {}, {'\xe2$systemnodevGPL-GPL\x00'}, {'\xe2$systemnodevGPL-GPL\x00'}, {}]}) renameat2(r2, &(0x7f0000001640)='./file0\x00', r0, &(0x7f0000001680)='./file0\x00', 0x0) creat(&(0x7f0000000100)='./file0\x00', 0xb1) r3 = openat$cgroup(r1, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r4 = memfd_create(&(0x7f0000000000)='\xe2$systemnodevGPL-GPL\x00', 0x0) dup3(r4, r3, 0x0) fsetxattr$trusted_overlay_opaque(r3, &(0x7f00000000c0), 0x0, 0x0, 0x0) r5 = fork() sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r5, 0xee01, 0xee00}}}], 0x20}, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000040)={0x0, 0x1, 0xffffffffffffffff, 0x5, 0x80000}) [ 116.914502][T10501] FAT-fs (loop1): bogus number of FAT sectors [ 116.920610][T10501] FAT-fs (loop1): Can't find a valid FAT filesystem [ 116.928822][T10504] FAULT_INJECTION: forcing a failure. [ 116.928822][T10504] name failslab, interval 1, probability 0, space 0, times 0 [ 116.941445][T10504] CPU: 0 PID: 10504 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 116.950271][T10504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 116.960402][T10504] Call Trace: [ 116.963672][T10504] dump_stack_lvl+0xb7/0x103 [ 116.968307][T10504] dump_stack+0x11/0x1a [ 116.972527][T10504] should_fail+0x23c/0x250 [ 116.976971][T10504] ? ext4_mount+0x40/0x40 [ 116.981319][T10504] ? getname_kernel+0x37/0x1d0 [ 116.986085][T10504] __should_failslab+0x81/0x90 [ 116.990891][T10504] should_failslab+0x5/0x20 [ 116.995468][T10504] kmem_cache_alloc+0x46/0x2e0 [ 117.000468][T10504] ? avc_has_perm_noaudit+0x19a/0x240 [ 117.005845][T10504] ? ext4_mount+0x40/0x40 [ 117.010190][T10504] getname_kernel+0x37/0x1d0 00:39:49 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 117.014812][T10504] ? ext4_mount+0x40/0x40 [ 117.019140][T10504] kern_path+0x19/0x40 [ 117.023245][T10504] blkdev_get_by_path+0x54/0x1b0 [ 117.028219][T10504] mount_bdev+0x47/0x290 [ 117.032470][T10504] ? ext4_errno_to_code+0x110/0x110 [ 117.037672][T10504] ext4_mount+0x2d/0x40 [ 117.041884][T10504] legacy_get_tree+0x70/0xc0 [ 117.046474][T10504] vfs_get_tree+0x4a/0x1a0 [ 117.050916][T10504] path_mount+0x11d4/0x1ce0 [ 117.055456][T10504] __se_sys_mount+0x23d/0x2e0 [ 117.060136][T10504] ? mntput+0x45/0x70 00:39:49 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 117.064119][T10504] __x64_sys_mount+0x63/0x70 [ 117.068732][T10504] do_syscall_64+0x3d/0x90 [ 117.073145][T10504] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 117.079074][T10504] RIP: 0033:0x467b0a [ 117.082964][T10504] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 117.102659][T10504] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 00:39:49 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:49 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="4c0000001000fff1fefefd956f76c9b724a6008000000000000000683440150024001b0000000000000000593ab782115ed9043d51d7e88dc62b2ca654a6613b6a080000001cbc882b079881", 0x4c}], 0x1}, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="10000000000000000000000000000000100000000000000000923fd95310584132336646cdfde7c9d75a077d078d45121489c87492361e0d8449c7f284dcbc00fec9fc8a97fb28f8f5e5cb63afd6e7b3662b140a13b554"], 0x20}, 0x20000000) connect$inet(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) [ 117.111111][T10504] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 117.119078][T10504] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 117.127044][T10504] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 117.135105][T10504] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 117.143082][T10504] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 117.199207][ T1040] loop0: p1 p2 p3 p4 [ 117.203530][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 117.209558][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 117.217834][T10548] netlink: 'syz-executor.5': attribute type 27 has an invalid length. [ 117.226193][T10548] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 117.236618][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 117.246734][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 117.272362][T10548] netlink: 'syz-executor.5': attribute type 27 has an invalid length. [ 117.280602][T10548] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. 00:39:50 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00') lseek(r0, 0x39, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00') lseek(r1, 0x39, 0x0) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000e40)=[{{&(0x7f0000000040)=@abs, 0x6e, &(0x7f00000002c0)=[{&(0x7f00000001c0)=""/207, 0xcf}, {&(0x7f00000000c0)=""/172, 0xac}], 0x2, &(0x7f0000000300)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}}, {{&(0x7f0000000340), 0x6e, &(0x7f00000008c0)=[{&(0x7f00000003c0)=""/212, 0xd4}, {&(0x7f00000004c0)=""/167, 0xa7}, {&(0x7f0000000580)=""/21, 0x15}, {&(0x7f00000005c0)=""/78, 0x4e}, {&(0x7f0000000640)=""/101, 0x65}, {&(0x7f00000006c0)=""/97, 0x61}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f0000000740)=""/92, 0x5c}, {&(0x7f00000007c0)=""/196, 0xc4}], 0x9, &(0x7f0000000980)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}], 0x40}}, {{&(0x7f00000009c0), 0x6e, &(0x7f0000000ac0)=[{&(0x7f0000000a40)=""/86, 0x56}], 0x1, &(0x7f0000000b00)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000000b40)=@abs, 0x6e, &(0x7f0000000dc0)=[{&(0x7f0000000bc0)=""/240, 0xf0}, {&(0x7f0000000cc0)=""/169, 0xa9}, {&(0x7f0000000d80)=""/47, 0x2f}], 0x3, &(0x7f0000000e00)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}}], 0x4, 0x2042, &(0x7f0000000f40)={0x77359400}) r3 = syz_open_procfs(r2, &(0x7f0000000000)='net/sockstat6\x00') r4 = openat2(0xffffffffffffffff, &(0x7f0000000f80)='./file0\x00', &(0x7f0000000fc0)={0x20c002, 0x9, 0xd}, 0x18) accept$unix(r4, &(0x7f0000001000), &(0x7f0000001080)=0x6e) lseek(r3, 0x39, 0x0) read$ptp(r0, &(0x7f0000000180)=""/33, 0x21) 00:39:50 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r1, &(0x7f0000001780)=[{&(0x7f0000001800)=""/246, 0xf6}, {&(0x7f0000000340)=""/145, 0x91}, {&(0x7f0000000400)=""/18, 0x12}, {&(0x7f0000000440)=""/64, 0x40}, {&(0x7f0000000480)=""/179, 0xb3}, {&(0x7f00000005c0)=""/4096, 0x1000}, {&(0x7f00000015c0)=""/225, 0xe1}, {&(0x7f00000016c0)=""/167, 0xa7}], 0x8, 0xd9f, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) chmod(&(0x7f0000000100)='./file0\x00', 0x100) r2 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4c1) fcntl$lock(r2, 0x7, &(0x7f0000027000)={0x1}) write$cgroup_int(r2, &(0x7f0000000140), 0xfdef) r3 = dup2(r1, r2) mmap(&(0x7f0000280000/0x3000)=nil, 0x3000, 0x0, 0x4010, r3, 0x31e1a000) r4 = open$dir(&(0x7f0000000040)='./file0/bus\x00', 0x232003, 0x2b7) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r4, 0x4018f50b, &(0x7f00000000c0)={0x1, 0x2, 0x7}) name_to_handle_at(r4, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=@FILEID_BTRFS_WITHOUT_PARENT={0x28, 0x4e, {0x0, 0x101, 0x20, 0x0, 0x3, 0x6}}, &(0x7f0000000200), 0x400) creat(&(0x7f0000000580)='./file0/bus\x00', 0x0) 00:39:50 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:50 executing program 2 (fault-call:0 fault-nth:62): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:50 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f800002000400000000000000000", 0x23}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:50 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="4c0000001000fff1fefefd956f76c9b724a6008000000000000000683440150024001b0000000000000000593ab782115ed9043d51d7e88dc62b2ca654a6613b6a080000001cbc882b079881", 0x4c}], 0x1}, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="10000000000000000000000000000000100000000000000000923fd95310584132336646cdfde7c9d75a077d078d45121489c87492361e0d8449c7f284dcbc00fec9fc8a97fb28f8f5e5cb63afd6e7b3662b140a13b554"], 0x20}, 0x20000000) connect$inet(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) [ 117.739395][T10572] netlink: 'syz-executor.5': attribute type 27 has an invalid length. [ 117.747643][T10572] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 117.752251][T10577] loop1: detected capacity change from 0 to 264192 [ 117.764766][T10576] loop2: detected capacity change from 0 to 512 [ 117.779750][T10576] FAULT_INJECTION: forcing a failure. [ 117.779750][T10576] name failslab, interval 1, probability 0, space 0, times 0 [ 117.792411][T10576] CPU: 1 PID: 10576 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 117.801166][T10576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 117.811206][T10576] Call Trace: [ 117.814470][T10576] dump_stack_lvl+0xb7/0x103 [ 117.819048][T10576] dump_stack+0x11/0x1a [ 117.823188][T10576] should_fail+0x23c/0x250 [ 117.827619][T10576] ? kzalloc+0x1d/0x30 [ 117.831781][T10576] __should_failslab+0x81/0x90 [ 117.836531][T10576] should_failslab+0x5/0x20 [ 117.841101][T10576] __kmalloc+0x66/0x340 [ 117.845247][T10576] kzalloc+0x1d/0x30 [ 117.849124][T10576] security_sb_alloc+0x3c/0x180 [ 117.854034][T10576] alloc_super+0x10b/0x520 [ 117.858441][T10576] ? mount_bdev+0x290/0x290 [ 117.862938][T10576] sget+0x1a5/0x400 [ 117.866739][T10576] ? test_bdev_super+0x30/0x30 [ 117.871493][T10576] mount_bdev+0xd3/0x290 [ 117.875730][T10576] ? ext4_mount+0x40/0x40 [ 117.880086][T10576] ? ext4_errno_to_code+0x110/0x110 [ 117.885282][T10576] ext4_mount+0x2d/0x40 [ 117.889420][T10576] legacy_get_tree+0x70/0xc0 [ 117.893994][T10576] vfs_get_tree+0x4a/0x1a0 [ 117.898446][T10576] path_mount+0x11d4/0x1ce0 [ 117.902973][T10576] __se_sys_mount+0x23d/0x2e0 [ 117.907637][T10576] ? mntput+0x45/0x70 [ 117.911603][T10576] __x64_sys_mount+0x63/0x70 [ 117.916177][T10576] do_syscall_64+0x3d/0x90 [ 117.920577][T10576] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 117.926460][T10576] RIP: 0033:0x467b0a [ 117.930334][T10576] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 117.949926][T10576] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 117.958324][T10576] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 117.966300][T10576] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 117.974258][T10576] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 117.982213][T10576] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 00:39:50 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:50 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file1\x00', 0x0, 0x2, &(0x7f0000000080)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020101000240040000f901", 0x17}, {0x0, 0x0, 0x100600}], 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="007454878c40ca6c2ee82cf4193ffb638a2987a1e8bbdb73d2074e6540cc66f615e29666058603f00ee3eb38fa29e919da928a1a3d48737d63f77ab12809785671d8a9591eadabb50b9a1274b9f6ef2673cba897b19e2ccc5e44257ab34c2212aa703dae3ed4ccc549b0fe10deed03682c862882c6bc450ac42ccbe90137534d40cdf73c5b84fb6755c3fdce88d6ec96a43d305dfaa30ad6eb"]) [ 117.990180][T10576] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 118.013111][T10577] FAT-fs (loop1): bogus number of FAT sectors [ 118.019211][T10577] FAT-fs (loop1): Can't find a valid FAT filesystem [ 118.027907][ T1040] loop0: p1 p2 p3 p4 00:39:50 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:50 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8241000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)="53000000fcffffff770400000000200010004d2040000000000040000000000000000000", 0xffffffe5}], 0x2) close(0xffffffffffffffff) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x540140, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000f80)={0x1, &(0x7f0000000f40)=[{0x7f}]}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000001000)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') writev(r1, &(0x7f00000016c0)=[{&(0x7f00000000c0)="a054d9cb4ea807a645a4454a887a865290ca", 0x12}, {&(0x7f00000015c0)="f1e94dafcc6098f6056344dc73eddf70f24d155f0a0f58cb7204088f4a7116f811913a8d1ef2ab8b59a6f82a432100e2eb11be1cd93ecad79c0e99f87188b6e1e7fbdf9fe2acec2285152f93d7d185219f3e9381c58c028bfa57546a7eed7c85cdc72a0cec56187496444528d17fc2c6360af09b8b680262f533cc43a99b7f89b1610627231d0bbfd0307824e14c87ffb09c534701231dee9747421977659cf2c8ec725486d5a2274fcaf9fd678e97fe11782445e11e99a495415ab722313e429758ef515ea28364878d506fbb55925a60d81cfc5690682918", 0xd9}], 0x2) sendmsg$NLBL_CIPSOV4_C_REMOVE(r6, &(0x7f0000000240)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001740)=ANY=[@ANYBLOB="a676084547ef559e3b608b39e17e1d9f0e82de5f223294d7eeb16908925651d9944d36163cce9de0d5b22963bad7d29dabb4eb59bb331c5bb0d12259b041c8912938c958096ed965ccf6c6aa43b476bab7fe780982567193a54abf30df429ea5ae2d38fe074f50e957eb13d8c7f8da754691e46b02e20182a85a913572dd4b7eb4bbee44c37f898fe283bf190601e787d6d2003b5a0dded53b65d964f31684c31ab6834c43d9aa67c846d0c482e92f4c5dd6052ae838fd10e34afc44f3f7f5e16d36fff4f120c4382f0b4c6b57d7522e3c59f0d436edf65eef78229ad47cc8b83ee1faf2ae4aa9f730284996387ab992459e74db80ae53dd9c2949916759cccbcdc0dd5082e0055207257bbc6395a5dc597601f7aba686e04e16c0bdeccc129f1deac21905ec92be893fa308a69823e8f0217a30b8e2f3a688eecc49e5f2e5de2e4f4403ee579ac9599c6c54e0e0bdca620194ab15b9a85f2264a136ba8c25a2fee890b26233ea8922d702f6c402f44616a19ca821f3d889d1c3c7b9abcdfa22dca627136ae1360ae518d8ba58b9347b421b559c1d4d4f2033625c6866c7ae1b3b7329f238971b9e3d169fba1e7f88dbae9f09bcd18c7e13cd7ad7df100ce3b20705aa31cd9f6038a65f14c77fc01344018e928658f631d0ce4c42426ff3b8ea2b8cc5727da9cc1d13cfad7ca61fe04768878974a5ab18001988d16f23763483581683a168c8df1ec226d14e43cb0bd439be21e84ea5f2eef5284117a8febe17b10a042fce1ae79f0e5a5d88621be4c5f28b648be26ff95b35317866867f937ae366bd2d5b46b9c1375d74d81c8782f9f7c02bf64491ab92f911ce94e27c3203b27ce54c8f789c85267f64416b47dc9a6a58e4bfae9d82b4d82c3424dd47b2e5f60ad93b8ce0944c15dc88934db7d876bed4ae3bfa2781907d6aa5d6c800e246863ce7dc087289fb214a5eb40b745f0bf6b31b16f90d9f1cdd82651ab37cac49a92bc1e8fd477ffcbd243708e79d110c2176d5ffe1529fd8eb822944ec71ad13cf220892389586a4cb3fc800f0cf5606e18514548d664843567a8ebd2cc81f805c7f0783ed33a0922ae2fbfeebd4cc4d5013e047ea4c545952c3915a5d406bda65d9c369bf6ac54639ac780b39b2130913de1d0174ac6e7f51ed530afbd952d2bc517bddae7d447524ee6f5961792edd24db97e577f27e347acaa3124df708304dd55d553fd6f9055fc4de8e7232ff130904830bc74bdb312b02d8da4363f282204ba6fb7f6b8a4ec7784a1ee7f74c9f78b49419df94862c70fecca90e7d70bb69655c9c07440d74765c98f51bcbee39e0509583485d5369b9ecad6048b78919b455d580b72fc82c4280814eaa66dfdf34334e98ebf30b82f0033ad8a58fbf04e4aa4799c69afe6cd20d5ed06cffdb8e4ada08216bf2ed40d94782e3558deca45501b877b0f5cd10f272b602e71e00b79bfabc1e22a752201b06909a07a8a559cc64e05a1ec95d613c05ca97048f0e0b3a9e7f227d86ea865a7dae039ebf0a093ae4ad6a43b61c62373b18e0d06d56fc9ed9654a8b2a2363566c56f6e2d51fdaf624f51fb7e715f469fe22b995ef60d1106c9784278e19c41034fe9cb05b81a501ff2dc422704a9a49dc0cddf62728e50d850700000000000000ded19e7a71300635e2ef5f9955be8ae4d7e8319077687c955ba12db3d6068545f17b714ecfa1b5c69c25fbe4e279e91d2d19a72452f4719814831e3ae4a05976a45f955d4bd6ea0d6fda797f3f215e799787907e063f000000000000007bd778e426d04e4562cb31b61093f5ee0e8a38fb8e58b498e2577117b2854f12aa92588d6a7f9368aae35de3b965a1a30f44520f783718b4c7cfa163c1acbda149e3664ab608b2a3dd2d4331b7b8042ab5c5227d9ed2f4c6eb8f4f383ad08bfa72dcc6f944a8f0edb37ba65c527e2cbc4e45516a42cbaf236fedd66cdf6c0c4068b8fb5880fa01c9c5aad3d556efecd55271893f374fc36495831f00a17190ef9b879de707b648f9e43689638507afedebaeef99404bcd58950b9d1a5ae1ddcdd0882ef725e03ac1c43ddaea9a7726b836cb64d363ae7062d8a539d16471d7160d7bc1f8707c9aa77240189393eea889ac19a4958c56e2fdc38a7e264e6effacb0202a22a505003a6fe2352fee85cebca1d8706d00f2be8826b261b5fe6ee75fa8fa38984445e1cd4c382cf2cfe14d7c542b14a637d05e729cde31f6ceac712394137e2bb408f61d9972173b295bab2a74564236b6b6e441eeb835659caaa54404fd4706d32bbf981ced48c6e82f9e9cede593c8e063a9a789ae38c47ff9d14cd855d6eb72ea7009efd3ce318aa8c96d7d6e82925d10090c04642af652ddd9732fd01f8cddf759cc9f79308a43588df227d79f7db8750d4498be9cd4eeaf2b12435704e67c156aa74eba00bdd241f7d23652895ea54743a12ffeb606cfaae88d14400cd230d55e112891ebc96ac90183be301564d7d2fdf3d4bb7160ea889fee98a47fb4f816a2fe0cb66809ebf8763306c71203f86d6d85e7c4bd3694f71354367c69b7053ed75ca15cd441e6caebdf4ec15f3eec4f86b1e3506048c52851406897d63fe54db0100ac6eed6cad0733c941c345da94d0c6f4eec92820dab06bc330e74f52c5858fc71862701ec3b690605fb460d1f6e46f99299b4cf3df8d65f87c4a2ef8d05fa4b3841482f4572fe4773cb548ae691f12a219de1902a644f238a9f38d9913790de484a1251e3b8399a10b3e73a4895e2ae57088f38524ebd5fd2be455ceeb16b5bcf5300cfedd1e326a862c0bf3e1bef531a6c7a5895c247b12b39d9952529de825f8a31282be28ede06b7a5062c4dfefee45c52a901504723c59983d8746e84c457f8fdd18f55379189b63e5b9baaadf9a117f98538c1015f5d1da113c74f63b59545658c1df48ff840a691efd84f835a92a0a6ba2d9a4fb09a0577bdb3f888fa5ddc0abe98cdda0f0a165878e19fb99372077a605cc91e91e0bfdbd09c7b6ffa9db203000000bc6d7e572b5b46decb2e28ff71593b5bc58d21f86ed46db4e0f142af07d53c1b405511da1c80d5db99b4957443ecaacfa6e66732bcdd609e9b4531f50f5619571aa738abf0cc61eb8973be69931a6fef7e52a19f70ad318d549b0c8c805922e81e6ada33a4b59a9af96b40e563b6b147d04fec6ef7029ae8246744cf2f803432223529ad6456b188f34c00ce0dc4863beb9be26ae19b590927712db57cde87f9aa13c23fca0d1ccdfb77eb2f987a8905627b294753124a4bd6c03df81bdf014d2ba8ad181e5ee6094635ec64f04d1932359bca717bf00101e06e23fd6aa73eecca651471d875b088b4fa5a4765a9ac30725ac4032cfa77ed55229d5efff09463913195d92c4956833f2c3132a9c08588882624839502b8e83b9f700fc95d38891c25cc0e47f5865005403907d75916a5b31694f627cd90dfa2878a6044b6283febda431180c84caf8b2dc73ea016124c668e9d650449c9d272b075aaa4fc2174ebc560c10db6a6c427086a498456b8a9adc05a67389e00d2dc429a865861fe241224d9d200e92dbb8605f76f347ea4bed15a0ebae4f434fad2069ee387465f96efd2d52affc44ab011b6aa8004393d59b7ef6fb0f13568eb20fb47d9007ca13267233b6862426565b75018d3bb63912d87053ed33ffd87c48ba6bf1d8c1c2fa7103b527077a83d00ffc5cb75a76bf8861090ff984a4de3354c0bf35719f5ffe3c2fb11035ec8a525e7f73997e337b195c2ef4f36ecf498b939d47297bec7b41480c8ccb6736e523c42ce4016caf7f7883ab62b44cbfbed0e4a621d44c67027f1b5be2cec6f086c4a73148f05c0a08046d1cb991fe11c43bbaa28e0746ff121cfbae5e6c9c04a2794019bafe704e058e6020dfdce967a6b86b569b8721fc172f9ffbe9a77e70e7a998772b6de720230a40b7a5796af6188c800b7fa06c54dd6be660a050781f8e03edae98532fef635dee9917145d831519e4b1e432ad926225bc4922214658cd0615760e1aa90b1c371811e475cbb69a3ee5392336afd2b8accfc204754ef95b362b0b2a229f1857a118c74cde213571b42f3a6340cd0b165712d7b47532e65a299d2d0c9a5661adfac383b8bd2a3fa625fec436516a9147be525f05577e485dd3d70076d94d2fddfee253963e4d7f9e9af4b3948a6757033ab65cbaabe09e4c2ee4e2803b97c84a109a4aa82ed72a1994c7ac159e7e6f5c26c11728ef65503127866a4c668379f82e8db5b8934f479aaf5df687bcc7933633471ab79443d69740cd880a5375e5ece1b05c41ccb70c7ef718fcb3667260f93b4c24478ed1c2112d3fa959b421c7e4e8bd75efc1014f6c8f69b1dd7993c4d04700a475118536de33b142f1f6b21a349527ffc7ef678a7b567c78192d0cf1c1ef95bb2665eaca4f2e63a0c8ed6d5955b26931d98b8b190c36b54c6f8ae670e706a97965dec5881b070fb1341aa47ee181da6f85681c21b1bad7f8191881d920983c2ff0e523adaf3123b0773d561859a54a6a77c0eccccfef8abb808120ce27c43476b1c978985ae42c680147f092502bbb1f0e37570f876db7215b68ff453eee673519cb1d0adfcfcc477ed5663955e7d20228d0bdcb9a5a855c6a7eac601c79d91ba01f1d8575b721951e908fa72c295dcea1eb57531748875713cc6a32b3712e701b22b15d3e53337fff2271ce43c8023cab1c26130b017949a16e213e8186e6df3a1b7ba3dd63c668c3fa6542133cd30546fe519ee1dcb40f487066d2e6118e8f96705abe25f288789f38bcf8eb695e16a2c00e61f5ad1593d3c33e150ecf1d6f5a561b9698bca30a19cb71572146ff2dc771b5ae9f0e26ef2491f93d8605df6d849f4cce05e4687a5a4ed4cafb51ee94ed070aa9bbc9ea3edcbe457b518cebfa3d206dac8ec464c9a4ebc74bd951e6c38f197a915fa7b25d9d82fc2fccc36c782a249e79d73be2fa17b5929c723b88cda6b7b5e09e988ce68714fb650d8c394ca3608f101a9fb203a4c85273609343264b8e0dffd91be57f04ad2b845ac0a3b525a5160dbfd1e467f55ffb4f2543acb63855434ba7e6721aaa18c7497a6966809c0732f72a23f0de99e285a798cdfd6a59324a0969860715a06e99b338aaf99aa88d2198b99970f7d5efb123c4a66dc05c4d8cc9a53eff3bdf01a1a3202e63fe4f79a634279d95a574921f9f25466f47f59b230dbc34fd205ba57815f26e7083bd90419e21eb643f5ca893e2405118d5d6ac3dc2bdf5974cec29c824826c8197674096aa911d04fad7d149d82f6aa32c4a07ab2dcaceb575c83969e34410c4448b6cae5282cb5ca2449185985f68f66831f1eda1a722e1d036565034bf340c02999eb334ae5b79b2ca556511c2490413dd3d551a47e6a10d802d4effa55b4284c5967a479509f4efc41668e40573e6b7054f8ba005efb1fc7ca4ad7b67034fd0e4a52a2d8c78b6814560231b643df0e010422d215c73af5159d2dd51bf805b5d3642a21161e99d7966b7cfb09b1b15a63005b5dc86799b860fd048e130f084c430127494e31678f31daacb2ce8befe6e50dffd7e466448a1db97ad21086ef7cd69241ca9e49b6f18ac0f72ebec5b326ae8ffa38e7137325290fb8a60964f99893cb9924f514d9c17a79a4fbaad0b0bca44502c0ff8b7bfd4f939c6e6edb33e765a6f066a4b2a191b815ed216864e2a9fb5d29de541a092ce67e32093cf3e8d88617f77e37104a7812d056c449d299e5ae7548a1513333870bd74012efbf125b269488ed1f64223d16b2cbc13646ef03e4c016fdc2e68990e6a657600a5730169b33da458a5d736b65bcef0513a5bcd5106a44d33f5c1367e51bfc11c89386c4e492707db87887e5b86c1dba5538fbf5391f5f450a9064b6dfb04f5e7a462277cbf6810e1adf7d64acba3d5e296f5c868cac1cfd76016ca31f52d1169826cf2b4dc548fa348c4c877f9ab4c5cd8fe90452d486d455f3312fa90d3cf031abb0c9ce4fe21496de73c4453770625096a76e7ec42de4e1d12074c68d26a2a143bc762209e77244fb62b8660a62251490e0e68ffc578d27c943632f5462ffe56a0811757d7a2a9ad5c690fd7a2118b5a9d0b266493cef716ef8308d61f4d4c8f2947599294b98f0664c7ba67d5080a67d01dd227e02ed92ac5e06a3a10fed4ea3ea109bf0f23ea44c108a31c56a82c296522328198f30f528927b59a6b38a0738bc055559b83f5be231a9137f16d4fd49611fd0f205afaad2ebe2487abd230a3de428529e18bdf20c9fe6e856607cfa83e5ba0d3eed7f6ab508358604a8e762553a884e07ec2a3b60adf543", @ANYRES64=r5, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f00000001c0)={0x0, 0x6, {0x9, @struct={0x8, 0x5cd}, 0x0, 0x9, 0x7ff, 0x6480, 0x1, 0x400, 0x60, @struct={0x9c7, 0x2}, 0x7, 0x9, [0xe0, 0x3, 0x200, 0x50000000000, 0x100000000, 0x6]}, {0x1, @struct={0x1, 0x5}, 0x0, 0x5, 0x9, 0x3, 0x7, 0x7, 0x20, @usage=0x1, 0x8, 0x1, [0x40, 0x4, 0x8, 0x1f8, 0x4, 0x5]}, {0x81, @struct={0x8, 0x2}, 0x0, 0x100000001, 0x89, 0x1f, 0x5, 0x800, 0x4, @struct={0x7, 0x2e7d7686}, 0x1, 0x7, [0x3, 0xfff, 0xff, 0x800, 0x8, 0x2]}, {0xffffffffffffff7d, 0xfd, 0x1051}}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r0, 0x50009418, &(0x7f00000005c0)={{r1}, r5, 0x1e, @unused=[0x0, 0x0, 0xf8b9, 0x3], @devid=r7}) 00:39:50 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000000c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB='w'], 0x24}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x2) r5 = fork() sendmsg$netlink(r4, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r5, 0xee01, 0xee00}}}], 0x20}, 0x0) sendmsg$NL80211_CMD_GET_STATION(r4, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000400)={0x110, r3, 0x400, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x6, 0x38}}}}, [@NL80211_ATTR_STA_AID={0x6, 0x10, 0x643}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0xb3, 0xbe, "f4a9e4c82073fdb75ac9bb0b05de1a67c208e1a763a44cee3edf2aba647534667984185fdc97cbf739689989c0cb612733ec9cb1af052d70b3aebfeeddf6507d02879f1225f0fd9b6326c064f002f7ee087221ab24d536c62fdbdefb70307e02647addf2ecee123d6063806a321604120706b86c9b14fee376d1ddd6e877a5bc22e5d18f881975bfd74d1b134fba900539e52bd46c802a423a6900efbdb66a809ab44c002adb661ca40ab56c102b60"}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x6fe}, @NL80211_ATTR_STA_WME={0x1c, 0x81, [@NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x9}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x32}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x80}]}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x2}]}, 0x110}, 0x1, 0x0, 0x0, 0x40000}, 0x4008005) sendfile(r2, r1, 0x0, 0x100000002) r6 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0) splice(r0, &(0x7f0000000140)=0x7fff, r1, &(0x7f0000000180)=0x4, 0x69, 0x938ceefbd8cfc1bc) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1800003, 0x12, r6, 0x0) preadv(r6, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 00:39:50 executing program 2 (fault-call:0 fault-nth:63): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 118.045008][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 118.051141][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 118.061305][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 118.076864][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:50 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:50 executing program 5: r0 = gettid() process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) r1 = fork() madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x14) r2 = gettid() rt_tgsigqueueinfo(r2, 0x0, 0xc, &(0x7f0000000140)={0x41, 0x55d, 0x8}) ptrace$setregs(0x4689f3d07193583c, r1, 0x0, &(0x7f0000000040)="6e739fa084a3fe8450f2c562e349fbc0cc567710125bbfa19ff2e25c0272e1de605438ff5c927c71c52224959991627e7653a58eeaac877be52d781ff05bea3a6d85db0cc710cfcfd5901661cea011632a74d1f36f41af002048bde3c743e4b9417fab0394fd63b95d34f228937fd3f4a2f35aaba60a3c94d40d27327ee6d0e180bf8f315c85e16987d265b203eb795af95a1a5dae99a2a90fcac867f215190007bb2c0553cd6ef5d411ae5def843e4bf260c5531ab89773a9aa6d6cc0498aa2c05afd7846a08ae7907985257f96a1c506c160a4fe12de21f5bfc91b4f08844a433d111a1c22959be74b") [ 118.122669][T10608] loop2: detected capacity change from 0 to 512 [ 118.147744][T10608] FAULT_INJECTION: forcing a failure. [ 118.147744][T10608] name failslab, interval 1, probability 0, space 0, times 0 [ 118.160403][T10608] CPU: 0 PID: 10608 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 118.169167][T10608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 118.179242][T10608] Call Trace: [ 118.182525][T10608] dump_stack_lvl+0xb7/0x103 [ 118.187153][T10608] dump_stack+0x11/0x1a [ 118.191345][T10608] should_fail+0x23c/0x250 [ 118.195781][T10608] ? kzalloc+0x1d/0x30 [ 118.199851][T10608] __should_failslab+0x81/0x90 [ 118.204644][T10608] should_failslab+0x5/0x20 [ 118.209162][T10608] __kmalloc+0x66/0x340 [ 118.213353][T10608] kzalloc+0x1d/0x30 [ 118.217276][T10608] security_sb_alloc+0x3c/0x180 [ 118.222133][T10608] alloc_super+0x10b/0x520 [ 118.226639][T10608] ? mount_bdev+0x290/0x290 [ 118.231151][T10608] sget+0x1a5/0x400 [ 118.235077][T10608] ? test_bdev_super+0x30/0x30 [ 118.239941][T10608] mount_bdev+0xd3/0x290 [ 118.244200][T10608] ? ext4_mount+0x40/0x40 [ 118.248622][T10608] ? ext4_errno_to_code+0x110/0x110 [ 118.253896][T10608] ext4_mount+0x2d/0x40 [ 118.258057][T10608] legacy_get_tree+0x70/0xc0 [ 118.262685][T10608] vfs_get_tree+0x4a/0x1a0 [ 118.267110][T10608] path_mount+0x11d4/0x1ce0 [ 118.271622][T10608] __se_sys_mount+0x23d/0x2e0 [ 118.276357][T10608] ? mntput+0x45/0x70 [ 118.280340][T10608] __x64_sys_mount+0x63/0x70 [ 118.284937][T10608] do_syscall_64+0x3d/0x90 [ 118.289572][T10608] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 118.295473][T10608] RIP: 0033:0x467b0a [ 118.299370][T10608] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:39:50 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:50 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 118.318984][T10608] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 118.327483][T10608] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 118.335461][T10608] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 118.343435][T10608] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 118.351405][T10608] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 118.359380][T10608] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 118.467667][ T1040] loop0: p1 p2 p3 p4 [ 118.473241][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 118.479272][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 118.488501][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 118.496292][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:51 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f800002000400000000000000000", 0x23}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:51 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)='S', 0x300}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:51 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000780)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup\x00', 0x0, &(0x7f0000000540)='pids') r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000180)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000040), 0x12) 00:39:51 executing program 2 (fault-call:0 fault-nth:64): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:51 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000340)=[{&(0x7f0000000040)=""/194, 0xc2}, {&(0x7f0000000140)=""/35, 0x23}, {&(0x7f0000000180)=""/59, 0x3b}, {&(0x7f00000001c0)=""/200, 0xc8}, {&(0x7f0000000300)=""/10, 0xa}], 0x5, 0x8001, 0x61a9) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)) 00:39:51 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 118.633760][T10664] loop1: detected capacity change from 0 to 264192 [ 118.638161][T10665] loop2: detected capacity change from 0 to 512 [ 118.651739][T10664] FAT-fs (loop1): bogus number of FAT sectors [ 118.657919][T10664] FAT-fs (loop1): Can't find a valid FAT filesystem [ 118.708863][T10665] FAULT_INJECTION: forcing a failure. [ 118.708863][T10665] name failslab, interval 1, probability 0, space 0, times 0 [ 118.721637][T10665] CPU: 1 PID: 10665 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 118.730447][T10665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 118.740490][T10665] Call Trace: [ 118.743757][T10665] dump_stack_lvl+0xb7/0x103 [ 118.748336][T10665] dump_stack+0x11/0x1a [ 118.752476][T10665] should_fail+0x23c/0x250 [ 118.756881][T10665] __should_failslab+0x81/0x90 [ 118.761625][T10665] should_failslab+0x5/0x20 [ 118.766122][T10665] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 118.771833][T10665] ? should_fail+0xd6/0x250 [ 118.776326][T10665] ? __kmalloc_node+0x30/0x40 [ 118.781004][T10665] __kmalloc_node+0x30/0x40 [ 118.785515][T10665] kvmalloc_node+0x81/0xf0 [ 118.789922][T10665] __list_lru_init+0x2d7/0x680 [ 118.794673][T10665] alloc_super+0x490/0x520 [ 118.799080][T10665] ? mount_bdev+0x290/0x290 [ 118.803572][T10665] sget+0x1a5/0x400 [ 118.807407][T10665] ? test_bdev_super+0x30/0x30 [ 118.812157][T10665] mount_bdev+0xd3/0x290 [ 118.816395][T10665] ? ext4_mount+0x40/0x40 [ 118.820717][T10665] ? ext4_errno_to_code+0x110/0x110 [ 118.825901][T10665] ext4_mount+0x2d/0x40 [ 118.830159][T10665] legacy_get_tree+0x70/0xc0 [ 118.834736][T10665] vfs_get_tree+0x4a/0x1a0 [ 118.839140][T10665] path_mount+0x11d4/0x1ce0 [ 118.843684][T10665] __se_sys_mount+0x23d/0x2e0 [ 118.848351][T10665] ? mntput+0x45/0x70 [ 118.852318][T10665] __x64_sys_mount+0x63/0x70 [ 118.856893][T10665] do_syscall_64+0x3d/0x90 [ 118.861336][T10665] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 118.867224][T10665] RIP: 0033:0x467b0a [ 118.871107][T10665] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 118.890705][T10665] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 118.899106][T10665] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 118.907065][T10665] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 118.915033][T10665] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 118.922988][T10665] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 118.930962][T10665] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 00:39:51 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000005300)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x0, @loopback={0x0, 0x4}}, 0x1c, 0x0}}, {{&(0x7f0000000040)={0xa, 0x4e20, 0x0, @private2}, 0x1c, 0x0, 0x0, &(0x7f0000001540)=[@hoplimit={{0x14}}, @pktinfo={{0x24, 0x29, 0x32, {@private0}}}], 0x40}}], 0x2, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f0000000080)=0xae6, 0x4) 00:39:51 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0) open(&(0x7f0000000080)='./file0/file0\x00', 0x121140, 0x0) setxattr$trusted_overlay_origin(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000100), &(0x7f0000000140), 0x2, 0x3) mount(&(0x7f0000000180)=ANY=[@ANYBLOB="012f669d0053921521afd5daa29ba16964657f0066696c653000"], &(0x7f0000000200)='./file0/file0\x00', 0x0, 0x104d000, 0x0) clone(0x500a4000, 0x0, 0x0, 0x0, 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0xb) 00:39:51 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000780)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup\x00', 0x0, &(0x7f0000000540)='pids') r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000180)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000040), 0x12) 00:39:51 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:51 executing program 2 (fault-call:0 fault-nth:65): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 118.963080][ T1040] loop0: p1 p2 p3 p4 [ 118.967697][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 118.973721][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 118.986520][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 119.012267][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 119.024105][T10698] loop2: detected capacity change from 0 to 512 00:39:51 executing program 3: clone(0x200300, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) r0 = getpid() r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r1, &(0x7f0000001800)=[{&(0x7f0000000740)=""/4096, 0x1000}], 0x1, 0x0, 0x0) wait4(r0, &(0x7f0000000140), 0x8, &(0x7f0000000180)) rt_tgsigqueueinfo(r0, r0, 0x14, &(0x7f0000000000)) ptrace(0x10, r0) r2 = socket$netlink(0x10, 0x3, 0x2) r3 = fork() sendmsg$netlink(r2, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r3, 0xee01, 0xee00}}}], 0x20}, 0x0) ptrace$setregs(0xd, r3, 0x0, &(0x7f0000000700)='\t\x00\x00\x00w') ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)="be9ff483111ec7c05a6e35766a9c5cd98ed812fee8ee677c468e2d01bb01fd560342c1891c9b259ef048c5ac173518e9cd261fa6cbe6a89b00bbcac9c7a8fc13d6d5661f30c63f72be485d2065e695187bb1482dff9c9d341184640629dc64bb37212a404898297b90eb535ba521052c06a3f59c8a96155e941ed41bc723c4062d6dc6418cd0808ff3") ptrace$getregset(0x4204, r0, 0x2, &(0x7f00000005c0)={0x0, 0x10}) [ 119.054942][T10698] FAULT_INJECTION: forcing a failure. [ 119.054942][T10698] name failslab, interval 1, probability 0, space 0, times 0 [ 119.067620][T10698] CPU: 0 PID: 10698 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 [ 119.076477][T10698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 119.086609][T10698] Call Trace: [ 119.089884][T10698] dump_stack_lvl+0xb7/0x103 [ 119.094474][T10698] dump_stack+0x11/0x1a [ 119.098626][T10698] should_fail+0x23c/0x250 [ 119.103078][T10698] __should_failslab+0x81/0x90 [ 119.107895][T10698] should_failslab+0x5/0x20 [ 119.112402][T10698] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 119.118153][T10698] ? should_fail+0xd6/0x250 [ 119.122690][T10698] ? __kmalloc_node+0x30/0x40 [ 119.127371][T10698] __kmalloc_node+0x30/0x40 [ 119.131966][T10698] kvmalloc_node+0x81/0xf0 [ 119.136420][T10698] __list_lru_init+0x2d7/0x680 [ 119.141214][T10698] alloc_super+0x490/0x520 [ 119.145651][T10698] ? mount_bdev+0x290/0x290 [ 119.150197][T10698] sget+0x1a5/0x400 [ 119.154125][T10698] ? test_bdev_super+0x30/0x30 [ 119.158894][T10698] mount_bdev+0xd3/0x290 [ 119.163175][T10698] ? ext4_mount+0x40/0x40 [ 119.167578][T10698] ? ext4_errno_to_code+0x110/0x110 [ 119.172855][T10698] ext4_mount+0x2d/0x40 [ 119.177009][T10698] legacy_get_tree+0x70/0xc0 [ 119.181605][T10698] vfs_get_tree+0x4a/0x1a0 [ 119.186125][T10698] path_mount+0x11d4/0x1ce0 [ 119.190678][T10698] __se_sys_mount+0x23d/0x2e0 [ 119.195359][T10698] ? mntput+0x45/0x70 [ 119.199340][T10698] __x64_sys_mount+0x63/0x70 [ 119.203930][T10698] do_syscall_64+0x3d/0x90 [ 119.208396][T10698] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 119.214360][T10698] RIP: 0033:0x467b0a [ 119.218246][T10698] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.237851][T10698] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 119.246311][T10698] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 119.254271][T10698] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 119.262249][T10698] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 119.270243][T10698] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 119.278227][T10698] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 119.292825][ T1040] loop0: p1 p2 p3 p4 [ 119.297172][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 119.303247][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 119.322187][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 119.329825][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:52 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f80000200040000000000000000000", 0x24}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:52 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = syz_io_uring_setup(0x189, &(0x7f0000000180)={0x0, 0x0, 0x1}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d5000/0x1000)=nil, &(0x7f0000000540)=0x0, &(0x7f00000000c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) r4 = socket$netlink(0x10, 0x3, 0x2) r5 = fork() sendmsg$netlink(r4, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r5, 0xee01, 0xee00}}}], 0x20}, 0x0) sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)={0x150, 0x9, 0x6, 0x3, 0x0, 0x0, {0x2, 0x0, 0x1}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e24}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x1}, @IPSET_ATTR_ADT={0x2c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR2={0x5, 0x15, 0x2}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_TIMEOUT={0x8}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0xffffffff80000001}}]}, @IPSET_ATTR_ADT={0x54, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0x5, 0x1a, '\x00'}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x80}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0x5, 0x1a, '\x00'}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2_TO={0x18, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}}}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAMEREF={0x9, 0x13, 'syz2\x00'}}]}, @IPSET_ATTR_DATA={0x4c, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR2={0x5, 0x15, 0x2}, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x5}, @IPSET_ATTR_NAME={0x9, 0x12, 'syz1\x00'}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x5}, @IPSET_ATTR_NAME={0x9, 0x12, 'syz2\x00'}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x6}, @IPSET_ATTR_ADT={0x54, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0xe8}}, {0x18, 0x7, 0x0, 0x1, @IPSET_ATTR_IFACE={0x14, 0x17, 'veth1_vlan\x00'}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010102}}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x20000004}, 0x51) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x3ff}, 0x0) io_uring_enter(r1, 0x45f5, 0x0, 0x0, 0x0, 0x0) 00:39:52 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="40000000000101040000000000000000020000002c0001801400018008000100e000000108000200ac1e00010c0002800500010000eeffff050003"], 0x40}}, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_FALLOCATE={0x11, 0x5, 0x0, @fd_index=0x4, 0x7f, 0x0, 0x0, 0x0, 0x1, {0x0, r2}}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000180)='timerslack_ns\x00') openat$cgroup_ro(r4, &(0x7f00000001c0)='memory.current\x00', 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r5, r3, 0x0, 0x100000303) 00:39:52 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:52 executing program 2 (fault-call:0 fault-nth:66): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:52 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}], 0x1) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 119.518039][T10753] loop2: detected capacity change from 0 to 512 [ 119.525703][T10755] loop1: detected capacity change from 0 to 264192 [ 119.544151][T10753] FAULT_INJECTION: forcing a failure. [ 119.544151][T10753] name failslab, interval 1, probability 0, space 0, times 0 [ 119.556885][T10753] CPU: 0 PID: 10753 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 00:39:52 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}], 0x1) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:52 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}], 0x1) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 119.565642][T10753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 119.575696][T10753] Call Trace: [ 119.578975][T10753] dump_stack_lvl+0xb7/0x103 [ 119.583776][T10753] dump_stack+0x11/0x1a [ 119.587995][T10753] should_fail+0x23c/0x250 [ 119.592422][T10753] __should_failslab+0x81/0x90 [ 119.597287][T10753] should_failslab+0x5/0x20 [ 119.601865][T10753] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 119.607672][T10753] ? should_fail+0xd6/0x250 [ 119.612178][T10753] ? __kmalloc_node+0x30/0x40 00:39:52 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:52 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:52 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 119.616868][T10753] __kmalloc_node+0x30/0x40 [ 119.621374][T10753] kvmalloc_node+0x81/0xf0 [ 119.625780][T10753] __list_lru_init+0x2d7/0x680 [ 119.630608][T10753] alloc_super+0x4bf/0x520 [ 119.635027][T10753] ? mount_bdev+0x290/0x290 [ 119.639556][T10753] sget+0x1a5/0x400 [ 119.643428][T10753] ? test_bdev_super+0x30/0x30 [ 119.648198][T10753] mount_bdev+0xd3/0x290 [ 119.652447][T10753] ? ext4_mount+0x40/0x40 [ 119.656813][T10753] ? ext4_errno_to_code+0x110/0x110 [ 119.662150][T10753] ext4_mount+0x2d/0x40 [ 119.666301][T10753] legacy_get_tree+0x70/0xc0 [ 119.670890][T10753] vfs_get_tree+0x4a/0x1a0 [ 119.675307][T10753] path_mount+0x11d4/0x1ce0 [ 119.679811][T10753] __se_sys_mount+0x23d/0x2e0 [ 119.684493][T10753] ? mntput+0x45/0x70 [ 119.688476][T10753] __x64_sys_mount+0x63/0x70 [ 119.693213][T10753] do_syscall_64+0x3d/0x90 [ 119.694637][T10754] netlink: 'syz-executor.5': attribute type 3 has an invalid length. [ 119.697634][T10753] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 119.711580][T10753] RIP: 0033:0x467b0a [ 119.715479][T10753] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.717392][T10755] FAT-fs (loop1): bogus number of FAT sectors [ 119.735121][T10753] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 119.735143][T10753] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 119.735154][T10753] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 119.735205][T10753] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 119.741233][T10755] FAT-fs (loop1): Can't find a valid FAT filesystem [ 119.749612][T10753] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 119.788016][T10753] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 120.058486][T10796] netlink: 'syz-executor.5': attribute type 3 has an invalid length. [ 120.423859][ T1040] loop0: p1 p2 p3 p4 [ 120.427965][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 120.434052][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 120.441909][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 120.449625][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:54 executing program 2 (fault-call:0 fault-nth:67): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:54 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{0x0}], 0x1) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:54 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x100, 0x0}) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) r1 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x7, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) fcntl$setsig(0xffffffffffffffff, 0xa, 0x18) recvfrom(0xffffffffffffffff, &(0x7f0000000540)=""/157, 0x9d, 0x40000001, &(0x7f0000000600)=@l2tp6={0xa, 0x0, 0xe17e, @loopback, 0x0, 0x1}, 0x80) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000000780)={{0x0, 0x0, 0x3, 0x1, 0x1000, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x12, 0x4, 0xf1b, 0x1, 0x5}}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f00000019c0)={0x53, 0xfffffffffffffffe, 0xde, 0x1f, @scatter={0x4, 0x0, &(0x7f0000000340)=[{&(0x7f0000000140)=""/99, 0x63}, {&(0x7f0000000240)=""/234, 0xea}, {&(0x7f0000001780)=""/234, 0xea}, {&(0x7f00000001c0)=""/35, 0x23}]}, &(0x7f0000001880)="7cadda365895a0622a1cdc251e3f61c15d67f06ab6415ee8348b02bca207c320ffec475c470b73be02d0aaf059d5d234cf0f63c215ddce6f037b1c492ecbeb90aca0dc315862feb85bba7217d5a7597b4c471cb70b4aca94cb941e68128daec96a8558fea9188af8fb38f7ee27b82bc971381f76f9621295170c2da22e1857f7d9f3f5c54fe8ea0b4e77177b3b18c6f5a17ad41a833d0be5f2774f85f1715040e11d70876f3b11b9044aa8f0fe2c39f2235d48124cede7d58e09dd2054537650c6f59634fa513ba123c128f3220e85fafef80cc8497b8cae45fa54756d91", 0x0, 0xb5c, 0x10012, 0x0, &(0x7f0000001980)}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000001c40)={0x1b, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}], 0x5, "60c86aa2240893"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000000440)={0x0, 0x0, "4f78d28e221a2bd0f30b2d26f0b118b9184a5ff0ea567f7bfb8edbdb92539c8f2081dd74acfcbf8c2b6045bc4c7eef07761191f0914f3bb109706c4e41be05f88060d2cc8f454a571db35596359fa45ad9c69465cd642407c93971e654d120c8d36658d1580e1740e45b2eb38233ae757279e358e6921e528189978c2eb9c97b9f18ee7d0e7545c9ec858d3f059a144eda6a4d4fe516c11699eaf20566c00d53773673270c14a1d488b29f5cb056590cae67e39a500f1569aef8ca682ab59efc9aebdd8901d3413883da228c4d56e3397241eb7ae2e8f5ef2184337309951e0ab693faf224eddde48ab408b21d5c7d5bdb3fb0bc6f985b089e40db066a09b8ea", "d9c643dfb0e77befd29002f9d1d876fc5e35ca6762c80c305cbc3b49a4b7bdb68950c37ca0f6e2513863cd7e92ed1334b0b04fce1679f41f10d93d14ad2171e39ec372f89b41070fd163095e6757296ec12626423d639cee95bbcc57a80123f73722590e286c0f9345d2710e39df228078683f0e609a415cccbb944a4138ca03a81c552b9c70ed7dc52f45fc57b87899bdff3ca90278f1e97fab974e7b58dc9fde3d0b4838774b47310fbb9581b115523061bada18caaeb337591a093ee0a2bba2a67422c5f7bdb5267c6aaea57b55af51be53b7d720cb43f7da45a3df9374fb68b7849626b78963d08adc252128caacf32b4f685ab24884497801de2c0d3d2d36910f3d10462538d276bfa3db544368e6d660d1f5f9946cc526d2cc135cb86d04f3715ce2e5154a7ab7bf169a7bfd2775bcd5dd7c2f15750879991d93527d75dcf7f50fb827a55f079ddf0ba5ba67ed091f31ad04de165882c229f8aedf29b790dc51f6364890c3df47d3866ff36114e28da2d40ab648eb26996e012ebbbd962c7427cb3ac0dffea94bab9bc053caba95f85807350cdc3cbe83353d7db78b4429024a94c7b6ce871f1e50f22841ec416c4261121271e8329c03308369e70ae6aa3f79fbbf73f861366a078f7cb8c3fba235c4c6a34f8f4ae3e046e64dbe69d3bec6041da35cae0b4891ef947e4ae0c3e07f799a3010aa8ec99098309c589cf1b908cd23f00c52a4359fd20d8c93f1d77e46a679eb08108e628714bb3ec631cc69ba189855d01c21b91b090b3f54483250ede9607e671989530fd6cacd2e76f04b639ab9673038c79365f7f4f8d2023ae47553feaef902acca1056c91fb72c41b44cfee19480cde8e885bcfbd125dc88ed5b43b3bf4279ed7f1a90783d2ca9eb64a60a42cbec08804ef41701ee41f06d467b433e442fe0f0d7e76058bd3136687e08f0f3493c1caea0c8e29c94a7264c6a4f4587f763a56343ec75f8f44b392464c6518a7e22052e040e116a638b67824fea4ed99600d0c51ccab449c746bb6b17f861613791cc557a29dd9d9ec65827d3fb6f069594462db7e0e06aec5ae9bf01ebc8b1127c58db9e842519e2b2abcd5374e2e5ed9ec089fd4fa911ed2f4f937df2686b71a9be370acd35ba379476828bbd71efb9201313fbffbfe99fb34fb1ead5830f1807cae9132f35f8f397db691b9accf46bafb5814094432402350039cbf4b26444d431d52289b4321e63201317141ef4da29ec930ebb52d0578992e17b5eb72699d58cf4a53f312bf33b541fa73a838671e06210fae811ab536cb6cc643c8bfc65ea8ee78eb7f20512251f3f88afb5f5d25f949f71c9c0917cbe5fb728bc467bd0882684aa1672e5ec555f1bb2069a5b40c60d2cc7720f3f26202194f776b6889a76fe7911c766759c910051646fff966e14ce8bd9b0665b55290a81291d8f37bd641c654b07d208acd99c550163feda22faaef4decf088f00ec99560ccd70a259e600f7f305de26c9b12af1c942b90cba00f3a11851b38379a06734498fda144c672c5ca4ea943d33807730306370b41fc2969479ab60d1508f899571e8bdbc01bd54eb2113a2d0b8f30d7e80716d9d6c5562945c3745f2f84f3089cd30ad73c4f64aa6af18c691259fbce3ce64be358db25edf047b0afe59692b9f8241f4ebb7a9a8f576f1dd0a7d56a79b42b83a39f5689758f8e48112bd3f66d48c869049769f487d242dc592b659464c126c7005bd4a75a69f3a8eb0129541c4c2bc49664748475b20df73fe81168d680f3bb5fab77a66d660712024a6d3fa7e59546348d28ac26e53bb4dfb027b7675d16ea5879a62c75f51c100c754e5fe011b53ed7cfc2728b203f0396c1a686fe8405ba706a329ab1dc2a84ea56d851d42ea2ba3f19d87556ecaf5ee5249d1c83b2fb99570a99294e33d855580981c3f791cf8148230789d35199fc54283fc5ddd0954ceaa5bc247513acb2590ff07878b71e9dddf462a8c6d6291f27c876fd2bb463f1f6694d80946a66e0166457551a7b85173d63d589b720f3973fd9635d3463a4f36609b6c2be98ab916df407e8f7290f41c7e0d273dbae1ad169f76dd537ee8ab7b6b736233573877fe1c1c493ac1aaca9209da4a3e1be5d06582eb66b5e8fe4542ba46a9594144328ac76b38e3f2a49b371ae54662f48d53763349c612822e0f4a35a867293438144dcab962329f3217ea760fc1e67176c3a7ec1db301b008b6ae2e430a53f025122f608c3cfc675ef6e3417ca1a2bce4281deb376dd781b2e9c111056b132f1e3151437c5353f158bff052d5c6f8e0eb108e015a347241dc1ad3377cde6d7b04222ec52e1d526aab7af627905cb93b5719f2ee412af951cd2af598df3acca4be15156b1deea31b4a21546ccdc134ae313aac35e6bca5810a28069398d3ec141e6f0ac48d20ca442ff80c371eef574dfc2d8aced34dfc10e3fe9289d370bc9af127a00fefa66621ae951f3f62bd09e26fff0823bcd92c092569001fbc392a4296efcfbfec1706382af230fa64ee9fcf33213c081d12d425abded52d837c9e5bd90e653473b09a9f09be58c0d5f0e44e61fda7032300ae450ba21ca7c0856785ac0574b9825e77c36d511cf6778a6674cf9910b1761aa40ba213f19bbce378032e054dc4be31ec31d61532949bc8da67eb6b2d53bff2c92460fe468ab59c254aa2ecd7e2e758368e94ca97d05fa591706b3e8e482d9e0593c5528099503c797be3a5bf5f745f6ce47c711b931f35a9979aad675e3ce52ad3d4e092fdff62a5713486bb44512535c27a1fab360b350905b4e4b28ec1eafdd499fda367f96540921921bd89d65ad96df9c0ddd9b460dd1e2be4a3277ec161ad60cefcb4186c04b05071654d980d80e55b993f3d7758ac397b0aed65f5bf5e40876052cc6690d8298949017c86ad84641ac85de255c1378008f0aedb11c62e834b842acc2308471cc5601ac34d5ec159109dacf7f2fea04c5512875f1f37467509b00b63a0d0ccaaa65a607be95a0d48a7da2ed7e11fd70656a439968ad1b41a40204bdbfbc5fc127c3835e7b6f291fb3b4a74554b9b0e9c0d49d8f495e9093e4442f8dadab395b7829b9e1b842905648aa894fd3bf3f95ea40091f6cd4ce01ecd3d8321ff3264c7c9ebf1e3b28fd78292c43367c3f7439081c2881579c36612dc4d56281579b10d28e2a9e0ac1354a84e902534c3b2a098ab0b10ffb3d0aba798ef58bc1480059c34414fc01622ddacceb43aca754c1a35eafda64b0a3e8f8b0e612cd811646dcba986ce7a86bf048d39939770bbbeddd5561318d4ca83bd6862ad513153115b29a8a8ff9d8278e7dc196ac48c8a2deab71ccd83d69c7967e7c310bd69311c41363c25d273772570706839aa70523fa0ffcce3637d8ebe80b8277c07b254807bb114bbd9ac462570bdd999e021ccdf135e10233c59e765379c9e58f234dbb321bba181025b520dac778f6138706441276550934d15362835a8777c4451e0b4f72763f1c44f28b97db63400d21fead99a4f33f63fb0d67bb43881d94fe803e941e57c59a4706eaf52fadc731eb5cda7e91d4cb62bd77fb1a719fbcf2a76703d2e843d6a6a855e20b42818b48278f2bd179f499b9f8ca640f6b28c61b2392c1abe4ebca641f871400009aab998380e1a6a21af5b158f6583949d8bdcfb90d6fc51f6f6149dee2ea3f1b7283f8705913130870d4bd07e5ee32547aa151edcf88edd3b29811b1be41d5fc280024e34c1dd56bd41298ac733d566f7d0bb0611002a682a49cd60ea2b12229b80845f5d738b0183a1c397ea7275a8bb410365042a13fcd8be2ae789b8a9bf483a4b50e4337b0077cd28e122939883b5279bc4d94130ebcebfb10f376f4371dc82a6532670b8ba4dcc9c884f20dcd4bdd680dbcde4e6ec168869ddf5a26877f082f52e9b8312854f2f554d3a5978ee963dd54df969635e6cb9ead2b001841532c28fcc666a6a9bd384ce6137d13f3e81669bd681ab5785e08a3a7f511b7dc38876bfc8763170ab401145bcbbbcd752dd5701e1adb1c0289204583cc1a3b92ce22db010bf437794fc02071351beda4a89a681fc9b8696cd64c85c0ce6a13c8ff4fce5df942913c3c839cfcc255a73a86d24acdb5f982ea9004410a3108737639f8b672cc1d0deffbf3d61a12a6de87a8548d2b6b26eceb4a92ca16019635951c1260690ef3115cb18a6420084021f908258f7b4810175b23c9c9f9c59470309ebefd20b1618e130b8b1222f9df5effc99588a58a8a6eb69cf09a549cf74919aae56b7a1a7adf745fc39c4c2c55bda051648752a0a4ea5cd27d132b19f4705ef7df77645b23a90c8afff07ff08d9362c8dae07e1ad1a6192fec5491e89f14ef5738238bac05b45a7b8d7caeb56cdcfb54461c6a7cc5f72562799b5b52a6b0ed22f5075b7af549add74492f30bb734bd328b1582780fc72fbd2676c8d72717202633e28faee589d35170067e8b22697ee1c55ae1e0caee861806e7ac83d655a7c5226bce5e97a0250585c5a9f09941bd4ee7b86f802bd21d5f6d3db50d0ce5e9fa3c4cfd747e39e55c1f5fc1fbffd89a1fcd745e2887d0e51f499c15de4a162e21084a62c755f5732f3652767cf2eadfbd9a7f5e40c40810b7985110c5ab0188a7d1db7e7cb33a86f0b92a090bb441d4cdcb1bbbbccbba9d00326214d7a6e1a223f61995a5e854e1c9b4fb3544437cbbb1719bc4f87e3265f88600f3e6f4b4a13af33022d5165d4ae5e9b4d993e66c50ccbf35e069fa6475c2f21b5bf8dbe45bf383a90612bdee5c2857de6f00ea359a50f059e6e2012b206975e1bdf3140887d96b87ebe91eb97457fa1c8a45fb1b0f469ff14aaa645dd7ec0517fb80430e91f65db1e244f7c592872c52a368415b837d353086996a9a29554b1981b43c2c1fe029f8b453c7a511ed7fee72c0fab18e84525c06a5ddeb1031d1e02e2c0fb8d7d9de1b7d90c9b41d68ac466e6b85749cf06bd5f06c5a4085776030937ef06914d8641d3b7b4ea3f4049db263c7a422a9dd34fd4695599e8529cacf3baf31596de73e242abede187c2764527a5509afe9c7b37151b5bd3388bb83aec0c9b4841b6abea25d2676813de10ab8fac345f48e36b398caad43dcfa3b704e41d0dcf007362839505b397ec4495f3e47a1a68c35b08ad649ab0d0ac0d93b72e86371493d79d854b51a8b0db61069e5e23b8676d152c9e992bd8f27d960ac9bf5295ada72377a1bad405ebed96568a3cd686d4e62d812b83ea84c2d281c2287b55a193e7e888490bb7be318717de83e1548f8f96eab05ac60c42ae752486448b5a9d82ad7c266e20afc3fb14c8038406b50957eaa9d34c00c387f4fdc245058da44c12d49cf6c2a24980c8f460b3d1a312cc0adb80c8"}) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0x8, 0x2, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001440)) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) gettid() clone(0x40808000, 0x0, 0x0, 0x0, 0x0) r3 = gettid() tkill(r3, 0x1e) 00:39:54 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f80000200040000000000000000000", 0x24}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:54 executing program 0: clone3(&(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, {0xf}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 122.114888][T10821] loop1: detected capacity change from 0 to 264192 [ 122.122866][T10823] loop2: detected capacity change from 0 to 512 [ 122.130493][ C1] sd 0:0:1:0: [sg0] tag#148 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 122.140798][ C1] sd 0:0:1:0: [sg0] tag#148 CDB: opcode=0xe5 (vendor) [ 122.147596][ C1] sd 0:0:1:0: [sg0] tag#148 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c 00:39:54 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{0x0}], 0x1) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:54 executing program 0: r0 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39ddd8) write$binfmt_elf32(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000000000000380000000000000000000000000020002010061329ac126fb5c8e9782a7448e6ea5bb0774a0e6538ebae"], 0x69) close(r0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) [ 122.157091][ C1] sd 0:0:1:0: [sg0] tag#148 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 122.166564][ C1] sd 0:0:1:0: [sg0] tag#148 CDB[20]: ba [ 122.190476][T10823] FAULT_INJECTION: forcing a failure. [ 122.190476][T10823] name failslab, interval 1, probability 0, space 0, times 0 [ 122.203172][T10823] CPU: 1 PID: 10823 Comm: syz-executor.2 Not tainted 5.14.0-rc4-syzkaller #0 00:39:54 executing program 0: lremovexattr(&(0x7f0000000440)='./file0\x00', &(0x7f00000002c0)=@known='user.incfs.id\x00') mknod$loop(&(0x7f0000000180)='./file0\x00', 0x0, 0x1) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x80000, 0x8, &(0x7f0000000200)=[{&(0x7f0000000100)="200000000002000019000100900100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001000018000000c28500002b02", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000900000c000000dff4ef821ec35de5a68f275e28ea4831010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000010000000000050040", 0x29, 0x540}, {&(0x7f0000000040)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010400)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x3fe, 0xc04}, {&(0x7f0000010d00)="ed41000000040000d7f4655fd8f4655fd8f4655f000000000000040020", 0x1d, 0x1500}, {&(0x7f0000000380)="ed4100003c000000d8f4655fd8f4655fd8f4655f000000000000020000000000000000100300000002", 0x29, 0x1f00}, {&(0x7f00000001c0)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012a00)=ANY=[]) mount$bind(&(0x7f0000000340)='./file0\x00', &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x2, 0x0) [ 122.212109][T10823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 122.222164][T10823] Call Trace: [ 122.225533][T10823] dump_stack_lvl+0xb7/0x103 [ 122.230188][T10823] dump_stack+0x11/0x1a [ 122.234390][T10823] should_fail+0x23c/0x250 [ 122.238903][T10823] ? ext4_fill_super+0x3d/0x7ff0 [ 122.243896][T10823] __should_failslab+0x81/0x90 [ 122.248742][T10823] should_failslab+0x5/0x20 [ 122.253252][T10823] __kmalloc_track_caller+0x64/0x340 [ 122.258545][T10823] ? bdev_name+0x1e1/0x240 [ 122.262963][T10823] kstrdup+0x31/0x70 [ 122.266864][T10823] ext4_fill_super+0x3d/0x7ff0 [ 122.271718][T10823] ? vsnprintf+0xe8f/0xed0 [ 122.276142][T10823] ? snprintf+0x6f/0x90 [ 122.280302][T10823] ? register_shrinker_prepared+0xc2/0xd0 [ 122.286067][T10823] ? set_blocksize+0x197/0x270 [ 122.290900][T10823] mount_bdev+0x1e8/0x290 [ 122.295266][T10823] ? ext4_mount+0x40/0x40 [ 122.299609][T10823] ? ext4_errno_to_code+0x110/0x110 [ 122.304900][T10823] ext4_mount+0x2d/0x40 [ 122.309063][T10823] legacy_get_tree+0x70/0xc0 [ 122.313663][T10823] vfs_get_tree+0x4a/0x1a0 [ 122.318156][T10823] path_mount+0x11d4/0x1ce0 [ 122.322704][T10823] __se_sys_mount+0x23d/0x2e0 [ 122.327390][T10823] ? mntput+0x45/0x70 [ 122.331392][T10823] __x64_sys_mount+0x63/0x70 [ 122.336017][T10823] do_syscall_64+0x3d/0x90 [ 122.340439][T10823] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 122.346351][T10823] RIP: 0033:0x467b0a [ 122.350245][T10823] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.370004][T10823] RSP: 002b:00007f67705dbfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 122.371508][ T1040] loop0: p1 p2 p3 p4 [ 122.378420][T10823] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b0a [ 122.378440][T10823] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f67705dc000 [ 122.398315][T10823] RBP: 00007f67705dc040 R08: 00007f67705dc040 R09: 0000000020000000 [ 122.398669][ T1040] loop0: p1 start 1 is beyond EOD, 00:39:55 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{0x0}], 0x1) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 122.406280][T10823] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 122.406294][T10823] R13: 0000000020000100 R14: 00007f67705dc000 R15: 0000000020000040 [ 122.416623][T10821] FAT-fs (loop1): bogus number of FAT sectors [ 122.419578][ T1040] truncated [ 122.419585][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 122.443846][T10821] FAT-fs (loop1): Can't find a valid FAT filesystem 00:39:55 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{0x0}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 122.470611][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 122.499893][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:55 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{0x0}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:55 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0003}]}) process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x2) r1 = fork() sendmsg$netlink(r0, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xee01, 0xee00}}}], 0x20}, 0x0) r2 = syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x7ff, 0xa, &(0x7f0000000800)=[{&(0x7f00000000c0)="896671fc6383f91877e2749a59e84126adbafbbdb1c6faf24a2ffed9b7a4a72a30b3a837605ca3bfeade1b6967ad6ed6503b958a6aaaa2d8456a9527672df377d400f921fb9dc4254e7bd3733cef5734bc536fbf71321971141cf4945ce8fceecf619bfe261fb6f00aff5242233f198892fab9e7844664ebd67cc29a6eb4d8448e98ca994c97df8c54299fb56deabe3b022a18ed726255b7fc9b83cc8cfb50c148c4d91f61ec145893f57f9e953ee933c4d4565d", 0xb4, 0x1}, {&(0x7f00000001c0)="392095c1ad66d1156105e888bd82dbadcb8bc87f9b8902b698b99bbfc26a1264365eae78d4d590cb5264316a0c8e77723c25961d7d2fb6dd05c1bfe4d02c08206f51b4a4ada856710d7ed62d965c451d04c62c25be4f46b4d2fc2a88ff8bf197b70b573eab580dfc5f230ed5694f9a55cca48777bddf20839078f95789a078a124f05cce1ebb58d5d51a3c013dc1b131994caacf219cffdb847b73904ff4", 0x9e, 0x9}, {&(0x7f0000000280)="7aac6fe907c22f7bd8393c0865daaaffd73de00e537404e67d62c20b4ea3ad553ccaf5492eca0e329e015fe2db661839d9cb72f9a35b5033aa839bf20d076ff6fe1fcca234bfee073d0aeff243894ec6ff2768f0dbcd17a25afac217b15cda8c8fa73576755a333e2f12229dbc7c0867ae8d346bc12715b847a9", 0x7a, 0x101}, {&(0x7f0000000300)="8ff111b90e13a477f524657a4ffa81b5922864dafe2bf3e63c38df4c0c8f746cd4c12a55d3d8d07f5b6191d587ad3e1d067fe3182caa3f7b77c0c6d3538ddbd0a8b55f241db77bf852834c41942e74b2341b0772f84e0ee8f1b303108744dba9e2066e67378ad28e9e7a9f2e26c9fe28a35663c99dbeb85a68f4ff5e58880dfc3e07748c0831693f9897b637ee34756920b001b579abd712f3ad0d05dab37f74416bf733efc498cb29b8bd7afd90d25460f3d0a2539d3329c610cfdeec3ad3ed6e9668809fae7ef7d8e2643b2b496dde3ed44e310323329e4bda40771e289b25", 0xe0, 0xba}, {&(0x7f0000000400)="57cbe46d87488ebabcd9460abbf1ac905195c0970078278002a0b36ae1e65f22ae2b1900cad71352f246c8b5a9977004f07526c314d4a1167e3dbd6df4ab917c7a211211e1e6d1bfa6e2306b59760a9ff0223e3b58c3a023ef07a19a07580a074040615d5544738a4374228f2f1bb15600fb211724fac6166585140070c14b0d87d180403e22e16ba2ea3f9340aa42e0521f4dd67c3a0ba77984f925e3dbbc209519beae9e3de0f869907417f9c9214af0d5628ffc31d58c2f866b051400a3b67b24cbe4fb3610ec3bc281d46766bdbc8686db355665a76f9cf40d6405cecc7571dff07aec", 0xe5, 0x400}, {&(0x7f0000000500)="e923deb5d8b857e50103c90a3c603a0426843f4e5b08a9790415773b8464b88b89042020377d92bd84cb0ce40b1ad487f769cf9a627372cadc53d35eed7dd86c2a1d21181f96794712e14e06bf9989b48e3f3c26ea7dc57ce396df1767b6c243d855aea1b9165c461ada215f", 0x6c, 0x1f}, {&(0x7f0000000580)="8c2e614a04c0e844bc1c77e53de0208336d3659bfd823533a711d6bc7b4b1b98d98cee7b3f843ff357fe84edd4dd0fb4aaf7a295f7be1763bf06a37128a6fa1499418b8b91b1a4655e537de6696c4b896ee595588eae2b93f21ba496316a9003ae65f094a17eba13fcf157b98cac0fc0a419175ba2fa0ba7f604375cb4aca5347e08fed26692cb1c6037c175cf387888e8535fdd6e30e9de8385c5232011132b41d807e7b67d75e14f54e8112b5ff3ced04a147037043cd44f8e71480401b1f38cdd858d271ea91834", 0xc9, 0x797e}, {&(0x7f0000000680)="5df282dde455bbd165496a85fdd54d9543e472385ee463f4055d64c1100dd60da2b880c5a39c190fbdc235ea48d0192060e4", 0x32, 0x9}, {&(0x7f00000006c0)="908a65f00d3101fd6ea2cea3dfcba2fe3daaf89688c6ac64b32ccca4ab014ce23e60f03af00b2b38ac78ea85d379a5ffe6bef5866a9d85c663188e6e5ef6c6b064febeb4bd30922c2bb9fc6f6694bd48c6c28ffdf8290a7a1ddd4745491c9fb7488f8ac9c5ca76a9a2ef7c5f0a79283acceb32a20fbb029a353ab5e9d65756a98b29e03f258282cc8c75a7d980cdda347ed6b568e1bdf051852ab2ffcd759a85af0d4400ce088d53bb91758506cf0cdd105a2adebd85d7f10c6ca2910c14f8233a57179afb7a7a9a8b2477e5aa52c4474f421ec5b8c230e9d236700a", 0xdc}, {&(0x7f00000007c0)="dce3d6515f4e21d273620be83454b96c6a8911eb84dd3ce47d2e261d2fdefab27c0555", 0x23, 0x54fb}], 0x400, &(0x7f0000000900)={[{@block={'block', 0x3d, 0xc00}}, {@unhide}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@block={'block', 0x3d, 0x800}}, {@mode={'mode', 0x3d, 0xcff3}}, {@nojoliet}], [{@dont_appraise}]}) kcmp(0x0, 0x0, 0x3, r0, r2) [ 122.599550][ T1040] loop0: p1 p2 p3 p4 [ 122.611558][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 122.617588][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 122.627257][ T25] audit: type=1326 audit(1628469595.184:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=10866 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665e9 code=0x7ffc0000 [ 122.685644][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 122.694994][ T25] audit: type=1326 audit(1628469595.204:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=10866 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=440 compat=0 ip=0x4665e9 code=0x7ffc0000 [ 122.708909][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 122.757766][ T25] audit: type=1326 audit(1628469595.204:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=10866 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665e9 code=0x7ffc0000 [ 122.820286][ T25] audit: type=1326 audit(1628469595.204:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=10866 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=41 compat=0 ip=0x4665e9 code=0x7ffc0000 [ 122.850147][ T1040] loop0: p1 p2 p3 p4 [ 122.863599][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 122.869607][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 122.883239][ T25] audit: type=1326 audit(1628469595.204:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=10866 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665e9 code=0x7ffc0000 [ 122.905336][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 122.934486][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 122.962189][ T25] audit: type=1326 audit(1628469595.204:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=10866 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x4665e9 code=0x7ffc0000 [ 123.003617][ T1040] loop0: p1 p2 p3 p4 [ 123.007781][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 123.013869][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 123.017329][ T25] audit: type=1326 audit(1628469595.214:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=10866 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665e9 code=0x7ffc0000 [ 123.041315][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 123.058245][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 123.075761][ T25] audit: type=1326 audit(1628469595.214:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=10866 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=46 compat=0 ip=0x4665e9 code=0x7ffc0000 00:39:55 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f80000200040000000000000000000", 0x24}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:55 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 123.126724][ T25] audit: type=1326 audit(1628469595.214:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=10866 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665e9 code=0x7ffc0000 [ 123.153062][ T25] audit: type=1326 audit(1628469595.214:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=10866 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=319 compat=0 ip=0x4665e9 code=0x7ffc0000 00:39:55 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{0x0}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:55 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x100, 0x0}) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) r1 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x7, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) fcntl$setsig(0xffffffffffffffff, 0xa, 0x18) recvfrom(0xffffffffffffffff, &(0x7f0000000540)=""/157, 0x9d, 0x40000001, &(0x7f0000000600)=@l2tp6={0xa, 0x0, 0xe17e, @loopback, 0x0, 0x1}, 0x80) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000000780)={{0x0, 0x0, 0x3, 0x1, 0x1000, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x12, 0x4, 0xf1b, 0x1, 0x5}}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f00000019c0)={0x53, 0xfffffffffffffffe, 0xde, 0x1f, @scatter={0x4, 0x0, &(0x7f0000000340)=[{&(0x7f0000000140)=""/99, 0x63}, {&(0x7f0000000240)=""/234, 0xea}, {&(0x7f0000001780)=""/234, 0xea}, {&(0x7f00000001c0)=""/35, 0x23}]}, &(0x7f0000001880)="7cadda365895a0622a1cdc251e3f61c15d67f06ab6415ee8348b02bca207c320ffec475c470b73be02d0aaf059d5d234cf0f63c215ddce6f037b1c492ecbeb90aca0dc315862feb85bba7217d5a7597b4c471cb70b4aca94cb941e68128daec96a8558fea9188af8fb38f7ee27b82bc971381f76f9621295170c2da22e1857f7d9f3f5c54fe8ea0b4e77177b3b18c6f5a17ad41a833d0be5f2774f85f1715040e11d70876f3b11b9044aa8f0fe2c39f2235d48124cede7d58e09dd2054537650c6f59634fa513ba123c128f3220e85fafef80cc8497b8cae45fa54756d91", 0x0, 0xb5c, 0x10012, 0x0, &(0x7f0000001980)}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000001c40)={0x1b, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}], 0x5, "60c86aa2240893"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000000440)={0x0, 0x0, "4f78d28e221a2bd0f30b2d26f0b118b9184a5ff0ea567f7bfb8edbdb92539c8f2081dd74acfcbf8c2b6045bc4c7eef07761191f0914f3bb109706c4e41be05f88060d2cc8f454a571db35596359fa45ad9c69465cd642407c93971e654d120c8d36658d1580e1740e45b2eb38233ae757279e358e6921e528189978c2eb9c97b9f18ee7d0e7545c9ec858d3f059a144eda6a4d4fe516c11699eaf20566c00d53773673270c14a1d488b29f5cb056590cae67e39a500f1569aef8ca682ab59efc9aebdd8901d3413883da228c4d56e3397241eb7ae2e8f5ef2184337309951e0ab693faf224eddde48ab408b21d5c7d5bdb3fb0bc6f985b089e40db066a09b8ea", "d9c643dfb0e77befd29002f9d1d876fc5e35ca6762c80c305cbc3b49a4b7bdb68950c37ca0f6e2513863cd7e92ed1334b0b04fce1679f41f10d93d14ad2171e39ec372f89b41070fd163095e6757296ec12626423d639cee95bbcc57a80123f73722590e286c0f9345d2710e39df228078683f0e609a415cccbb944a4138ca03a81c552b9c70ed7dc52f45fc57b87899bdff3ca90278f1e97fab974e7b58dc9fde3d0b4838774b47310fbb9581b115523061bada18caaeb337591a093ee0a2bba2a67422c5f7bdb5267c6aaea57b55af51be53b7d720cb43f7da45a3df9374fb68b7849626b78963d08adc252128caacf32b4f685ab24884497801de2c0d3d2d36910f3d10462538d276bfa3db544368e6d660d1f5f9946cc526d2cc135cb86d04f3715ce2e5154a7ab7bf169a7bfd2775bcd5dd7c2f15750879991d93527d75dcf7f50fb827a55f079ddf0ba5ba67ed091f31ad04de165882c229f8aedf29b790dc51f6364890c3df47d3866ff36114e28da2d40ab648eb26996e012ebbbd962c7427cb3ac0dffea94bab9bc053caba95f85807350cdc3cbe83353d7db78b4429024a94c7b6ce871f1e50f22841ec416c4261121271e8329c03308369e70ae6aa3f79fbbf73f861366a078f7cb8c3fba235c4c6a34f8f4ae3e046e64dbe69d3bec6041da35cae0b4891ef947e4ae0c3e07f799a3010aa8ec99098309c589cf1b908cd23f00c52a4359fd20d8c93f1d77e46a679eb08108e628714bb3ec631cc69ba189855d01c21b91b090b3f54483250ede9607e671989530fd6cacd2e76f04b639ab9673038c79365f7f4f8d2023ae47553feaef902acca1056c91fb72c41b44cfee19480cde8e885bcfbd125dc88ed5b43b3bf4279ed7f1a90783d2ca9eb64a60a42cbec08804ef41701ee41f06d467b433e442fe0f0d7e76058bd3136687e08f0f3493c1caea0c8e29c94a7264c6a4f4587f763a56343ec75f8f44b392464c6518a7e22052e040e116a638b67824fea4ed99600d0c51ccab449c746bb6b17f861613791cc557a29dd9d9ec65827d3fb6f069594462db7e0e06aec5ae9bf01ebc8b1127c58db9e842519e2b2abcd5374e2e5ed9ec089fd4fa911ed2f4f937df2686b71a9be370acd35ba379476828bbd71efb9201313fbffbfe99fb34fb1ead5830f1807cae9132f35f8f397db691b9accf46bafb5814094432402350039cbf4b26444d431d52289b4321e63201317141ef4da29ec930ebb52d0578992e17b5eb72699d58cf4a53f312bf33b541fa73a838671e06210fae811ab536cb6cc643c8bfc65ea8ee78eb7f20512251f3f88afb5f5d25f949f71c9c0917cbe5fb728bc467bd0882684aa1672e5ec555f1bb2069a5b40c60d2cc7720f3f26202194f776b6889a76fe7911c766759c910051646fff966e14ce8bd9b0665b55290a81291d8f37bd641c654b07d208acd99c550163feda22faaef4decf088f00ec99560ccd70a259e600f7f305de26c9b12af1c942b90cba00f3a11851b38379a06734498fda144c672c5ca4ea943d33807730306370b41fc2969479ab60d1508f899571e8bdbc01bd54eb2113a2d0b8f30d7e80716d9d6c5562945c3745f2f84f3089cd30ad73c4f64aa6af18c691259fbce3ce64be358db25edf047b0afe59692b9f8241f4ebb7a9a8f576f1dd0a7d56a79b42b83a39f5689758f8e48112bd3f66d48c869049769f487d242dc592b659464c126c7005bd4a75a69f3a8eb0129541c4c2bc49664748475b20df73fe81168d680f3bb5fab77a66d660712024a6d3fa7e59546348d28ac26e53bb4dfb027b7675d16ea5879a62c75f51c100c754e5fe011b53ed7cfc2728b203f0396c1a686fe8405ba706a329ab1dc2a84ea56d851d42ea2ba3f19d87556ecaf5ee5249d1c83b2fb99570a99294e33d855580981c3f791cf8148230789d35199fc54283fc5ddd0954ceaa5bc247513acb2590ff07878b71e9dddf462a8c6d6291f27c876fd2bb463f1f6694d80946a66e0166457551a7b85173d63d589b720f3973fd9635d3463a4f36609b6c2be98ab916df407e8f7290f41c7e0d273dbae1ad169f76dd537ee8ab7b6b736233573877fe1c1c493ac1aaca9209da4a3e1be5d06582eb66b5e8fe4542ba46a9594144328ac76b38e3f2a49b371ae54662f48d53763349c612822e0f4a35a867293438144dcab962329f3217ea760fc1e67176c3a7ec1db301b008b6ae2e430a53f025122f608c3cfc675ef6e3417ca1a2bce4281deb376dd781b2e9c111056b132f1e3151437c5353f158bff052d5c6f8e0eb108e015a347241dc1ad3377cde6d7b04222ec52e1d526aab7af627905cb93b5719f2ee412af951cd2af598df3acca4be15156b1deea31b4a21546ccdc134ae313aac35e6bca5810a28069398d3ec141e6f0ac48d20ca442ff80c371eef574dfc2d8aced34dfc10e3fe9289d370bc9af127a00fefa66621ae951f3f62bd09e26fff0823bcd92c092569001fbc392a4296efcfbfec1706382af230fa64ee9fcf33213c081d12d425abded52d837c9e5bd90e653473b09a9f09be58c0d5f0e44e61fda7032300ae450ba21ca7c0856785ac0574b9825e77c36d511cf6778a6674cf9910b1761aa40ba213f19bbce378032e054dc4be31ec31d61532949bc8da67eb6b2d53bff2c92460fe468ab59c254aa2ecd7e2e758368e94ca97d05fa591706b3e8e482d9e0593c5528099503c797be3a5bf5f745f6ce47c711b931f35a9979aad675e3ce52ad3d4e092fdff62a5713486bb44512535c27a1fab360b350905b4e4b28ec1eafdd499fda367f96540921921bd89d65ad96df9c0ddd9b460dd1e2be4a3277ec161ad60cefcb4186c04b05071654d980d80e55b993f3d7758ac397b0aed65f5bf5e40876052cc6690d8298949017c86ad84641ac85de255c1378008f0aedb11c62e834b842acc2308471cc5601ac34d5ec159109dacf7f2fea04c5512875f1f37467509b00b63a0d0ccaaa65a607be95a0d48a7da2ed7e11fd70656a439968ad1b41a40204bdbfbc5fc127c3835e7b6f291fb3b4a74554b9b0e9c0d49d8f495e9093e4442f8dadab395b7829b9e1b842905648aa894fd3bf3f95ea40091f6cd4ce01ecd3d8321ff3264c7c9ebf1e3b28fd78292c43367c3f7439081c2881579c36612dc4d56281579b10d28e2a9e0ac1354a84e902534c3b2a098ab0b10ffb3d0aba798ef58bc1480059c34414fc01622ddacceb43aca754c1a35eafda64b0a3e8f8b0e612cd811646dcba986ce7a86bf048d39939770bbbeddd5561318d4ca83bd6862ad513153115b29a8a8ff9d8278e7dc196ac48c8a2deab71ccd83d69c7967e7c310bd69311c41363c25d273772570706839aa70523fa0ffcce3637d8ebe80b8277c07b254807bb114bbd9ac462570bdd999e021ccdf135e10233c59e765379c9e58f234dbb321bba181025b520dac778f6138706441276550934d15362835a8777c4451e0b4f72763f1c44f28b97db63400d21fead99a4f33f63fb0d67bb43881d94fe803e941e57c59a4706eaf52fadc731eb5cda7e91d4cb62bd77fb1a719fbcf2a76703d2e843d6a6a855e20b42818b48278f2bd179f499b9f8ca640f6b28c61b2392c1abe4ebca641f871400009aab998380e1a6a21af5b158f6583949d8bdcfb90d6fc51f6f6149dee2ea3f1b7283f8705913130870d4bd07e5ee32547aa151edcf88edd3b29811b1be41d5fc280024e34c1dd56bd41298ac733d566f7d0bb0611002a682a49cd60ea2b12229b80845f5d738b0183a1c397ea7275a8bb410365042a13fcd8be2ae789b8a9bf483a4b50e4337b0077cd28e122939883b5279bc4d94130ebcebfb10f376f4371dc82a6532670b8ba4dcc9c884f20dcd4bdd680dbcde4e6ec168869ddf5a26877f082f52e9b8312854f2f554d3a5978ee963dd54df969635e6cb9ead2b001841532c28fcc666a6a9bd384ce6137d13f3e81669bd681ab5785e08a3a7f511b7dc38876bfc8763170ab401145bcbbbcd752dd5701e1adb1c0289204583cc1a3b92ce22db010bf437794fc02071351beda4a89a681fc9b8696cd64c85c0ce6a13c8ff4fce5df942913c3c839cfcc255a73a86d24acdb5f982ea9004410a3108737639f8b672cc1d0deffbf3d61a12a6de87a8548d2b6b26eceb4a92ca16019635951c1260690ef3115cb18a6420084021f908258f7b4810175b23c9c9f9c59470309ebefd20b1618e130b8b1222f9df5effc99588a58a8a6eb69cf09a549cf74919aae56b7a1a7adf745fc39c4c2c55bda051648752a0a4ea5cd27d132b19f4705ef7df77645b23a90c8afff07ff08d9362c8dae07e1ad1a6192fec5491e89f14ef5738238bac05b45a7b8d7caeb56cdcfb54461c6a7cc5f72562799b5b52a6b0ed22f5075b7af549add74492f30bb734bd328b1582780fc72fbd2676c8d72717202633e28faee589d35170067e8b22697ee1c55ae1e0caee861806e7ac83d655a7c5226bce5e97a0250585c5a9f09941bd4ee7b86f802bd21d5f6d3db50d0ce5e9fa3c4cfd747e39e55c1f5fc1fbffd89a1fcd745e2887d0e51f499c15de4a162e21084a62c755f5732f3652767cf2eadfbd9a7f5e40c40810b7985110c5ab0188a7d1db7e7cb33a86f0b92a090bb441d4cdcb1bbbbccbba9d00326214d7a6e1a223f61995a5e854e1c9b4fb3544437cbbb1719bc4f87e3265f88600f3e6f4b4a13af33022d5165d4ae5e9b4d993e66c50ccbf35e069fa6475c2f21b5bf8dbe45bf383a90612bdee5c2857de6f00ea359a50f059e6e2012b206975e1bdf3140887d96b87ebe91eb97457fa1c8a45fb1b0f469ff14aaa645dd7ec0517fb80430e91f65db1e244f7c592872c52a368415b837d353086996a9a29554b1981b43c2c1fe029f8b453c7a511ed7fee72c0fab18e84525c06a5ddeb1031d1e02e2c0fb8d7d9de1b7d90c9b41d68ac466e6b85749cf06bd5f06c5a4085776030937ef06914d8641d3b7b4ea3f4049db263c7a422a9dd34fd4695599e8529cacf3baf31596de73e242abede187c2764527a5509afe9c7b37151b5bd3388bb83aec0c9b4841b6abea25d2676813de10ab8fac345f48e36b398caad43dcfa3b704e41d0dcf007362839505b397ec4495f3e47a1a68c35b08ad649ab0d0ac0d93b72e86371493d79d854b51a8b0db61069e5e23b8676d152c9e992bd8f27d960ac9bf5295ada72377a1bad405ebed96568a3cd686d4e62d812b83ea84c2d281c2287b55a193e7e888490bb7be318717de83e1548f8f96eab05ac60c42ae752486448b5a9d82ad7c266e20afc3fb14c8038406b50957eaa9d34c00c387f4fdc245058da44c12d49cf6c2a24980c8f460b3d1a312cc0adb80c8"}) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0x8, 0x2, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001440)) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) gettid() clone(0x40808000, 0x0, 0x0, 0x0, 0x0) r3 = gettid() tkill(r3, 0x1e) [ 123.241333][T10905] loop2: detected capacity change from 0 to 512 [ 123.266074][T10902] loop1: detected capacity change from 0 to 264192 [ 123.301962][ C1] sd 0:0:1:0: [sg0] tag#183 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 123.312265][ C1] sd 0:0:1:0: [sg0] tag#183 CDB: opcode=0xe5 (vendor) [ 123.319030][ C1] sd 0:0:1:0: [sg0] tag#183 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 123.328555][ C1] sd 0:0:1:0: [sg0] tag#183 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 123.338076][ C1] sd 0:0:1:0: [sg0] tag#183 CDB[20]: ba 00:39:55 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:55 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fd9, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 123.343980][T10905] EXT4-fs (loop2): mounted filesystem without journal. Opts: nolazytime,,errors=continue. Quota mode: none. [ 123.346041][T10902] FAT-fs (loop1): bogus number of FAT sectors [ 123.361626][T10902] FAT-fs (loop1): Can't find a valid FAT filesystem 00:39:55 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0), r0) sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000007a26be13a3e54793a06144844754f61995a9b7c8a752f86e412edf06baefdc1df987c13b831432fea4920ae324a3ad2f1b7919466c1187cbd5871ec2f784677b49298d78414acdc99845327b77e90eae32649d6e6c6924bf9bd71fdcea2c79", @ANYRES16=r2, @ANYBLOB="012000000000000000ee03000000020002000500000006000b000a000000"], 0x24}}, 0x0) sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="00082cbd7000fddbdf250100000008000c00020000000800020007000000060001002400000042196f095bee0001a6f405815df17378ec3f2e9f4ada50d5eaf4c224f9dc335ebe1921f79b0716f48d11ac1cb0845d53d3164bcc33a9c7d0e607ddababd2fd190cd150304c90358936dc4d85b07363c46a7b6844abb439beccf68ea7b57cef40db5e4760110d768eecd237665b78ed5fed291ea9f2534250a6a9c6f5f109626de706f32fa5f262da2890a3163824c36168610e8ade8b589421643a7f4992deebba07d5e0ef2e7c6798abfcc219dc40fc4376a4132634e109d0bb9e95a0e869a1ae975848b4e34d34a64bcab1183178f23e6569f87f1548536324f602917fadae471d22680186c8d28e859c5c3142328101db2a32f29124ad7865e591a9b89d3cda702be656c7da81917690ab7f56e6a7b01d1db808840b9a61ae2c4055e84a190bbd9959f01834d74552983512ce61610856587d"], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x10) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r4, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280), 0x0, &(0x7f0000000540)=[@cred={{0x1c}}], 0x20}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = socket(0x200000100000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r8, &(0x7f0000000200)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @multicast}, 0x14) sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x60840}, 0xc, &(0x7f0000000700)={&(0x7f0000000a00)={0x2d0, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [{{0x8}, {0x1f0, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8f}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x7fff}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x7f8}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r6}}}]}}, {{0x8}, {0xbc, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x800}}, {0x8, 0x6, r9}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}]}}]}, 0x2d0}}, 0x4801) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADDDEF(r10, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)={0x48, r2, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x1}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xffffffffffffffff}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x8090) recvmmsg(r5, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x0, 0x0) 00:39:56 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 123.438698][T10923] loop2: detected capacity change from 0 to 66 [ 123.474718][T10923] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:39:56 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:56 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x2) fallocate(r0, 0x42, 0x3, 0x9) r1 = fork() r2 = socket$unix(0x1, 0x5, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r3) r4 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r6, 0x0) preadv(r6, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x500}, 0xc, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="340000004030d5225344c3ee15e3c92373c85dd149c09db8d1a7fbbd1da4d9119963ffe6a1eb77e4835c0bffd4ab2a69f60c8c779ae4aef419821f662fd6f24dd54a0cdf51d3a2a9d72734512772332599ff6796e0085250d470cb569e352ac94d02f5b943aead232e89a8813080dc8c32732a82e0ae7c5d1f87ff571539ed2160373f9d9af11cfa84ebbee03a6b26ea29f0e4f72944328992e9ea09ac6ac1ab235e317391171573222fc32c6493d7a40559fadb48ae746eaf46925b6428354299d8f981554992f8e35df8bddd893bab9042df86c18326835cfe335629f86b79e6a6708b09e6b12b2ab64a7c3a61d220", @ANYRES16=r7, @ANYBLOB="000027bd7000fddbdf250900000008003c000002000008003a007912902208000b00ff7f0000050035007f000000"], 0x34}, 0x1, 0x0, 0x0, 0x44060}, 0x4040) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000100)={'syztnl2\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x20, 0x7, 0x661a80, 0x800, {{0xc, 0x4, 0x3, 0x28, 0x30, 0x65, 0x0, 0x43, 0x4, 0x0, @local, @remote, {[@cipso={0x86, 0x6}, @ssrr={0x89, 0xb, 0x8, [@broadcast, @broadcast]}, @generic={0x89, 0xa, "5071d5deb50131a6"}]}}}}}) sendmsg$BATADV_CMD_GET_ORIGINATORS(r6, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x5c, r7, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x8000}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x3}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xf5ce}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xfffffffa}]}, 0x5c}, 0x1, 0x0, 0x0, 0x44840}, 0x20000000) sendmsg$BATADV_CMD_TP_METER_CANCEL(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x54, r7, 0x4, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_ORIG_ADDRESS={0xa}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xf3}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xfff}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x4881}, 0x2) setregid(0x0, r5) sendmsg$netlink(r0, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xee01, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {r1, r3, r5}}}], 0x40}, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x8000) syz_open_dev$vcsa(&(0x7f0000000000), 0x2, 0x200000) [ 123.542373][T10923] loop2: detected capacity change from 0 to 66 [ 123.554928][T10923] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:39:56 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee0796", 0x17}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:56 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fda, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:56 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee0796", 0x17}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 123.688006][T10967] loop2: detected capacity change from 0 to 66 [ 123.710383][T10967] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 123.781777][T10967] loop2: detected capacity change from 0 to 66 [ 123.788815][T10967] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:39:56 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:56 executing program 3: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f800002000400070b521170000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x2000000, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./bus\x00', 0x1aa8f8d843315c41, 0x4) ftruncate(r0, 0x800) syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lseek(r0, 0x1200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x108d1521) sendfile(r0, r1, 0x0, 0x8400fffffffa) 00:39:56 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee0796", 0x17}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:56 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fdb, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:56 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x340a}]}, 0x6c}}, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000180)=0x1, 0x4) sendfile(r3, r1, 0x0, 0x100000314) [ 124.110451][T10991] loop2: detected capacity change from 0 to 66 [ 124.114642][T10994] loop1: detected capacity change from 0 to 264192 [ 124.136656][T10991] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 124.208386][T10991] loop2: detected capacity change from 0 to 66 [ 124.216335][T10991] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:39:56 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200000008000000006000000600000000f00000000000040000020000000d2f4655fd2b4655f0500ffff53efb9d52e5d6a969a35f6f48d1eebfea4bb183fdf691473e416d257d4c0e2f252cb3f5ee1f616eed39e93d88508cd73b9ade57468b49e2d96e8fc9415dc976584be9d40abfcb44e83374bd02a8a502897544c36a862e1b3d9b028536c9bb7a5103eab9c66ed145c96221a0949b7da50805b0f8ac776ae7c5b1450e20b8e1208ce939b9df16c00"/190, 0xbe, 0x400}], 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="5299d66ea4b9478485c3f35c1fe22e66"]) 00:39:56 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41b", 0x23}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:56 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fdc, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 124.327101][ T1040] loop0: p1 p2 p3 p4 [ 124.331420][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 124.337441][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 124.346671][T11016] loop2: detected capacity change from 0 to 66 [ 124.353868][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 124.364206][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:56 executing program 5: set_mempolicy(0x2, &(0x7f0000000140)=0x1, 0x7) r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg$unix(r0, &(0x7f0000001c80)=[{{&(0x7f0000000040), 0x6e, &(0x7f0000001740)=[{&(0x7f0000000200)=""/170, 0xaa}, {&(0x7f00000000c0)=""/110, 0x6e}, {&(0x7f00000002c0)=""/103, 0x67}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000001340)=""/176, 0xb0}, {&(0x7f0000001400)=""/116, 0x74}, {&(0x7f0000001480)=""/140, 0x8c}, {&(0x7f0000001540)=""/157, 0x9d}, {&(0x7f0000001600)=""/18, 0x12}, {&(0x7f0000001640)=""/237, 0xed}], 0xa, &(0x7f0000001800)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x60}}, {{&(0x7f0000001880)=@abs, 0x6e, &(0x7f0000001c00)=[{&(0x7f0000001900)=""/77, 0x4d}, {&(0x7f0000001980)=""/190, 0xbe}, {&(0x7f0000001a40)=""/101, 0x65}, {&(0x7f0000001ac0)=""/43, 0x2b}, {&(0x7f0000001b00)=""/248, 0xf8}], 0x5}}], 0x2, 0x40, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) 00:39:56 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41b", 0x23}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:56 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41b", 0x23}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 124.372460][T11016] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:39:57 executing program 0: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x16d, &(0x7f0000000140)="8d31e183156939000000e28c0b1dd2a357b264c8745b78376e18cd3d3dfcb946cf880c4a081ceeb24ac13830c1beaa1b4dc69190f8d2802fab69347b9a915308c4829b4b43353c485f8bb2965cd7e1292aaa638fd07b603f75f92e594a37c9686d403d3a82d09ec2e57d3c3ec2107496b2dd4837334f73c36edfd46003eb96a9c7645adde76e8ac90dba5bdc53cd43235210b2e21df4f23e22471e2d53415f8f4151d0b915d0c68708733778513261f1e9624ff6255e8a96381e1d1ff7adcc95d49b4e5a7f1457a8ec3fbcf90aed32eb81ca8577739e85c38503528ab9818eb4c8cdbd1b46b8f461f29cc47a0b93b23a8712b51b07d4a26f52e37145eb425b621cb714f901ae3a69c95c024661cdb8c51949ad0aa9e626f04e85cb114ac5411d44491933cdc3f7ac96ec052b60dc1c2a9dee77dad1300cf46d538ee9f92728553c4a1dd0b71282b99e2f196269300db8635bbc48fe5eeca8ca5cfdb4ec11ef6bbd94e3cbdb2e9dfbaa53c9584f"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x100010, 0xffffffffffffffff, 0x400fd000) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x38) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) wait4(0x0, 0x0, 0x0, 0x0) r1 = gettid() gettid() r2 = socket$netlink(0x10, 0x3, 0x2) r3 = fork() sendmsg$netlink(r2, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r3, 0xee01, 0xee00}}}], 0x20}, 0x0) ptrace$setregs(0xf, r1, 0x0, &(0x7f0000000380)="c97391003ffb142a2beaabe72417d01546cb620a9c9146178b241680f1a45d00408e82bf2e178781678c2e641fd9714c18e48f35fd29697c4fe2656d1f66548a130dabd10f245d22dccb83262e0d59381b6a7b4518ce26d55b45b76c04ce260ca807ad9c62d82b9744d97714c4040542395a2f60174ff167f9ae2e33a6a9b22a9ebe57a6425166a091087c7c02f11acddf665cd42494149a6b18e65ba9856809d1787b04ae46ca1b86cd6e9d01942d620f41afd74478c0af20c26e5f9596a453a7c9808c5ba7db3274f4c3608ee09af386f4ee2bca78bfc9e744ca19990f4778e1ed45d5177f903b5af137") wait4(r3, &(0x7f0000000480), 0x2, &(0x7f00000002c0)) tkill(r1, 0x34) [ 124.421825][T11016] loop2: detected capacity change from 0 to 66 [ 124.430200][T11016] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 124.519587][ T1040] loop0: p1 p2 p3 p4 [ 124.523674][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 124.529650][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 124.539246][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 124.547434][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 124.573095][ T1040] loop0: p1 p2 p3 p4 [ 124.577174][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 124.583219][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 124.591817][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 124.599596][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:57 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:57 executing program 5: munmap(&(0x7f0000fff000/0x1000)=nil, 0x1000) shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ffc000/0x4000)=nil) pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) 00:39:57 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fdd, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:57 executing program 0: r0 = socket(0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8953, &(0x7f0000000000)={{0x2, 0x0, @local}, {0x0, @link_local}, 0x0, {0x2, 0x0, @multicast1}}) recvmmsg$unix(r0, &(0x7f0000004080)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/175, 0xaf}], 0x1}}, {{0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000280)=""/216, 0xd8}, {&(0x7f0000000380)=""/193, 0xc1}, {&(0x7f0000000480)=""/4096, 0x1000}, {&(0x7f0000000180)=""/172, 0xac}], 0x4, &(0x7f00000014c0)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}}, {{&(0x7f0000001500), 0x6e, &(0x7f00000019c0)=[{&(0x7f0000001580)=""/246, 0xf6}, {&(0x7f0000001680)=""/205, 0xcd}, {&(0x7f0000001780)=""/138, 0x8a}, {&(0x7f0000001840)=""/92, 0x5c}, {&(0x7f00000018c0)=""/244, 0xf4}], 0x5, &(0x7f0000001a40)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x158}}, {{&(0x7f0000001bc0)=@abs, 0x6e, &(0x7f0000002cc0)=[{&(0x7f0000001c40)=""/77, 0x4d}, {&(0x7f0000001cc0)=""/4096, 0x1000}], 0x2, &(0x7f0000002d00)}}, {{0x0, 0x0, &(0x7f0000002e00)=[{&(0x7f0000002d40)=""/184, 0xb8}], 0x1}}, {{&(0x7f0000002e40)=@abs, 0x6e, &(0x7f0000003f40)=[{&(0x7f0000002ec0)=""/107, 0x6b}, {&(0x7f0000002f40)=""/4096, 0x1000}], 0x2, &(0x7f0000003f80)=[@cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xd0}}], 0x6, 0x40000040, &(0x7f0000004200)) sendmsg$AUDIT_USER_AVC(r1, &(0x7f0000004340)={&(0x7f0000004240)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000004300)={&(0x7f0000004280)={0x80, 0x453, 0x400, 0x70bd29, 0x25dfdbfc, "9219db7581284abc309e21ffc57ef446d5183e0d795b90b1588545a626c5007761fd798652d9a4699624e8506aa65c9cf255c21a5a992b3001f4cb5c17411f11f0425e6748a8d495059375988e41dcc3b54e40872432505ef45c1a844a39ffe7cd28e4c980606b57049ca61ccacbb743", [""]}, 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000004) 00:39:57 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43", 0x29}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:57 executing program 3: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x2, 0x3}, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x0, 0x11, r0, 0x0) fork() pidfd_open(0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x4010, r0, 0x0) 00:39:57 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43", 0x29}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 125.011757][T11075] loop2: detected capacity change from 0 to 66 [ 125.026460][T11075] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:39:57 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43", 0x29}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:57 executing program 3: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x46800) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000140)={0x0, 0x0, 0x100000000, 0xffffffff}) pwritev2(r0, &(0x7f0000000680)=[{&(0x7f0000000bc0)='a', 0x1}], 0x1, 0x0, 0x0, 0x8) r1 = accept4(r0, &(0x7f0000000240)=@ipx, &(0x7f0000000100)=0x80, 0x800) sendmmsg$unix(r1, &(0x7f0000000a00)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000002c0)="ee0b680c3e3cdb81265d0b269c5078e18124ab7d5a27ad5790142a52b82a103a6de8b52f31ae87", 0x27}, {&(0x7f0000000340)="ee9707f50839c55e877025ad74ae7dce3949d5dc8c150cfb1a1625372959df242e727bad54c29d5372a97adb3770cb0d461eb6c8e40d84accc95f0a84f4441720e7bf442cb4dc50a5113d02691cc6c801288d1d18837a9abd6cd8c73105762e7d108d0d012af0130535b3ae6398d80fa9e9562df983b8a28326410ff0752eb6d868709f5b164627a5efe357572de4a7cd1bcb781e236039ea740f44b5861094c405e03aa24678181940d55c6d645a9058641a416398b0bd4a1c6c809fdd085ac43a1271e65", 0xc5}, {&(0x7f0000000440)="20549b33fbd177c2f907e3bf66bed3523e1030182a305fe5708f3a3ceff1a68daeabe0730f2f0f7f8849cfcf01b399df9e73e0c9f62e5501a3a953f63229460e4ce3e5e30d2315cb9593d59bf93efa299c9101d87088d27c2eb1209209ec5aba08e35f8f481442d6fe5185c956d468c1b3be0e22f7ddebd73214cac8018a29dbe4f9c77d6f1c4f7c8047a6a4cc7d44f45078c6fb7edca9b82298ebed72096b196082edffa20a5a1f180222329b45a029bb1bc5feaf93e790ed3dd8ca5d44f908a7edffa098860feb2dc59e07522cf5017778936b28f1ca84693cbc174ef8e2d6f040e50cd191bee7c4b63e", 0xeb}, {&(0x7f0000000540)="f075ccf034abdf2857f3e7a1c63904dea65927061858526053068fc68b8585e6ddd32d131caf97cefc2231909e90637a2a4178c3cced15a6f69d450ebe2b628829733047a6f85790a7cc625b08a983907b84b143be23e6410e73f930806a6e2664b2e7efae368789b9d82823194c9a235fe47cc093bccf672589657a32a4baf7f8c3c6461f3b116e714efd9aa1feaad7f8143f0ee6bb7988f21629eb3edb036e73de0b15a74f54c9e23e14873dafdd92dbcb6576253ba9fbaae302f87478027f04862f85ba1758822f889193af76f4399813d335f7fd6f7ba02daea306bcd7e2f1c69d98964fe5daf81d662207695418374615", 0xf3}, {&(0x7f0000000640)="379571dc0d3b0e444ef8a4b8a47cb3f66334788fef958650745b2443d107d76e386023f5", 0x24}], 0x5, &(0x7f0000000740)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}], 0x40, 0x40000}}, {{&(0x7f0000000780)=@file={0x1, './bus\x00'}, 0x6e, &(0x7f00000009c0)=[{&(0x7f0000000800)="80850d7d3e00952d0e067141348f651c4a794dbcf36bed5114204ee53d291284068322aa08ff4cb3df0be37f0a6e759df5acd8bdec2f4c95189fb621966085a66fa7ba2f6a21eefa97cd6aa3b244b797881fd7dceacf8995bf7de17004497dc0c1f1f9b472699477d2e92336edd7bb785d664e96c37c78d994228b7d655d390d6a8e14022b9b582dda175d064a5dfb4bd1e157efda5b52d342796c074600bed6bf6515056b355679650dc6d4e7980c88bedc441d01e04d9475f928814d", 0xbd}, {&(0x7f00000008c0)="3a927c55", 0x4}, {&(0x7f0000000900)="909112c822951585df5e970686011ff011326014dea46f97aec7bdd89ea6ba29fb9f2ba00e6adfe9d8b365cdb07f5867b40a9b006079a83d09126779e0b50d06b7ed3a0d13d78259d6aeb530eda695f37ccfd5", 0x53}, {&(0x7f0000000980)="dbe88c2363d1a01c47727c18a0a6d4cc1afc3f972233ba7804217d437e9b46f9", 0x20}], 0x4, 0x0, 0x0, 0x40011}}], 0x2, 0x4000) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x1db, @remote, 0x6}, 0x1c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r2, &(0x7f0000000180)="631ca081346fb4ac20732ef903bc31301961cb33f0288ac86ac3c9595a0ff29f42677dabbe7d7eba9b90997fbd00bf3e17fd5d7b919ffd1a9435b37fec3aed6aff5fcd15abd35298a51786395cdd7876dfc1b0cf88f44b5c275519521149e11a8495eea41b4e5265529049628281e383ea5e67810a1841f2c71364d22aab6e9796ada3146c", 0x85, 0x48000, &(0x7f00000000c0)={0xa, 0x4e22, 0x6, @dev={0xfe, 0x80, '\x00', 0x3f}, 0x10001}, 0x1c) r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x80001) bind$inet6(r3, &(0x7f0000000080)={0xa, 0x4e20, 0xfffffe36, @private0, 0xffff}, 0x1c) 00:39:57 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x2000, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000300)=[{&(0x7f0000000200)=""/85, 0x55}, {&(0x7f0000000280)=""/100, 0x64}, {&(0x7f0000000140)=""/37, 0x25}], 0x3, 0xd9f, 0x0) write$binfmt_script(r0, &(0x7f0000000200)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="3801000010001307000000000000002000fc0100000000006462092c00000000000000000000000800"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000003200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000200000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) 00:39:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000d3f4655fd4f4655f0100ffff53ef010001000000d3f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="02000000030000000400000066000f", 0xf, 0x800}, {&(0x7f0000010400)="ffffff03000000000000000000000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x802, 0x1000}, {&(0x7f0000011500)="ed41000000080000d3f4655fd3f4655fd3f4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x419e02, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) chdir(&(0x7f0000000480)='./file0\x00') r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) mknodat$loop(r4, &(0x7f0000000340)='./file0\x00', 0x20, 0x1) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x72a89446, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="cca11bdf4a61e0e172e881895a4e0a4d2ca4b219ed9690769b6633968d4f227edb7362e919bad051ef4cb47703c29e277ee9c9597563ee6b767a53b2e3cd79adfeddec996684", 0x46, 0xfffffffffffffff7}, {&(0x7f0000000280)="b83b9e24ec849839a9f2690e70ffdead559897feb384837a6e3ad716b55b04968ea0c73b51a8570761cbca6e8d657a18f6b482c3a6a35b27ecb2918a5f11ad8a875e448e826e2f39eca605d0962e401cab056062c4c33aa43ef7b950f28efd1639a376f699f3eb6aaa79c4c4cdedcba6276a", 0x72, 0x100000000}], 0x24004, &(0x7f0000000300)={[{@test_dummy_encryption}, {@orlov}], [{@dont_appraise}]}) r5 = syz_io_uring_setup(0x533, &(0x7f0000000040), &(0x7f0000ffc000/0x1000)=nil, &(0x7f00001f7000/0x1000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000240)=0x0) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) syz_io_uring_submit(r6, r7, &(0x7f0000000180)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r9, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r8}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000440)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x4, 0x7, &(0x7f0000000380)="ad26fe3f8f11f4b686727b17d44949153ae22293472ce61e217c1725387c5f76638b27722755ff827d3d955a16d6307a51f71bd78bf307fd2ce698b7a0dbf59408e1d0c2b284445dfd0732206209f9d9b59d03b9b7483fcb36d0d215aca45d6eb161e080f7598c2c1ef4381e4824e61fe1868b39a19c656ab4f01b4afd2a46863632607e2ee672fbd4f9", 0x8a, 0x2, 0x1, {0x0, r8}}, 0x86) pwritev(r0, &(0x7f00000006c0)=[{&(0x7f0000000780)="c3", 0x47fffe0}], 0x18, 0x400fa7f, 0x4) [ 125.087940][T11097] loop1: detected capacity change from 0 to 264192 [ 125.108806][T11075] loop2: detected capacity change from 0 to 66 [ 125.123415][T11075] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:39:57 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e4", 0x2c}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 125.167419][ T1040] loop0: p1 p2 p3 p4 [ 125.179711][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 125.185810][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 125.232102][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 125.244895][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:57 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:57 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) openat(r2, &(0x7f0000000080)='./file0\x00', 0x200400, 0x50) r4 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x10) writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000180)="3900000013000347", 0x8}], 0x1) write(0xffffffffffffffff, &(0x7f0000000180)="1c0000005e", 0x5) write$binfmt_misc(r2, &(0x7f0000000180)=ANY=[], 0xfffffc7b) splice(r1, 0x0, r3, 0x0, 0x4ffe0, 0x0) 00:39:57 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fde, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:57 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000200)=[{&(0x7f0000000100)="390000001300034700bb65e1c3e4ffff060000000100000045000000250000001900040004", 0x25}, {&(0x7f0000000040)="899f0ea1156626d6fb07e613d79d0b6d58348a37", 0x14}], 0x2) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) r2 = socket$netlink(0x10, 0x3, 0x2) r3 = fork() sendmsg$netlink(r2, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r3, 0xee01, 0xee00}}}], 0x20}, 0x0) getsockopt$IP_SET_OP_GET_BYINDEX(r2, 0x1, 0x53, &(0x7f0000000180)={0x7, 0x7, 0x2}, &(0x7f00000001c0)=0x28) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_group_source_req(r5, 0x0, 0x2e, &(0x7f0000000000)={0x1, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @local}}}, 0x108) dup2(r0, r1) writev(r4, &(0x7f0000000140)=[{&(0x7f00000000c0)="39000000130003470fbb65e1c3e4ffff06006000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) 00:39:57 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e4", 0x2c}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:57 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000080)="eb3c906f6b66732e66617402000101000240001516f8", 0x16}, {0x0, 0x0, 0x7ff}], 0x2008000, &(0x7f00000000c0)=ANY=[@ANYBLOB="c9287541a83e8105c582c63fe74f9768fb64"]) [ 125.297800][ T1040] loop0: p1 p2 p3 p4 [ 125.303785][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 125.309786][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 125.318229][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 125.326215][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:57 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e4", 0x2c}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:57 executing program 3: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 125.376235][T11146] loop2: detected capacity change from 0 to 66 [ 125.381828][T11150] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 125.401358][T11146] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:39:58 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e462", 0x2d}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 125.429232][T11150] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 125.434905][T11160] loop1: detected capacity change from 0 to 264192 [ 125.450590][T11150] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 125.461936][T11146] loop2: detected capacity change from 0 to 66 [ 125.471580][T11146] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 125.492840][T11169] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=18432 sclass=netlink_route_socket pid=11169 comm=syz-executor.5 [ 125.498890][T11174] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 125.506010][T11169] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=50688 sclass=netlink_route_socket pid=11169 comm=syz-executor.5 00:39:58 executing program 0: r0 = syz_io_uring_setup(0x6612, &(0x7f00000003c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) unshare(0x20020400) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)='./file0\x00'}, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x800) r4 = socket$unix(0x1, 0x5, 0x0) accept$unix(r4, &(0x7f0000000240), &(0x7f00000002c0)=0x6e) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r5) mount$9p_xen(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x849, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=xen,cachetag=\x00,cache=loose,appraise,appraise_type=imasig,uid>', @ANYRESDEC=r3, @ANYBLOB="020000003c", @ANYRESDEC, @ANYBLOB=',fowner<', @ANYRESDEC, @ANYBLOB=',defcontext=user_u,uid=', @ANYRESDEC=r5, @ANYBLOB="dff4b3925dd78fea21406536adbdb0eee121402659638db5f2277bebcc42bed4ca11a61b6529c57fb26019e5341327d319c867c5610b2093f75ad769f30d5bfc4c0008a8c89e67f76d281124786fcba2018942596d16c8f6726b3c1c3062bc8f34659c392f79814c4e2b4a3b4c3413201497e9a7d024bef7d29a88614f47efca160eb31905f1b27e49d23b2fce1b41478a2eaa9199c3961d1dd748a513f2e9b38819cf024df15b830c51fb"]) io_uring_enter(r0, 0x6baf, 0x0, 0x0, 0x0, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0}, &(0x7f0000000480)=0xc) setreuid(r5, r6) 00:39:58 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e462", 0x2d}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:58 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fdf, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 125.582704][ T1040] loop0: p1 p2 p3 p4 [ 125.590568][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 125.596628][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 125.608177][T11192] loop2: detected capacity change from 0 to 66 [ 125.618628][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 125.633276][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 125.643093][T11192] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 125.695904][ T1040] loop0: p1 p2 p3 p4 [ 125.700347][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 125.706382][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 125.715480][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 125.722299][T11192] loop2: detected capacity change from 0 to 66 [ 125.724017][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 125.736619][T11192] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:39:58 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:58 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e462", 0x2d}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:39:58 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x200, 0x0, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [""]}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_SET_MAC_ACL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x84, r2, 0x10, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_MAC_ADDRS={0x28, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}]}, 0x84}}, 0x20004000) r3 = syz_open_dev$vcsa(&(0x7f0000000340), 0x8, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_PMKSA(r3, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x40, r2, 0x200, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x6, 0x18}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000001}, 0x8000) sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x400, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @void}}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000040)="390000002e00110468fe0700000000000000ff3f020000003b0a00010000000004002b000a00030014a4ee1ee438d2fd000000000000007200", 0x39}], 0x1) 00:39:58 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fe0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:58 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) r1 = socket(0x400000000000010, 0x802, 0x0) write(r1, &(0x7f00000000c0)="24000000200099f0003be90000ed190e020008160000100000ba1080080002007f196be0", 0x24) r2 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r2, 0xc0a85322, &(0x7f0000000100)) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x13, &(0x7f0000000240)={@broadcast=0x18000000, @empty}, 0xc) 00:39:58 executing program 3: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 126.357366][T11225] loop2: detected capacity change from 0 to 66 [ 126.364513][T11226] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11226 comm=syz-executor.0 [ 126.387730][T11230] loop1: detected capacity change from 0 to 264192 [ 126.395543][T11225] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:39:58 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x227d, &(0x7f0000000480)) 00:39:58 executing program 5: syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket(0x0, 0x800000003, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'sit0\x00'}) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20040091}, 0xc040) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$TCPDIAG_GETSOCK(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001900)={0x4c, 0x21, 0x1}, 0x4c}}, 0x0) sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000000340)={&(0x7f0000000100), 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x2c, r0, 0x400, 0x70bd28, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0) ioctl$BTRFS_IOC_DEV_INFO(r2, 0xd000941e, 0x0) ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000400)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="0400050900000000666174000404090a020002740ef801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r4 = open(&(0x7f00000000c0)='./file0\x00', 0x1013c1, 0x0) r5 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) write$9p(r4, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3", 0xb5) sendfile(r4, r5, 0x0, 0x1c500) [ 126.406534][T11226] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.0'. [ 126.438287][T11241] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11241 comm=syz-executor.0 00:39:59 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x227d, &(0x7f0000000480)) [ 126.452285][T11243] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.0'. [ 126.464600][T11230] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 126.482021][T11225] loop2: detected capacity change from 0 to 66 [ 126.495645][T11225] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:39:59 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout_data(r0, 0x107, 0x14, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket(0x200000100000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r2, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14) sendto$packet(r0, &(0x7f0000000000)="a261c3dcbd5ec9513394eca6d0fb6738779b3f447fe5076611906e770870cd58bd933cf52512d5646642fc80b146583400d2c7690613abac2f288660fdaf2acf446f65444e60822aca32e1a8c094839012666bda96bf99b2dcbd397f03f2af1863f6c11876105b8bf9cb0e368bebb6bc80e17c0f7c03ed522cc06d532cb1d9e38739946eb91f22e9f6cf7ab45189e6e6255884d47c3bf60e4c27af78eda1a68c14116f0eb5acfedfde3b3190dc62af6ac1de9a2627e345fd48812dfc12e8d397e49202cb25affde2ebb2cb3e878ee478c0981770d40d15e056143e52ec9df3f3c20c1d596618c87b70dd8d1770a60709201168a5bdff0b66cae5150c3359e68fee05016fce32e6e19060b7dc988e49034565792bf06ec2f09a4fe5e3943738ec30df0737fb20c9663f4fefacd60d147f881ce2b7bc53b53ab45c4480113c225de1e97cfeeb5c18cd4c9e895d57e4e0132a5cc72147ae4f822339fe539cefa5bcf0de38488234861af85ed429cbe3ab1ed0d850ed989a06ddbf7cbf6f82e16df3bcd1b77e38bca0272ee14ac678bc69e11b9fa8e6bba82448ae757a713fc7e941b261c24d0555d517152ffbaa32535093f1bf4c58573cc979a2e6bc55b650a0f3790604ad1a58691544042f508958d7af9291590ad65fd05aee9c138ff926ced1035954b4c76c97b658f17f41d3bdac6b5a5b466d5d5893c25ec95b05a6a857cbc9736e98551b3f45d8fca25070efec2bf9d29234eed2371df8e283c1d9fac560cf8a81d90471a9cc18d9dd7372af954c86f975f4e4e618a07639cbf429471f1bef3aad7a8988ed1694c316aeac69978085df3f3878e96a2e74b7956fab5ef28375ee38857f11ff82160fe0cf4f03271d573023b82e899a98aa67d6dc9a993b69b10ccd76ff6dfe6d20bcfc70b6da166dc5833abe91e368d04fb5414876a28bad5080e4f7473dd2ee7a8f1e3a05c357fca71e3b580d9e08b2d44eafff9de16cb489b3d7c269b2c8c245b11c48406d0c20d4f51681b107aa95d6b1585b01623c5fe826001229f949c72969506418e00cf429882dd1f0bd7be4de07696de37a49c17dc96afb1a5b3771fd905a3767561219aa639a967b9a1888c706f9b4394486d0bdfc9db8e4ebb422cfc3200a50bd7285f8e6fb55e61952ffe0572bca1066a35759a353dc0dad62887e04503c9b3051402c58e06b7994eeb7fcaacf4a0893f98685874f0e6b5fcafb8f2b942dfdf56138e8ef1a28f4420299d2fbf3740787ef58fc5e671ed9f8f0d9e79a13ace9ae19c48594c389c9b5a8b2c9653d0eadd937f8564282261ba9b1b46fd812982d57b6b60a18a12ba596bff62879e3ba2aab7f48dae067be8d94b90010a8787be348ff3c8cdaa0705c7090873e05219e2aae60c9f28c734e3d522ed8762078d1176a4457fe910dbcba4d41f73da3da902c0122bf55ebd63226c5d49014d9b29bc0340d3b80ca22c138e3d4da57b9e5108707498b20ae11b5eee4b05c8df656830d11f3196216067318b546a3bfe3531a301e8f76de4d9bc2c27ed0aaf16099ff87bdd2feb39f10b034a06fc052d909f7e4f3fc1ab39bf03587b9d9c6b39efb4039f5bef35817bc3de0a27cc3de12ed6d27c25530c26ac81e9a9d0e1a73af6e66249cd4765272534c05f1996613b38f3cf308c909ff330e4c11b6cc3d75e014e9784459bcd8967afb1086d8256b0447bef61fda2ba5439d213ca518d605084932be52c8d678fd999548272c6367e68512141fb2b1485a50a0de5bddb0443b75d878401b254d2d4b0532a6227d8db769ee73a31894d7e38854fa8c3cbb875bdee05384fecadd9144e3d02e77a9dec3d9507d2de896ee578c8c7300a61a8b7402267e94281e813630c2bc997a870ee65257e54970db4063282f6c617c700d10486bfb3d13b8ff0c1e8b7f3d63aeb25ace7d79d17e4fc81d9b2b0b6c126c51ad11714df70ca67e4e316bd09f42a0ccad523484bfc57ceff5d0a02995c44c86ff1c3d2b9a484e17bebfaf38ed9def729e7a7fccc7f42d19a64e60f9677a176b63f02a6d4549f661df9f87e1006ec8e7452b1d7c71cade4327a4e55adb816751ff3245b45857c31abf6c92643f3fead1f97d50baaeaac535df1c728e380114fe7b936fc02de337450ce31955860da716814922b1af387167cf5467afe35a9256a05096462a5923ad790e2eeaba8264356b16088bd2ccd9ab4450d178892f8851563ebc997c6974708ec8e9fc0388e51fad122cd4de5d1babf5846e14ea72f0a786b769c22aa16f6c4d1fe37dad59b914e7a0756d1dfc68a4d53e455154ce778865f68fb1860cff19eaded40ee0466a2636be987997822c559003205081fcd0972330604577d92893f568e8556f398330d9194d5cba10269cb380822d08988e500c9e013d9ec6a7cd2a5683016828cdf1745bd51e6a60fc9151152641bac62167e38564123b6423f6ff658588d79e607a3e6d5a0809891a2de2dd0730735ab29a405fa1ec8e24fd38882c2264279f14c78db887788a36e36b5359f5d021c482882a6ac1670a6c1108e2cb64ed8809c6969e5f46b62155fe664b9b4bd40390886d7e9dd55a54a945d744da98f9a4ed976fd76953db4b2db2cfc02ea644d9b4cc2094858b6def04aa48f6fab714376800a811752b0ddbbe7952f5a21a70b969e115f2c8f4f96be7dafae9b90f74c8fdad3b62b573bc9a1dfa57a67652d4b5fad2de285d3c2ca2b604638552bfb9cb080ab6e97a16aab652198bbc24d549d2e046937945148b6f730f32ba3f00c090b74ae91e8917d3bcee8ec4685561ef13d4797a02e5a9cc2a10de4bc3bde6c5835b93cfba170924d8b85318c7a08e1b4c24255f977b98f45058a1d8ed9215f5cd63cc5115c02c69e1bc3ea387e9258ade3f0a78b8b825ccc18097c30ada3af53eeaabc8b347e73332e9b038adc826406fef5ac6c9e3139f0ee470bed3dd008a13ee6281eace58840519de25f4b768d0fab8eb1202462981bf8273bfb2da842c5280cb4e69b7363aa6616c7a9c5daa9a6fc9bfa0f9a8bb5566fe6cf361238dd4f31d9e4c2cfb53c7c545921f4abb3199a3514f047a1e4ff0250f8e891f9073555d9a197ff055311b8abd61f9e7f366aa2cbcb0916e523d404b25bf67aba0a183a28bf42e34eeb23287d817e4710090548e0840b0dfad3b9edfbb0778a33d6441367efbb0389b5e404f57656e4fe30e67c253f2b7ff1a5c80fd004c4881aff6fe54d054ff78e4d8520477f5545970bf1e8d5cb3d8ef16fdca2f898968f90aea8db2ab317ed38ed68f2cbd12e9d8301cf5bc60518e4d175a239755dfaf9d3250fddfcf6a993423eb1d282912539bda0d73e4c689a2e18cbbe6a902526751161b90700f8078cb89beb4b7a3eec618a8aaa6f0d509f5b82b1f41a7b7694e45014b32a436605d003f5edcab6564b78eadf890647c8b1de90155a7700b1cd7f9e2b4d5863bc0266dcdfa9a1ed8de4fb8c5d44c0a2abbae047bc2211f340558f49f089e132c64c206995f18ffc478b409c5105aed84a1e6f628e71e1a62d2019d807459523c43a266536ad5bcda12aeeff512193c085c240d75c700f753baebc10e9dd970cc0adb3216c412d3178c086d57f9c8de9a64cd448d6f48c614aab094593050d6d846d26207eab9b9bd4df2bd5bfafe622c2633647c5a01a00b09d5a7bef69f51502f0ca6563b32dbeb6ea6502c4d9d21042e0115cc173c76c90100e5b1cfdbd6b1179e620df59ca3e7a6d95076a0f9d07a873930f0557f354f66f8a1539de9919c9dbc3da05e512a57ef17176c42ba22fffd294113df6cc11b2338948e380b7fc7fe75eb42865bc14e31108e62b3af8e724ec36d974eba1d919791293cf227cdd57824653bb669828bafa2b69e397767d2cd5e6ac2eec6166bb7dad8969904788cd0cde24aefad63ac811cbccf1918aaa240bec1b54490e54a64313e624a6fb455884d7a3f9052be594da2de28b9ca95215e782e6f561038927e37a80eda9c54d3c899bbf7bff720ddf91bb025aebf58178826809da5c975c136f02f219d307c5edd5fcec3bdaa58057a58b9b526b8f243072f2603d739322734ef56462aa16e7604a7e5ed1f1cb36b1e5b70a4cf5d378a8a06b560d825252c4fa0e43b0453a501f95ac70780823d47383e28bd495a49e32bead397c3f6a70a078d496869218a8d98314c2d300795d46ebf13a1021dd10969df01a6292f5e13b58226aaf323bf0eeb194c2b4b065d0b57b039d4e3e3fcd6cb3150847c5e20ecdaf5a402d1deadc830cd9dc89e992c7b224687d027fe8003a9bace37f160b880847bff71a4a0536bc9ae8bbc4f6268c3991cf613af55996f038dc93c60af86c4b14141e7c6ccf6fae364118e8755d4b04787fcb969c820f5babfc2a215d959f2df969c247e01fb9cb9ef79ea7362a4876f26e5413bd939d882ead496c4b4fe13f13b67578f9785fd1f3945eb16aa50be30a2464f0f093cd34349345535e6305e1bb2b4a1f5a6357e5cec0da01991e3731e0dfcdf39667fcb355ed62208208d471de0fd1f5c9aaa79efd2410fca9ee116b157b997068b25b88eadfe6469a6d197d45370e27dd8cee9a8ccecf743cc1604ed06f9c7a4c49d46471b0aa2ab8056c403f903d7be7480999209d1aed6a6b51003f261e6bcf4ddabf171e17c3560b54fb3b6d5bfdca7c57e7995fc5593b3afe99013deb2213312a22e3645da766cf30054c359e93a7d2b129468c980a6e33b366668e07b5e2e9fc4584d2600559ec18c8a201d96bde254f0c29c09b2507986db0f9b66b63c29a33c5a7ba5bd7a58ac08b9ad8930b1ef2fc226fc2965e8820d4bb5cf63212125b8e3754ea99cfb4e3dcef6d9b021eb63dd046cff40f44d56c3297acbd862604ebdbea4dc89b3698f5219644e2f990fb6c45d2a042194cc6026089fd69524d74fdeb2a816d51848fdc61605079de43875022a5f749b1e801d11eff245f84040b56259ef5e2cc51c69f866a4d141fe1a49c597a10f238b25e9c88f022cb64c310857ab8466a194a47eb1bc9d4d5acb07468176dc3e9e1184cb34230fc758d7ddaeb02f5d7a3c2584f1c7656cb7bdd1d5e041fdbb7b6291e1d4784bb08e983ccc3653f743e4ed45dec7d0162b0b6ab2590cf6cf92f616c59a811ae3d312f145953de6fdaa91d4fa1208f90b560e0c0a5690956deae637f420e21b4625b0c038864a5e3250ef398a156f46bf8df7b72aed18209b4786dc31f1d0ff8556f3921ae90c5997c42fa256cea748a2c016f056645cea77ad1dc6fc150e16c14049906a73498f4747ff9ae548ca731743072d25bb5d4cfeebee01ebc398bbf6b84c57acee7548467393c9d104b17b2ca2a7e6ede67533be45fdfe4656ffdc1774a0b07b649a15fbf577312bacb330e56f004b12e7dc81467ec5756b338694621357e461572dff0f23daa208b8556309767fa9d6b0ac9759fc4a727ff19bf5b46b667f619673268919c61e0e1237987b44b36556b04ccfe6001492c4ec93d7d4088df227a737b7e74173734b254fd0ce9aa8d2cdec5bbb5f92a6e667aec1f28a1e35c12d3d6933c3a330c1ad6114e3700a7e99fab5b15df29b196fdf6d50a6ad276d7315588ddd79e86e8731cfb25d8aa5748a4ffd3dfc1b33cde1f2cf5582583e26cd2c80079845f252db4055c217d06fc97a4159a20bb54471648368561629e7a7284f4a7340c14c948afd3a0167b2cf696e4310cb7ab545b3881727c8dbf5f87a0a473ba433d79bcfb168d5a8194066a33ac03129f740ff170cfd8cd2bbcfbb", 0x1000, 0xc050, &(0x7f0000001000)={0x11, 0x15, r3, 0x1, 0x7, 0x6, @remote}, 0x14) 00:39:59 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x227d, &(0x7f0000000480)) 00:39:59 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fe1, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 126.619942][ T1040] loop0: p1 p2 p3 p4 [ 126.624474][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 126.630480][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 126.640478][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 126.650165][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 126.651763][T11274] loop2: detected capacity change from 0 to 66 [ 126.742841][T11274] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 126.758329][ T1040] loop0: p1 p2 p3 p4 [ 126.764626][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 126.770672][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 126.779790][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 126.790308][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:59 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:59 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, 0x0) 00:39:59 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) bind$unix(r4, &(0x7f0000000080)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) socket$unix(0x1, 0x2, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}}) 00:39:59 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fe2, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:39:59 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) bind$unix(r4, &(0x7f0000000080)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) socket$unix(0x1, 0x2, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}}) [ 127.264577][ T1040] loop0: p1 p2 p3 p4 [ 127.268939][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 127.275000][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 127.286946][T11304] loop2: detected capacity change from 0 to 66 00:39:59 executing program 3: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:39:59 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, 0x0) [ 127.327614][T11304] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 127.331445][T11312] loop1: detected capacity change from 0 to 264192 [ 127.343539][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 127.351334][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:39:59 executing program 5: syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket(0x0, 0x800000003, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'sit0\x00'}) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20040091}, 0xc040) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$TCPDIAG_GETSOCK(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001900)={0x4c, 0x21, 0x1}, 0x4c}}, 0x0) sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000000340)={&(0x7f0000000100), 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x2c, r0, 0x400, 0x70bd28, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0) ioctl$BTRFS_IOC_DEV_INFO(r2, 0xd000941e, 0x0) ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000400)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="0400050900000000666174000404090a020002740ef801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r4 = open(&(0x7f00000000c0)='./file0\x00', 0x1013c1, 0x0) r5 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) write$9p(r4, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3", 0xb5) sendfile(r4, r5, 0x0, 0x1c500) 00:39:59 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) bind$unix(r4, &(0x7f0000000080)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) socket$unix(0x1, 0x2, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}}) [ 127.370811][T11312] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:00 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) bind$unix(r4, &(0x7f0000000080)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) socket$unix(0x1, 0x2, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}}) 00:40:00 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, 0x0) [ 127.422617][T11304] loop2: detected capacity change from 0 to 66 [ 127.432769][T11304] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:00 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) bind$unix(r4, &(0x7f0000000080)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) socket$unix(0x1, 0x2, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}}) [ 127.481253][ T1040] loop0: p1 p2 p3 p4 [ 127.498314][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 127.504365][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 127.526523][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 127.550536][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 127.577822][T11358] 9pnet: Insufficient options for proto=fd [ 127.638009][ T1040] loop0: p1 p2 p3 p4 [ 127.642448][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 127.648448][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 127.657409][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 127.666346][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 127.752789][ T1040] loop0: p1 p2 p3 p4 [ 127.766232][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 127.772361][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 127.781024][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 127.789545][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:00 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:00 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fe3, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:00 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:00 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) bind$unix(r4, &(0x7f0000000080)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) socket$unix(0x1, 0x2, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}}) 00:40:00 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fe4, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 128.190433][T11384] loop2: detected capacity change from 0 to 66 [ 128.199981][T11384] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 128.204633][T11388] loop4: detected capacity change from 0 to 264192 [ 128.233858][T11387] 9pnet: Insufficient options for proto=fd [ 128.305508][T11396] loop1: detected capacity change from 0 to 264192 [ 128.324929][ T1040] loop0: p1 p2 p3 p4 [ 128.338876][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 128.344976][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated 00:40:00 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000003a40)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x2) r2 = fork() sendmsg$netlink(r1, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01, 0xee00}}}], 0x20}, 0x6000004) r3 = getpgrp(0xffffffffffffffff) tkill(r3, 0x4) r4 = socket$netlink(0x10, 0x3, 0x2) r5 = fork() sendmsg$netlink(r4, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r5, 0xee01, 0xee00}}}], 0x20}, 0x0) ptrace(0x10, r5) ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000000200)={'wg2\x00'}) r6 = syz_open_dev$vcsu(&(0x7f00000000c0), 0x800, 0x212002) r7 = socket$netlink(0x10, 0x3, 0x2) r8 = fork() sendmsg$netlink(r7, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r8, 0xee01, 0xee00}}}], 0x20}, 0x0) fcntl$setownex(r6, 0xf, &(0x7f00000001c0)={0x1, r8}) recvmmsg(r1, &(0x7f0000000140)=[{{&(0x7f0000000040)=@pppoe={0x18, 0x0, {0x0, @remote}}, 0x80, &(0x7f00000000c0), 0x0, &(0x7f0000000100)=""/41, 0x29}}], 0x1, 0x22, &(0x7f0000000180)={0x77359400}) 00:40:00 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fe5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:00 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) bind$unix(r4, &(0x7f0000000080)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) socket$unix(0x1, 0x2, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}}) 00:40:00 executing program 5 (fault-call:6 fault-nth:0): r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 128.377947][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 128.385769][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 128.391646][T11396] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:01 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) bind$unix(r4, &(0x7f0000000080)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) socket$unix(0x1, 0x2, 0x0) r5 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}}) [ 128.444043][T11423] loop2: detected capacity change from 0 to 66 [ 128.454802][T11421] 9pnet: Insufficient options for proto=fd [ 128.476479][T11424] FAULT_INJECTION: forcing a failure. [ 128.476479][T11424] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 128.489624][T11424] CPU: 1 PID: 11424 Comm: syz-executor.5 Not tainted 5.14.0-rc4-syzkaller #0 [ 128.498392][T11424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 128.508518][T11424] Call Trace: [ 128.511793][T11424] dump_stack_lvl+0xb7/0x103 [ 128.516465][T11424] dump_stack+0x11/0x1a [ 128.520670][T11424] should_fail+0x23c/0x250 [ 128.525157][T11424] should_fail_usercopy+0x16/0x20 [ 128.530272][T11424] _copy_to_user+0x1c/0x90 [ 128.534714][T11424] simple_read_from_buffer+0xab/0x120 [ 128.540148][T11424] proc_fail_nth_read+0xf6/0x140 [ 128.545100][T11424] ? rw_verify_area+0x136/0x250 [ 128.550067][T11424] ? proc_fault_inject_write+0x200/0x200 [ 128.555750][T11424] vfs_read+0x154/0x5d0 [ 128.559919][T11424] ? sg_ioctl_common+0xabb/0x1770 [ 128.564985][T11424] ? __fget_light+0x21b/0x260 [ 128.569717][T11424] ? __cond_resched+0x11/0x40 [ 128.574460][T11424] ksys_read+0xce/0x180 [ 128.578621][T11424] __x64_sys_read+0x3e/0x50 [ 128.583137][T11424] do_syscall_64+0x3d/0x90 [ 128.587589][T11424] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 128.593522][T11424] RIP: 0033:0x41936c [ 128.597456][T11424] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 128.617070][T11424] RSP: 002b:00007f49a5281170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 128.625561][T11424] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000041936c [ 128.633598][T11424] RDX: 000000000000000f RSI: 00007f49a52811e0 RDI: 0000000000000005 00:40:01 executing program 3: r0 = socket$inet(0x10, 0x2000000003, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000100)="24000000240007031dfffd946ea2830020200a0002000000001d8503000000000000007e", 0x24}], 0x1}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x2) r2 = fork() sendmsg$netlink(r1, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01, 0xee00}}}], 0x20}, 0x0) ioctl$BTRFS_IOC_SPACE_INFO(r1, 0xc0109414, &(0x7f000000a000)={0xde7, 0x6, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}) 00:40:01 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 128.641556][T11424] RBP: 00007f49a52811d0 R08: 0000000000000000 R09: 0000000000000000 [ 128.649511][T11424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 128.657469][T11424] R13: 00007ffc94cdd8df R14: 00007f49a5281300 R15: 0000000000022000 [ 128.671727][T11423] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 128.733694][T11423] loop2: detected capacity change from 0 to 66 [ 128.746998][T11423] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:01 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:01 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000003b40)=[{&(0x7f0000001fc0)=ANY=[@ANYBLOB="1800000043000100000001000000df000500008032000000"], 0x18}], 0x1}, 0x0) 00:40:01 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2, &(0x7f0000000480)) 00:40:01 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fe6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:01 executing program 4: poll(&(0x7f00000000c0)=[{}], 0x1, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1800005, 0x12, r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x2) r2 = fork() sendmsg$netlink(r1, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01, 0xee00}}}], 0x20}, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000340)=0x0) fcntl$setown(r1, 0x8, r3) io_setup(0x4, &(0x7f00000001c0)=0x0) io_getevents(r4, 0x2, 0x8fb, &(0x7f0000000200), 0x0) io_submit(r4, 0x2, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x8aa, r0, &(0x7f0000000100)="20c58595493b495170ead3fc5f4ae38ceb2866cc9c6f9ca0d02336e0bd318808d6ed61c2c38cd01e41729f9de74d26a1ef11e60ec8d055af4d60f4c2baac390c303373b226b531d88ee8ed6599495c2a2ce1e96516e0eaecb8bf47dd085e9268e7c31df72e1c0e1cd48033d7a9bc67ec15187c238fb4e30885fd43a9221f8253a34c7e03eb3fec9c650ad570790dafcbe7b39f49af6e8690ade9d62c9551bc678af5b4b415cd773ca61f1e78fb3c8bb7330b2f33835b683c44108a4bedeec54bd8a393065406a1c5a5f0cca2a681ac349009fc4b9695df66e533caa26cc72a55", 0xe0, 0xfff, 0x0, 0x3, r0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x8, 0x7, 0xffffffffffffffff, &(0x7f0000000200)="878a1f158fb0f9074f210440e3e8ffaaed071b6c126cc32f8aa3b319632db03fa13cd88fb570afa9f775ba4ca5d2840d1d9e19cf9d353c3bea634fa5be52224e60c7146c3903634d50b3c9d51b5dba6f3ddb915d44b9b5206458ce4f75ab3d45d0d6e91142bc58e30e38428bf084c5f130d70ab422d996866d836cf240fa53b28e98e635dced20345989c3f59a5dcc46105098f5b9f116bd1e319f4e33c0e2c4ec0fd526d85d9283e671ad6664f0e52082c68b81e51d33a91d214c3516955942ca94416253dc767ace5669bbc0673bdc", 0xd0, 0x7fff, 0x0, 0x0, r0}]) 00:40:01 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x1267, &(0x7f0000000480)) 00:40:01 executing program 3: r0 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000240)=0x7, 0x4) connect$unix(r0, &(0x7f0000000040)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket$unix(0x1, 0x1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x8200, 0x42) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000280), 0x100000000000008d, 0x4, 0x0) bind$unix(r1, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) listen(r1, 0x0) r4 = socket$unix(0x1, 0x2, 0x0) connect$unix(r4, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xfffffffffffffe98) [ 129.137064][T11469] loop2: detected capacity change from 0 to 66 [ 129.143499][T11470] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 129.153869][T11469] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:01 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fe7, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:01 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x1274, &(0x7f0000000480)) [ 129.196055][T11484] loop1: detected capacity change from 0 to 264192 [ 129.217851][T11484] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 129.238609][T11495] loop2: detected capacity change from 0 to 66 [ 129.266282][T11495] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 129.304914][T11495] loop2: detected capacity change from 0 to 66 [ 129.313336][T11495] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:02 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) bind$unix(r4, &(0x7f0000000080)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) socket$unix(0x1, 0x2, 0x0) r5 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}}) 00:40:02 executing program 3: syz_read_part_table(0x0, 0x1, &(0x7f0000000600)=[{&(0x7f0000000000)="03f663020206af540314000000ffff0000000000008eedea2792e7dcd8e1ffffffff4100000000e7ffffff00000000ffffffa6000000000000000000200055aa", 0x40, 0x1c0}]) syz_read_part_table(0xaf3, 0x8, &(0x7f0000000480)=[{&(0x7f0000000640)="c8c38d22239066d7a9858148fa2b21bd34366f68476d1d4ceee14c0a06cefe118115f1ff36c516c8efd7c37c586cffe8a8dabd5b2bfdda46070911fd6286a41e97351e561484ef230ea6d89ff1fa042454475fe19ac3fe6d19a4f636dafcede3368233f9034d496323e29412fd71ca5c86d5bd371baba8ca11cf2550dfad0c2d6fc8ff99d003626e1993cef31b0bdb13bfdb0cc2e3533ff3394de3e0418c6aef1f4fb58e21ce040bdb1f401ac7977fa26fad551b1b4f7cc154e85fc5378457a4df08a17a2c5602fd3411fc42669fb4e624fc4746bff1e9410549873bcd8b3cd5abb3c09be6bc7d30f45c288b385da6f362ca2f3515e3b636011fe51d3d449db91cb77aaed431a440f4085042dfa258f3a5f8ceed9b5856b3e8e91fc881e065caa652d2fe8b85aa395ee8b00744eee6c3432a891a272db8129571f18ccea6c9331e83411d4375f8ea7e1509bd1c5e3b2775094243049ac57bc955457ddc2447bdd1e7e9ecb8afbc5779f1c6c13a39f46a58c1238eec20e1a4db7b13d7f5c409dc502959b7673bbfc3cc3d679feb1f459a79a233b1aaf6fcad5f5c0f5e056147c1c3eed9ace3460e981e104be27d63cb970b4d3358372771ce8204c5351d6068e318aac8a5ad9e01660c119237d5e90a68f4622398deb63599a0eead0b68c2b7db50cd38b75111df2cbeaa6fd91be9067c34018aa69dae61c8eff1515fae6b6f0e9b0c5d9c8b353fc2fd3df87de69793ac801b93b607348b08662009291c1920f52cdc9e81f1f0b6bbd6ed5c9e8a7c96c76a90bad5b56b3f7aa3907bdc13008c3b3c92a672788f7dd75337585ddadd543f83e43e25d083f643ea26d72e4970a404eb022c65d36a716f014b9e3fa9fee27cf4404f3159d5fcab38c6fccc8f394b767f49c1595302e8d07b9ff76b44f4acb1b70d8484b44281c6cdde3aca26903edccf98f94736991a0b5338fc015809859c0823cf7370e2b3273c144725df6a47021a3f4737a5818b94b01716c3a6e8bcefb9d6e1e35056681335316272e4e2177a31f3fcf49b41254f2c6ee1c81643d576b75d8f1b0b91051979a28bb16686d925cbea8fab75a1b93de72f0b18f62e0edfbcf12878ec07f694aa5c032f013e3c73b52196bf0c0931bf19626270c9d0ff44f174225e72da31bb045e28292ac751417a2a2ba192329b34d6cc1bb439b9f4ef066bc7bb552ec57ef7395496a1779670f6fe93135674c3ea4b3a69b7d1a1634afcb9f0c7be2a1e5a5821141f1f0ec888cec73fdbb6040f5b94e9ce40ba76fd8fa00864e8870c157d416d2bc6120d28cb35f82bc8faad2c00dcd79b572961b7b3e611dbfde2fc14e46198b6d925a0c75783f10f87232d392d1802d5815fd4d49fc43dcd335886256610c4ee0b87afc40c18138d491f0f1a34509dd14d91297c901d64a5a6ea98ee84ac3ccce62a5e0498659009736119292329c4850814321de473ff42c7d3e6703c41ad6529785f1226898596d516ee6d02a53d94d8190ca730d5d8b9747542a3d1aec76eca3280ab5011292b74705207f066743743133043864305d1c850f4fb8b25272bca1fa9c88ffb630852f095f0c2bcf0b63b2d3524168c8ab49a47e17c2a0b546485d0f19690269b3be1b874e6f447b5bf9e9cb5d53218889cf546f67eb2eb0fc5e14147b13921477adc7704e369b599ca05a4664dabb0741dfb4bf1f01627b405e4c7cd65a3b61277af68546b162fffd85fd7081cbb97d322695d20d872f315cf65bbaa4a53e9859621364057a106082f32ff33617c1a9d98428ba1d6e7128b68f7ddd0064c2916acdc4004a342bda83e25f0affa0dbb34047a561540663870ea64725b343723ba37e8485e7b215357700c11354fccfd6a68e72c7e02a33408af78bb3186d924d2cd55b69a91cf40908f850e07f763ada1453705756b8192f2259ec9ed560f71d3b0466a0a31e3bb314022f92d88858023dcf45ae7299b1fbf1fb7796aa8d9382249c1a379a1968c6dc52d55d036870449faaebce930ea526fdfe965eef7505d442a2f28e22a557f07c3fe9b3536b8a5e802d00b3c83daa209306c7d3bd744a9438774700fdc3b51906bd7852b18615da6da36da86aec437441ff86d9f90ea82d7afd96d6c7b6c5bc1558adbb839eb5c4d6d1d2d4bbe980e31ce414028fe9774466592efb8a2b3beaee391589583ec5d04148ed855e804db738164c5b7067efecabc28a7904259690df2493847faf874f1ed8f6e6dc58be54262f8bcd64267df8ab388f746b35341055540a238c2a33dca78b7eda41f3e0b0c76b9e313a05cf3b715a7502f99944618fa3ad0e7d1c90fb39a832ddb467390215ab9820b54110a17f9f3e3c8eacfd8b39839c3209b7eb1f296bf03464a4f5efb38f7ae012147b12fbe6a00c4da975f8ab3f21aa9753b552e0c7b23236e4f7dabd1e3a863c5321cad3bf365fcff40ca58445ea2a15263ce5eddce56ed39e790b5153cc81cbb3efd988892abc07af679f6e2bbae43d1a8731fccf5cfec1f677c20a297d28df25a32d72ae52211b57332d93773a78dd4ae0b9241b183dfcfc967c493ab5ebe383afed5b37ce3446b1803b3d2586ce1729e5221331a488002356e3873adf3839be47d0b1223d0c60ecb931475622b1e525c0577cd3f29ce2dc6dfa9fc3310a884ebbaeaa6b9bc91e6dde64a326669de205c90f8326bbd9195d105307c6d96041ef583469be3e1a8fc9aca012d6beed1d8517c73fe2672e56c1ed7872c546b4af9bf507f474c5a95168ae0ed8047ffa564cfe8f667c4e06c456c8985297ddf70b8e60e0674778555062980bececa1130e84656f8a296da8e971effea10bec84a7a8a85171f8147f784c65455e36b0cfea3c088f747457bdcabcd6658e048aaa6942eec9d4ef4d8f9419f6e401f3dcd0845974335a83621a6eb577d6246b5ae7ed17ef19207b2c05f1b2059d39b18d7762096e0d80c8d029108a25c22ac40f8fcccf47601faa186c4ed5df7c4c34e652d6ff731eb28406f8f5e1dfd6255b58a2ab5c6a26b0abdf8cb81ec75c23a55c99494e2efce797e0ea595c15068aef81e705d1f274d20d9fbffeaffdff77ab5b491fd93e771d60a50a733e1dc2df9e9423039b8dc30fbf66c2538ad242dc8ce8c2dee3789c93635f17ad3229756a7645a9f015886fe9eb7f379018c8484c0f964b13ac79aa98aa152ccc9974adb7750d66542f35d50eb855ec45e70d29824d3df63c92c7c1cd723c89247e2c18d4c916d2e4655f04661480956740a58194bfaf21fe1ea5df91872184649bf4a3f24c7a1923b62447f280d3221e6b6b0c2c0e85600e19fdccf615da0fa46abd66f0f643592b51d2e696bb74e7d8881993fde5a83c9a53f1342f7ca8da62b697e995b95dc5787a1ce5cd04b51250291f635d5fd425fd9c059e41c8e9cc795e9b0086d991402cf93b8a34b5cc27abd997523c01ad9900faf405b67695afe35593752a46e394f757a9efa95a6d15f72c7f6518f2508948d3e2fa97024c499ec17572161d9771118a8212f82f3c6d757ba6cc9bd11437bfb9250b9695b49894b06bd01f156fd83a7be0e368d6c4a4e66949878476622aeb6be665c765d6bcae335f8ffec8f1ed92219abc46831b9de1d27d042d44b36d1fd2f4b570a42b44fc2fd9081972b6baa05f0f0d1709ec81e70ca7d180a35f88ad8915be715039cca40e6a1c1808932d18a66b7fc50a95424c09b00bada1c63d8533e1476aee793f94beed97988880118f892dd6237cfc3cf469aaa9ed7289e22eecbd77793f2f13d7d80f43dea837b13ddcb536097ddeeb7e8eebc4b2144103498af6cc4314deeca1c1abc2263b916a58585b03bfcee2d475b2c1efba10a9ba846a765c73a0535307c6f294c061a4fbd5b30aa3a6668f0468561da92772a6e0cf407779bae91985c99a8221ac2dc81a09a23df7192655a34882afe37b7a5e8fa168e2fe441dd137e3042c1926289975c6792ef6153e283a3780762c0ce79bd0c10ace3e2f95aac8d01b57e78a62feb382a842dea0efebbb6dc4781507bfcdca672a09a7b73c36a91b6bba5f569e19a3b7d36e2466d73c8fa3a127ec6955fecfcfd07828f20183c9c0781294c4b474aa92e438476beb83d0704a40824747aa7e202558cf5d44f160d8e90d9ce6678bbda84334aff84c513d8f42e42b52540845db3b99ab5bd37d73563be5ecbb056d7c652c719d77c7fcb764cb65a9b7ce782bce599c7a7058a9559b0dac679917d62234a150436128b2a38c173a4ff494979297db414c6c8032f852f366a472b8b2d3d9fadabc2f7700b56f60fcbe3349b6c904fdb7e47daec63908dc07ca3a5f1f45d75b588c58b123c8545269351b76a1d249a963c5f86177c70bbcf29c39a458bd5b432dc65d5bf3103476e7f3c89e9aae7ca7b3d9745588807bc994972a7787f846480d627e7be11d0264f33ec5b8c9050fae39358a4d83eab3032126b56b3380f15a9cbebc1d9f759c4d7c4fe98821947d9799a8fb97308ff0595269f50e025add3f327fc939d6d86d70ca9e4035e02946cdf1b6002219053be95efc23e58110ec46bb5eb5e125c97d0637839e7132f2a04673dc7be0f7917642530e3237e007b4ec2fbfe76c959dbf35b789ea22f9f51ee218c972804c9a8b8b6b08f83c55d56f4d115aca3b6bb1874ec818b8c3cc0c5ed0b71dc10e53b2871b2312f9c4b41f216ff177a350834bfbdabbb1dae41993b05db7cc3cac042b9f56f729a6c0727795445d1a2c7765d02d29561a0ee08527fdd2ccd8af66e1bcbac6a8841180b89450aaaedd0fca08c1031bbd101188f73951394651805fa3c4212e7e19575f2e8f7e3e945e63b287bb6b392f3e0e413bf49bbf88bc5456d66f90f424f6a2d84bb44cb0664a98e7529e44787e6a19b2c87984e6e6e9bbffe2e24427d0113c59e9a80ca4e2688d4cb1ccb663d5c84222a540f1646fad5039baf6319fab0c48131bd5d6d89defc80fb177ebb6c4aa55dcb6102d0dab8d04d8dd6e86ccd29de175d0a24843921115c3bdcbdd6fa6bd6d0072210108e86d3e37bec1ed6d2b731e16402138d06e3ed5bdb5b87decb4dae171f07278cdda61d05cb62e49984254d9a1065e35109118f4ff5f9042d9a6ebce3e630a52e690b9aa6f7fc8d383cdd8d2b1b45f12c88eec4fb02c411da774dbddd859cd92089f1c8bd5f3019d1ad5f76f20cede84b9c59f02a42808168a63999ff9317838e1f48cbfeb8983785dc558d266fe8747b985e61847771ae678e7ed954d86c85bf099da901167ce67d91fa8d1a1ab1eb1824955559d1ce547375695c9f56ef94635ea6ca6012764cfe78a8b2375b3a6ab8e232bbaffbf4733bddf848479a7996d70818976f88fb1d13e20c9a86837934f5f7d74c6dbb14aef416b22d3d1af176039f9a2433ed8f9b53c5bda92fe116e67bc679e5e64012bc814f0b9f45118e067acbcea1fdd5f2c0ad0eae712c179a56e988dc1de65ea656401122c77d3a615405dea03993189db1bade29f181403d25764315af51610f7079bac769c9ece133fd9e64feaa362a35c40ba7ea091e78b2d8370427d0f11feec58dcb0db88b48f2c4c75f24b16dfb76f1db41a6a1270c6cc85fc210425bba6acce77c449578eec5a0492255cfa0421d18f0cf97e4de1d762facda9a498d27ada14e92121d8db0c4807e3d9a509513e13c550bdf4f874dd27ea844e1f2dcc92adef1588cc6f7a4f66344a7782816f504b58b4826cd02df459d3bb1a70c986c43a5f983a7c70d1bc7a26392974a9cdf562bf52978cbd79abcc42a", 0x1000, 0x9}, {&(0x7f0000000040)="b049dfd484f12c2d769c7d8095a32cb732148cd1026efc8f58c74e9c1553ae2df8b30c3d8d1a6b31a1582aabbd46122469f03a25875ee68d26f0fd7570d673ac25b4f9f8a4514db3fc16f92a3d80e64231eca9cdcbff6e3ae08cc0da06be080112b9bf0a114604907f5409f233d6b872eada661d1d6f99fcd557af19ab7129105f97258dd2cc3ad5d3f968073ee9f3a6a974a85fdb6a1b4e8f0e1e5793b21d9466aeac1c81b73dff217497fa79a7f85b00c5841f0a76fb61d96e67ddd0177c8876ee0b72670bdbf2c674429a8b134f06347f7efcaf6b208ec1", 0xd9, 0x7fff}, {&(0x7f0000000140), 0x0, 0x2}, {&(0x7f0000000180)="e4b2bd887eead49f879dc279f834ec38b9ec6918f153cb9552c9ceba6cfe1a6bf58881669bb66d8162813b0eeeaa0e60314b797508df0aaf7a5b", 0x3a, 0x7}, {&(0x7f00000001c0)="36d6983367903993398fb6c1106208edc6e6bf6c3a29d6972d5416fd6285284b23ea050c29386acfe4db0f8bcd142de2fc393df902364ed032ba5cd27a3908828a95cdc66b17b084e6d7a4672f8c6d9d3b67998916ca95b257a17f7175789c0febc7b75d2b073a511965caf7437eeb834aca17af62ae6e133d95400f67bab28eb85581c976293c51b7cb943390750448458819686c85260e7e0f68fd3ac3c1fe20d4d8460857c91d90327fd3d33bb4d6b79e54f5df36837814f6ea750c69b11675cc32b6dd4d61cb497a1cb0b74b29d52d40e536203966b2a42b733e79b229d309817cfa2ea8d674a2511c8deaa75e4d", 0xf0, 0x3}, {&(0x7f00000002c0)="0e2978df0451efb5d85a616e79be6b52d5485e06903681b650fccf43dbd86113e15a47ab7e6474f5a03763c6159730524e6205eed3c18cad963a72a3fae5d9824aa368cd3bb843b0aa6292dd69b1344adba235295962d300561fa0e97bf363cbbcc173f10f98d0e59748f9aeacad7fbacfd7de0065ff9c689a845b9e2a0951bb344abdb718aa4094e4ae874bfdf1949b18e00994af4948477268be138acb89e3fb5bc81198c30fca0d3b795fd1db575f8d2b9b7f01f9101a7018cb46015768efeeaa62feb9a9", 0xc6, 0x1}, {&(0x7f00000003c0)="9c89aa2cd8f06106c39b78cf6e097e504b43fb0ee7cb3159b0d8c0c0cfa7e7dd9121ffead1aea26f9f532191b0d998f882a597e1e6095cf77fb11ba1e773779996ae27450ad8e300", 0x48, 0x9}, {&(0x7f0000000440)="cb0bf3d0eed481e6a5df7165690d854d2daf78e8b1a4d43fdf6a9d2de109505419e02c821c1d", 0x26, 0x409}]) syz_read_part_table(0x6, 0x0, &(0x7f0000000040)) 00:40:02 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:02 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x1275, &(0x7f0000000480)) 00:40:02 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fe8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 129.556491][ T1040] loop0: p1 p2 p3 p4 [ 129.561799][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 129.567804][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 129.577668][T11524] loop1: detected capacity change from 0 to 264192 [ 129.579586][T11523] loop2: detected capacity change from 0 to 66 [ 129.586778][T11524] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:02 executing program 3: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xfb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='^\x00') ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0x1b, 0x7, 0x55, &(0x7f0000000440)="10d81eb6351c409c26c5ab9931e2b7d9dda0ee8abd1153641853a3ac0933d1dc212bea2ac669c1b164322854fd85beb898075a0b252a728bbbe80bdb7bebe81f0af02930b1e43184f3471c263eac934d96ce7bb49d5be0f1806c297f98fe19eef0bd8e12d8c94896d1dd7e5e40a971ad6a9433a650330e384c7db009c5a44c916355f7fafd29f06667fdcaf90487b03e5219a22ea9ae8ada9be7e9f25f8b9a071443b56ae741b83149a10f3a1af7b3a031319cc43a51483d0f5bfbc185c355b8a83723aed0f91f721da302f5bdf93a9b9ea86d40ece07dddf4028dbb290a12067e8f540b855a54616b4a2ae71ccee6c630feebd8192d98149c6f76b06513b7a02e3e425d6ede8b4856d6e50ddebd912c2b0ffd1a94c73ca1fe2eca0e157d534e57cf00db3fb204a9460bb5a85f085b1ec3449cd852d65f360309e5ad11150fe0eddff991dd139f30ebc74cdc2f579102b0802f26d364eb26e0d795a6ab72c552aef53901c4e09cfb13cbe5a3b8e6391c4b910a269e82da9104e577e250f082084462eb019de4529d3aef7de8431a7c2baf97c15dd2d23e1c4ed73e7332ed92050726bf85a57781085816a5b35c26696c2fbe2ceec29dfa2bbe00160a51f19a99e2bfa0dd05257acbc4df5340d3d8b04566256ee3d949fdfc71de733bf7dded7da0175f8380ab89f3c40ad61b999ea701f0aea4458a874ccc241a57e7906d38825120a72e25fcbd103b214ba50dcf221a64a296d5995db4966537ae0f425942a100af652695fd894dd1c9997816944425e02dfb72191beb10ed0875cc3c60f6c5dcf9b198d724e07d2a0bd349958fc6b39f13371bdefa34ffe285a69b46d29aa1dbcf366542130112eb8c71c688624ca3f29d7ff7131744b54eb678efd78ac25a4736bcd19060333ec32c3a74680fa81b109f6d112c10700e8645cbf9d42c39871bd9c87342045631636bfd7c1fc53a28d383db5de08569017581953db27614592abed104b70b33cc093c5e57b3c39e042e1666f110135ec74875e818e4206a149b5e206c0ccaaf64fa3cd777c3a81b4096434608310a8625daaefc35a634a5bc44a5198b8743b8966e335572de440d69b4eee4e17f6e39cd6c37e2d1686288cb51875167cfb9cfd239682d6c087df4e14a6df0510612da7e505f85c282289bc3b5353980cd6d7c575a17ef919b222627c3c8d2cac56f387ceca1bc385d4d30f5f2e171a6f96a438bd5c8928458d7fec6b1d9e9ca2c7fb50041b59a8744dcb1a473f378bea918c18ac0045fd7f833a8869fe30f0ea7ef963648a8da4c8978f096fa0a314b25cb405cd5d321fb51652eea074b009bd82d2a3709f811a9efe518e91d0d859f3d7d807dcd5b254d23eb9260eb35e56f86919c37b1801eaf4735cbe3661a1703d562b198b7c65d2c33614c19ac5cbbf33e4ae6fe3c38af0a6555ad23"}) 00:40:02 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x1276, &(0x7f0000000480)) [ 129.602259][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 129.611005][T11523] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 129.613569][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 129.651350][T11523] loop2: detected capacity change from 0 to 66 [ 129.659190][T11523] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:02 executing program 4: syz_read_part_table(0xffffffffffff0000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000240)="020182ffffff0a000000ff45ac0080ffffff0500e931190000000000000680ffffffa90000000900000087771f72003007000f00000000000000008000ca55aa", 0x40, 0x1c0}]) syz_read_part_table(0xbb, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000100)="3e63b20ec7b79a647439a5fdbb60a93e36ef3df22609cd5b9d96859397e55753e7a2d124c9a1936c80c29ded9334d56b67dfd39ef1ab7ef07d67708f8c6906b101eeb17e38cd233bb1918516173ffbe426696c84e2df71e46f1e76d2e7ea36c02c25b0a1dc28037f6779720af5f6f30cb30447162c52e75f1542a51e40b2c9914fbe1386eda5b623b30eea5f146dc02da23b76c5a9e8caae589e", 0x9a, 0xddb}, {&(0x7f0000000280)="1f362ec1192a512ade3263d4696d1d91ec36a2a3d6bf23b9269af68a47d951bcc921b0d21ff2236c41cda885fd884bff5479457fd420e4eb7ce8940998c248cc2216824c588051fa85726cd9bb88d459aa794ead7e9baa3e9af4080d0749a373fd514172c96ccf82e69e4bf51fe247f3712c97abe7ef476e92e2e8d69d89bcee43ab391ae7a1b970103bc906a2ce50fae8a735c917da88067a6bfd1119c0b4489130c0e3b58364872a288d5154634b780c0032ea65556c32f36983a0154943ce98fd716e11367a8adc49a6c02196d3f64fdd3a94d5527029ae8affc6da2f145ba0c4d4076af60f8949", 0xe9, 0x5}]) syz_read_part_table(0x2000b, 0x1, &(0x7f0000000000)=[{&(0x7f0000000080)="cee35c4e4ac14cce2803dd7c0e04770054d6b12587535f79a7b35dbc41546e42e940549391aec516dce4caf2634ba50f6161397f65a9803b9b59dc242106e044db23885731dad2a3f5b6cfbd1814215a148e50125fbd82d8d20e06e34d419732", 0x60, 0x2}]) 00:40:02 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:02 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2201, &(0x7f0000000480)) 00:40:02 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat(r0, &(0x7f0000000140)='./file1\x00', 0x80, 0x81) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000360000001900000060008f000ff68f01000000000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001", 0x4d, 0x400}], 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00c3372db7d4500b2df6044c77350172a1beab7e0766e9d78417758625fc659f0dc252668968c7637420a0105948842cd822911deb814d344065cdd33ddb0ee951cbd20835857ea17b0dff2f402531ad0674d402759b700ab72eaa0df47a961f0537cf2872099129000000000000002a5fe8f5a5eaf70a9ce8c11900c8c175293024f0d3f5798894b3db7cfec1cfb4210649e8105463b82f7dfa39acdd33605142668920a1500000"]) 00:40:02 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fe9, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 130.133521][T11564] loop2: detected capacity change from 0 to 66 [ 130.140342][T11566] loop1: detected capacity change from 0 to 264192 [ 130.140769][T11567] loop4: detected capacity change from 0 to 264192 [ 130.154091][T11564] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 130.163981][T11566] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 130.231465][T11564] loop2: detected capacity change from 0 to 66 [ 130.239227][T11567] loop4: p1 p2 < > p3 p4 < p5 p6 > [ 130.249940][T11567] loop4: p1 size 11290111 extends beyond EOD, truncated [ 130.257439][T11564] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 130.259421][T11567] loop4: p3 size 1914664839 extends beyond EOD, truncated [ 130.274755][T11567] loop4: p5 size 11290111 extends beyond EOD, truncated [ 130.282933][T11567] loop4: p6 size 1914664839 extends beyond EOD, truncated 00:40:02 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) bind$unix(r4, &(0x7f0000000080)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) socket$unix(0x1, 0x2, 0x0) r5 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}}) 00:40:02 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2202, &(0x7f0000000480)) 00:40:02 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:02 executing program 3: syz_mount_image$vfat(0x0, &(0x7f00000076c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300), 0x3245432, 0x0) r0 = socket$netlink(0x10, 0x3, 0x2) fork() r1 = socket$netlink(0x10, 0x3, 0x2) r2 = fork() sendmsg$netlink(r1, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01, 0xee00}}}], 0x20}, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x401020}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@rights={{0x0, 0x1, 0x1, [r0]}}], 0x20}, 0x0) sendfile(0xffffffffffffffff, r0, &(0x7f0000000000)=0x6, 0x1) openat2$dir(0xffffffffffffff9c, &(0x7f0000009d40)='./file0\x00', &(0x7f0000009d80)={0x0, 0x0, 0x3}, 0x18) 00:40:02 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fea, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:02 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x101000, 0x0) openat(r1, &(0x7f0000000400)='./file0\x00', 0x0, 0x1fa) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1000002, 0x12, r0, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040), 0x6e, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/51, 0x33}, {&(0x7f0000000100)=""/114, 0x72}, {&(0x7f0000000180)=""/3, 0x3}], 0x3, &(0x7f0000000200)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xd0}, 0x40002040) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000340), 0x127000, 0x0) sendfile(r2, r3, &(0x7f0000000380)=0x4, 0xdc1) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:40:03 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2203, &(0x7f0000000480)) [ 130.447950][ T1040] loop0: p1 p2 p3 p4 [ 130.452897][T11612] loop1: detected capacity change from 0 to 264192 [ 130.462491][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 130.468539][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 130.476597][T11628] loop2: detected capacity change from 0 to 66 [ 130.487677][T11612] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:03 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x18, 0x0, 0x2, 0x401, 0x0, 0x0, {}, [@CTA_EXPECT_MASK={0x4}]}, 0x18}}, 0x0) sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x64, 0x0, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_RULES={0x20, 0x22, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x1}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x1}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}]}]}, @NL80211_ATTR_REG_RULES={0x24, 0x22, 0x0, 0x1, [{0x4}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x5}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x2}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x5}]}]}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x3f}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x64}, 0x1, 0x0, 0x0, 0x40010}, 0x4000044) 00:40:03 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(r0, &(0x7f00000004c0)={{0x1b, 0x5b, 0x0, 0x7, 0x31, 0x31, 0x0, 0x0, 0x0, 0x6d, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={r0, 0x2, 0x81, 0x1}) r2 = socket$netlink(0x10, 0x3, 0x2) r3 = fork() sendmsg$netlink(r2, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r3, 0xee01, 0xee00}}}], 0x20}, 0x0) dup2(r1, r2) 00:40:03 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2205, &(0x7f0000000480)) 00:40:03 executing program 3: unshare(0x40000000) r0 = socket$nl_route(0x10, 0x3, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff}, 0x2000) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000000, 0x870, r1, 0x69624000) sendmsg(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001700)="5500000018007f5f00fe01b2a4a28093020600fefe000001080b00000a0007003500281e14000000090005407fdeafcb634803535631a1a314ba790695cc8941f1e1fe2e0f6ffcd62a77fce42180ef0050ecc427fa", 0x55}], 0x1}, 0x4000005) [ 130.503731][T11628] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 130.519328][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 130.539979][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:03 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2270, &(0x7f0000000480)) [ 130.586662][T11628] loop2: detected capacity change from 0 to 66 [ 130.596265][T11628] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 130.652362][ T27] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:03 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) bind$unix(r4, &(0x7f0000000080)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}}) 00:40:03 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = syz_io_uring_complete(0x0) ioctl$TIOCL_SCROLLCONSOLE(r1, 0x541c, &(0x7f0000000040)={0xd, 0x2}) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$tmpfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={[{@nr_blocks={'nr_blocks', 0x3d, [0x4b]}}]}) 00:40:03 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2271, &(0x7f0000000480)) 00:40:03 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:03 executing program 3: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000100000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0}, &(0x7f00000001c0)=0xc) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in=@empty, 0x4e20, 0x4, 0x4e24, 0x3, 0xa, 0x80, 0x20, 0x3b, r2, r3}, {0x100, 0x2, 0x2, 0x20, 0x80000000, 0x2, 0x7, 0xff}, {0xffffffffffffffff, 0x4, 0x40, 0x40000000000000}, 0x81, 0x6e6bb5, 0x1, 0x1, 0x1, 0x2}, {{@in6=@empty, 0x4d2, 0x33}, 0x2, @in6=@remote, 0x3507, 0x0, 0x2, 0x2, 0x5, 0xff, 0x375}}, 0xe8) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) timer_gettime(r4, &(0x7f0000000040)) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r5, &(0x7f0000000000)=ANY=[], 0xfffffecc) io_cancel(0x0, 0x0, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f000015a000/0x3000)=nil, 0x3000, 0x0, 0x12, r5, 0xe5e40000) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r6, 0x0) preadv(r6, &(0x7f0000000280), 0x2b, 0xda1, 0x0) vmsplice(r5, &(0x7f0000000200)=[{&(0x7f00000000c0)='`', 0x1}], 0x1, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000400)=0x0) timer_settime(r7, 0x0, &(0x7f00000000c0)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) 00:40:03 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5feb, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 131.282320][ T1040] loop0: p1 p2 p3 p4 [ 131.286380][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 131.292391][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 131.294765][T11700] loop2: detected capacity change from 0 to 66 [ 131.310060][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 131.317494][T11700] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:03 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}}) 00:40:03 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x150840, 0x0) preadv(r1, &(0x7f00000005c0)=[{&(0x7f00000002c0)=""/78, 0x4e}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/30, 0x1e}, {&(0x7f0000000400)=""/136, 0x88}, {&(0x7f00000004c0)=""/185, 0xb9}, {&(0x7f0000000580)=""/34, 0x22}], 0x6, 0xbef, 0x10001) mmap(&(0x7f0000280000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000080)="eb3c906f6b66732e66617400020101000240001516f801", 0x17}, {0x0, 0x0, 0x7ff}], 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0000040000dc5c00c10330b4ece457b526dd9d279f870e4f7d8ea57861acfe2f91e885b965b7da3085fc2a3bd24179436b19eb547907fe500334d3927e564731485211c3d2e957080076f797c9846b2da76f0a4c8d9469e3bf15a868c68f3cbe181a52236075097608249ff7a0b8ecc8abfbfa222053290000c2f1187030b3f69132464115e6ddd9b599fc14fc0d02a858d009ee684a058e18d829428d3d2782c945c030839598c35a1bf0bd35084d359c2a6135287142c4204e6e1fad026ac7ccb4bcd572089c257034804cf36582cef11a9dbee3ad64ce713b49f6ec6eaf27d719ade7950056f9e191568e93dc422f7ee035bf24402eb5961f987aebfd5eebed471f561a5a95fc93312e6704000000000000ec6f7d4df7"]) 00:40:03 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2272, &(0x7f0000000480)) [ 131.318217][T11704] loop1: detected capacity change from 0 to 264192 [ 131.334401][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 131.351542][T11704] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 131.351710][T11700] loop2: detected capacity change from 0 to 66 00:40:03 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}}) 00:40:03 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2275, &(0x7f0000000480)) [ 131.395182][T11700] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 131.396725][T11719] loop4: detected capacity change from 0 to 7 00:40:04 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:04 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}}) 00:40:04 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) socket$inet_udp(0x2, 0x2, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:04 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fec, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:04 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 131.441649][ T27] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 131.510162][T11750] loop2: detected capacity change from 0 to 66 [ 131.528165][T11750] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 131.541537][ T1040] loop0: p1 p2 p3 p4 [ 131.545521][T11762] loop1: detected capacity change from 0 to 264192 [ 131.552980][T11762] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 131.553526][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 131.568217][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 131.581647][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 131.590948][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 131.611017][ T8] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 131.622083][ T1040] loop0: p1 p2 p3 p4 [ 131.628441][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 131.634477][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 131.643026][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 131.650967][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 131.673628][ T1040] loop0: p1 p2 p3 p4 [ 131.677696][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 131.683702][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 131.691371][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 131.699001][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 131.726420][ T1040] loop0: p1 p2 p3 p4 [ 131.730466][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 131.736486][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 131.743888][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 131.751400][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 131.767731][ T1040] loop0: p1 p2 p3 p4 [ 131.771860][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 131.777830][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 131.785765][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 131.793604][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:04 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f000099e000)={0x2, 0x4e20, @local}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10) socket$packet(0x11, 0xa, 0x300) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x40) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r4, 0x0}, 0x10001) r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r5}, 0x0) fsmount(r5, 0x0, 0x70) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) recvfrom(r0, &(0x7f0000000480)=""/110, 0xfffffe32, 0x734, 0x0, 0xffffffffffffff39) 00:40:04 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000200)={0x5, &(0x7f0000000180)=[{0x1000, 0x1, 0xff, 0x9}, {0x6, 0x20, 0x4, 0x100}, {0x7, 0x0, 0x32, 0x8000}, {0x1, 0xf3, 0x4, 0x9}, {0x8, 0x8, 0x3, 0x10000}]}) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r5, 0x0}, 0x10001) r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r6}, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r9 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r9, 0x0}, 0x10001) r10 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r10}, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r10, 0xc0502100, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000100)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f00000001c0)={r11}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000080)) close_range(r1, 0xffffffffffffffff, 0x0) 00:40:04 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:04 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2276, &(0x7f0000000480)) 00:40:04 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fed, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:04 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x0) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:04 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 132.185815][T11812] loop1: detected capacity change from 0 to 264192 [ 132.197667][T11817] loop2: detected capacity change from 0 to 66 [ 132.204350][T11812] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 132.215543][ T1040] loop0: p1 p2 p3 p4 [ 132.223512][ T1040] loop0: p1 start 1 is beyond EOD, truncated 00:40:04 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:04 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2279, &(0x7f0000000480)) 00:40:04 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227a, &(0x7f0000000480)) 00:40:04 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227b, &(0x7f0000000480)) [ 132.229557][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 132.250660][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 132.269187][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 132.269537][T11817] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:04 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227c, &(0x7f0000000480)) [ 132.343934][T11817] loop2: detected capacity change from 0 to 66 [ 132.357057][T11817] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 132.363731][ T1040] loop0: p1 p2 p3 p4 [ 132.372590][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 132.378607][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 132.386663][ T27] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 132.397018][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 132.420713][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 132.472055][ T1040] loop0: p1 p2 p3 p4 [ 132.476553][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 132.482579][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 132.497525][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 132.505976][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:05 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$bind(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x135807, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x2008860, &(0x7f0000000040)={[{@barrier_val}]}) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x7f1f8672, 0xa, &(0x7f0000001700)=[{&(0x7f00000001c0)="45367ee8640aa8b4d0da3ac950a5b384f186d676479226b00eefc5070af2861c1c412c7bb870400ec7d01a72dd506cca4df30b19c517234bcfab62da6f765ca926d55152a3ff41a618d8df0f447b5d55668c32595af48f6b618259d9f4a308be53704f3f943b46", 0x67}, {&(0x7f0000000340)="ec3d065c950b08abbb08bc8092b5a8604e808fd64ec6846907d98ccfc535ea72f840934888f352dc815f61e6012dc3798d724dd8124e6306bb9270a493a8d67865039ae87e20469712105e60395b3e8f961418874c5fbb6e81e3aeaff4895dcf6252658543222c5043033001d4a281fbe02ff0c3080deff8334df23d547bd1233a226b5cc3cd7cdccb63ff0d70e7937892c5743c74c9ea4448f95be78698b02f6e181152c4739a76c8fbec117904e71671e463019a4f957994aa3324c04d9a346bd2fdacf156cf9c89442e0c2adf0e80fe46", 0xd2, 0x20}, {&(0x7f0000000240)="4b5313b48c265a2e75bd7985aad7e3eecf9b65af5ecc8c576117b7892e282acc79e5ed15a594f51566c3e8e3734cb04440b64a6bcf65d29b8738abb073d6b567ac4a89f85bfa71b90dce3bd552aa034645", 0x51}, {&(0x7f0000000440)="9d2896f6bbab5d2d476fde25b3d0de337161a75892a4e703f1db81ac80e390e6c4a91b7898d3a1c8b21a1464de820ead8b5aaa5e74913a5a94377b7a3935c53b2ee77abb387ed71c456d32d52ceb9cdf604de13b464263a13aa8867b1ddbfc74aafd0942591d785db40444aef09174975e916167bc7129c71c0b5f5bbbb8f1b0af958ad1535414c6552f439514b2f29a163c30956abf7e095ad88e24ed530443a571f8204814fdaf4d734085097faec82a5065a8e43bc4c35e6d72dd", 0xbc, 0x8}, {&(0x7f0000000140)="832d5ea8bd2998ec0a62e3be132dd85e4ab0de36199180efe09bc2b13741e17c5923", 0x22, 0x1f}, {&(0x7f0000000500)="b2c5a6a1fec3d4bea660ca86baff540421470b60713b17f9c2dc265452456fcff1d8eff7838b86260de0872163822e71244e82b0f6e29e42375d9d5cbd5499beeaec7bd0b2c734a18f225a67c274b25f12e5fc52de14654e1e0a20ca22ed7279c90ec3213a563d98dfbe1e7231ab639f3975f1aeb0e8f6d9b20834e27efee12076e5f3ca44a0546a7bd8971043d44405aafbe4be4ccfe89f1fd9bba6692fbe0e1e76f4d1c1db155784169bf7b13f7643a2b5a3242c29c8b7b2bc5ed6aab15e0fbe610673eed5ecab140a203406b817cef4eb3cf33baaf0de97ab4af71da24c7806be5520f7984c284bb9372e7f037c4746c0ad7d6dd8de5a115adade1b244b6dbf5e2897b118e268b020ac3ec014991d56468a40ecc4739610f2b4dd3b4626ae32970485e51b12fae791778b04b012fc2753efa680b1b3b0f286c57536081723878a126b94692f4f867814e8c88db96b5972252781259dea083c6ce4601d6f24181fb3372730be68956318eadc9b78be3567365a18f5019bc6262dfc97e47c41d2aad69906438cdedca4e3b58ffee271063a8f0e43dd74f6332ef2ab75215752b335558e1cc16123fab3103721a26484494d5e6e8dfa5aec73c984cecddd2a122302038460736b2b59ec64e451c78c5b84695f0fb548f26409c90f65e3f64a8b66537c9d5bf71b1aa5b4b7a952d95a3e29b553dff14bed61efa0e87ac493b56ee15dfdde12d8975d646c336803087750b165cf21b8fa2ddf18fd93edc3ca9447e68197efe9d1ff37596e5f27bb9b3b923fdff52709137abab8112a64966794d110542b4ef0308feaca8306b555d2cbc85bc86c8fc4b7eb42d1e62ba8839f276c31ff1324eb56e4444ad3c226e3b521916b248024723e298144bbb86a304c6b6a96245eb9e69e1b0e7c4d48917ec556a090555bcc7ba585c43b7a01a00928bccc5d810b41d5777e04188e96b52028806937af8734a281107f2e1a7e3324941c2d920d6f98c5cb9239ab913cb57a307d648715b1b36c564c1e338dcee3e332e702417834a3b00ab26e3da0d9523927fcf4874a11c86d44973af3615a21d811e779b41d8715bb07a371778b989ab93ad7582485822907db90491ac242dd19621836b1b7d8bef7a5a641ea383299a5db9989322275d299daaf97e3a4657cc90814415094ffedc0553cc574ef40a96712aeda91bed29827cf8ba145a46222d9a1408a2683601ea7a7209b637d25ecbc1cbd7db3bb4000e85fecf437ffb0fe6d0a63542870a9653f85381112bc47bc1b424992be86cbde6a994f0d9541c37f9a95e9dd2aa2c0ef36aaf50c3d4f62c92ec394163e83a98d67736287408472f6d38f4d9989eae6af6461eaa5e347055bce9d525194c868878dc7665860d98ed399f671500e5eaeb8f7f93429c217435ee2c5a3ee3dd08677802500e59d304b4f749079af29dcd92d8acf6891ee04987cc33d9530c6128c150f15f4163bfb5a6578e44cfa5a2709e29c7307e9357ea794a5a6be9d9f10c78d06e90aaf0af99d1590ef66ffdcafc0d0c9b5f5554b9a4db85624463ef6a474f139adb72c665d6a043d1c8190378e9ce570be2cef0d780c662b50f1f1eff6a51918d5873899f66be8b65164a4fe4aaa2ad1e896466396266c9aa89da3331e98b379ba40f0233c20de24af1359e6e9d5bb0ffa841a919bf71851655e44a5973185a722edc6f368f7e6695530c51652a794e44bb8ac5a03ab56abf521b8be090f59ed8ee22f609bb135a73908e876f3824e25a9d6e3a6a86a0d99f09701a5692a2a5e7dbe70a3c3b84d879f91017049125cefff2a187333e66b77f4f9b15eb1107baf9a4f96ac6c38bc10e06b273e36aa52e0a24f9fa877b1d495f549d40f0cda7638e9923b7704628ac78da8ff15d3b47898b958484fe44cd63c8de4ee4aed772e1560efe9b6a6bb26c93d9dfa5b7eba30f8dc1e2fb7fff7243e1474a515bab7a4c0000846b2505626c84487a3a9c8b49cbebe167170cb9010c44fda97c7741c4404807f7aeac913ef75afeaee38320b5809b580b4e063e688f0d28aa518b982fc8a9b9bc9bef4bed0b991ef84c806b5d92cc7be51441855b40227d3e380565290f3d040efac0b0119600f494a29676f4fde269ff5eba857cd78f1cbc66e41d2ece875b66b24692704a283cdc2a4665961d45389fbc0068de6111bb5d08519d77ad051866a9de62ab9fbc48e839c456075dd993f32ddb2c7075a623200f0a6bd381947faaf78364b4bcb07455732bec4d2706d125452ba63444f6b7be6d09c4b349e989ff5799b33c067b63c0eca231b02fe7df2deed4f227f645e6e640de893ca46ecf25a2a116570098b0ecfcc1f9c5418c7ea3ec559e4fbcc87e126b47056bb86c96e216a0ee021002a4fb6468845e6f9f9d5cb1538816914bbede192ac244405c0e1e7114a6723a47263c233b49ef3bbb78aa841cb5ae921ab82df7a6d1fceaeb3ff5747af010b0667cbd22e2b8024788a16a386d2789bc2fdb37c68c11be8091e17c3320c867c7d8c4ab2af43fde1e66c8f48071c81786901c87359d6ec0083c2197d64b8ecf63b41e1cb222caebbc688fee16e493cd6ae1d7d4c8cab9f4e03bfc9a0cd8fe76f40624ba8f372f5e3e1f02aa057e343e53b6209ebc15ce8224f2edeb5180a07eae3e06dec30e3f93a33c8b112295f07abb461679bbfdb9fca9c4d149f4a260c325fcf86ac9ab83a746c958c9ad1dce6fa65525f1edba795d53eaa03614327e3ac897586f7fa68e9ee74de11bd05b6e51caee51899a4beb65a47e8e28c71d15f4aa6b2b6495f4ddd1d2024ef99e6096ea6371817797ceb595ef3c3fe3cf998f2232da84e2ba72f0ade8cc5257022d8c0c55be0fe92464b6f85a4f704006c99c2ed4bacecebaf7319249d89d3f7261894774e0731626b3140887c82364e3dc5ec3b095985907a0eb018c741135e95b96cef1d0e25612174bca18b0678aaed6f629de5f767a7b4fbfa7d74a3b4b549255c60600c28baeac55fde58985c4f0a7fe7e6680924ad521abebd76d92a9ebca5f1190598b1f205075dc98cba324ef95318037042e404e11f517c64dc80f251122d669591cf765358f054bb674405d11d27b102aba991dda079064350fe551ba66c3217045c5794459d878713d48a5939774cd3ebf3e3bdc0c0b5d83ac6d0db9350c3a91417c331f317230a137e1aab4b79783146e8e49819407126de01c495dd94beaa0fcf039cfdea90a7fbe6907e02fac1f0aa97451a8b31687e7ac21a39ee03d6a9388d7e97d4b81fe47f70e5428e3b39e9b2c965170924fb3f072a781998af0de78c3800fe99dc5eccc7985b0e96c57256e9e0548ca298352ca2aafe7d660b259b9874cf69cfe3039c8c66e6c1cfa2daecabbfd7fee7a7464be7e1646b8cf751e7307c7d843e1b417f90568e56a89b2d5ae664d31fb4c223528a9ca1983529c720ee8f70af806e553b2d7d4e8239826ec8e03ac3e9483bd144e6089ce8140262140b976beec5c3c9342206166023904f1385f08c3a8d80d14f3826feea60e52bad3b87b2bf5c8a5d03ecd911f6e8c6b0922fc1b27c6c6884b896ae50f69246dfca9065c38b2eee7e1b293f44ec788a1d343106c96c86ec5e6fb8b8ec47631fa9a608443c03d1e57951610634eb9839aa885f81edcc74f1d943d41957eeb1347352012b4651706818be3d4323100cbbdcb536b8e02f08776924f137bb34cf5c2053557b279ffc273d2d31a31798405356d28783234383f3818d6f848dff5647f0e11e0e2b093e6f24c881361e2a58c801aa6dc1f68c3457e38393eeec48c398b93b80488548db564e2acb358910fbd30fbf8795436ca9fde3f8f0e2c674df99e27bf09a25884927936aa136121bd0fb6a6b38b9e986ac8239a25fc0c2bc523d96e7c477f69397570c8c82871f520263566e923f68d211d8ef3a84df2b24234e5c4262a6140a6cc024ebfd9b7f6d1e43498b74224264053432cf1a7f5beb58aba22290889b0f090d737244431226beb0f39499ec01fcc486bdb31831e2c83c5be2bfa023b3e1e398fbecc1efc4a3682965ba3ae5c35f91e28ef7c002d901a5ca66ec853955dd19991f640b82b6be2e904ccbea9a96b2d165a6b8f04bdc059b17fd8f5f061bf8fba2d800fe54c61b3b9031a3ab8325352e39af2bf3f94fb6d965af8de26dbf90699323aa1ceefd830d36eea21cd4d528e11182f0d4c9b3ef1c206ea83356ff124fad9a6f5fd7a49616b9868e3ac8980d308f727b4b05a19e1321e29be8b63d27a1ee02caf9ee176b587f987d4b9896aa56bbaa9728231f557cca8344fd03efe84066141db7d26164a692173d7d25905d453e050af39a83946f80575422df110728ce6854d531e07f7ba7bf27131cc22990db5dac98422d720be95e2e1b4cac5d87228aaa8d2a28ca8fecee1280529f1f496851919a12e557ea48f3f61ffe70f24e10fdb83605ee528cc3ff97f24ea6dbca7808d81df7c919ded737550f279e67984ab607bf2436743e45a05c104dd290e9d5e6ad195543784faee232cef1d4969d47f8ed6f170a5c72b61be546c39cc808d3b715e2d723ccdf2d89441e4474d24f1f3eb494eb62f34373f2f52b579a8206d13a09f3ecd6fbdd079aa49c66d2d77d5458f4b1692ffa6614cb4f5cdf43717f857195b9e536db0411bb18c5d1e07201a4e575cdb2341a288b890ada406f98e6235e04ff7d4740fe890d08d8a2aed984d9a8a64006b5548fdaec900e0c66bd8a6271c81598ed32bc128f839e0ab05a809d67e033b89430d66158f06e841fbd36775c0e89b84e4c19eb2f51b9945c0ce06d534f2d1a7f049a33d367186263762680df183892f046fe2ee58f1f8e5eafe93dea4d1b301d87c9d16bd142102362ee55fecf39a2ec73d021044080c42eb628e5c1a89cdef9aca2b5681c17925066792c3eb9ef4919af26d8a2a01f9ba0b6612738c2979895515d2bf974deb4f64537f6d72eff70f1fd0a400252fb474f9625dfd1395eba07118b0faa4527c29b01102c7f4bed0120086016a2aebc1c6fad04a22f8d84b6684311f3b4d7ed9bfac1838395ba3f80a2513b9633bd61d953bf468193bddba4145df9841748d170afde68f655f3abe2a5c8757275d5464b3407ac8c2c6ab62c0445b1548fdb1b35b506152b359003530d10fb59a656f35d6c5f234a9413e1ea1cf4de3028ac7749f2a24ae57847e9b1aeee84f287f6472a6a8b458fd4b54918116cedbd55f8ace2b7ee8b47ea838f49a2297128ff871eee6eab8478008bf9616d7b60bf33859220e4781e79775cba8235e3f495ab881b88859e7677e575bedd9ba572256f95efc5766b2f6aff56ba60b273289481089b7c1b8e90eefd965236e53043ab9d139fcdd7396b0b8ceb8ea23356c06e417937fc5939480919ef63f75d92be7bfbe87159e47780bcb81265a78247719b37d21b626d4ae0c13729a5a174e6c42d8c5f14fb5c5990818a87aab29ff1659428b3aea3482c32c0eb075ddadc0bdd41c1d2b48abdb38d1d22e550ec0708576d6d55adfca7b6abfba00242386d359c8464809763f55383824f9491282b1b7deb39004f2523767cf28cb94e9f053ec971839503ade7f4edb657e94e374bce7e7c41f4025c3d378cf2271d3b247a788bc9186e0b3daba422e187894347ae86678f10ed1aef2cc4e672c8a4773986d016c8fdc4ea7effab1f568f1e07af239ad457b58f234e7560a91ab71b86d7e87c459465c319bfdf0ae48ebd36383fa9b65148eb1ed8ce84001e2db328ca884ed50c298b590c8862", 0x1000, 0x99}, {&(0x7f0000001500)="6a611c1b831210469fb97e50abfaf9df736a0f168612a8a440b7f0379a979f7e26c78087a76392813862bae941b1c32b0110d950754aa45959b20cd8097de33c227ff07eef2437c256bdaba79cb83019fb0b455bf0a7bd2b3940b5e082e589a8cbd041c65aea233cd417402b38a585249f95330a71ff048c6dd1e6379cf3687bb03f46ca", 0x84, 0x6}, {&(0x7f00000015c0)="0d16527cfd230d585c2ab8625263c1822b70483575d2311f0ccb789dcfefb6f568", 0x21, 0x5}, {&(0x7f0000001600)="88370c9177aa5fbab25626280bc39ebf45ee5409443af30cd836191c11572a506171da3c00a7939d4664290159a4451c83b1876a6483e51ab798a5bb", 0x3c, 0x80000000}, {&(0x7f0000001640)="7a958a6daa006b436bb7b1a6e29127d9494cfc81e6d42219aad9f60ce0fa7d3fb09e0f38b15e6e2174f473ab92a2a138933d4e436e7fc7e329c4da1f557f9dfd8cc54e498b750883994389114dce84ed6273a26fd0670fa2b81e6761d8d49cb87e0ecf104f1e00a2b432de60bd5ef19eed716a5b82f6cb4dd6583056c2b744b3bd5f9eeaded797ebb8c848e2adb92b374d58d9431278ff45bc7112fb549eeb42b1a4", 0xa2, 0x7}], 0x1000000, &(0x7f0000001800)={[{@prjquota}, {@commit={'commit', 0x3d, 0x5}}], [{@permit_directio}]}) 00:40:05 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:05 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x0) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:05 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fee, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:05 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227e, &(0x7f0000000480)) 00:40:05 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000000)=0xbf, 0x4) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) write(r1, &(0x7f0000000200)="5453fc7f119f0ae69103bb2b3bdf404aa5d905a9988d9115fe887e9dc97031fb006b878df862a98a9e5b7ef6cef0197561408c79518dce38fdd7e547957f88a6b394d4cbbfc5da38298b69b847d3153439f708f42adba28ebabf0d6d115f2ff730441a64aa4da219836d5f405f190bd79c3928adf7bb7d35b9f908", 0x7b) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4) sendto$inet6(r0, &(0x7f00000000c0)="044aac2f202c5feda71e039a57a93088fdcce4afe28aac61837792741a190670ccbe1a2b00aa77a87d56a3f12c7920ad02928a5d1014e5b896f000fcf6521928480be9af82613a5c661f4110adba358afd8b5b4ef1702051e393ede2698112a1f1bdf1d0f568546ed322ab4c53545bd2cd6e48522f0c154cb3c6864dc30ae921db100f1ee97a234503338f8fdf356472da0c7ab62f274f34", 0xfffffffffffffee0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) r2 = syz_open_dev$vcsu(&(0x7f0000000380), 0x2, 0x2000) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f00000003c0), 0x4) r3 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r6 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r6, 0x0}, 0x10001) r7 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r7}, 0x0) openat$cgroup_procs(r7, &(0x7f0000000340)='tasks\x00', 0x2, 0x0) sendto$inet6(r7, &(0x7f0000000080)="baa1040f51c8083dfc793ade7e556229b3695cf24dd56a27fb10cd1fde3832a7df198adfb725a23f2ffcab0cc87f5f562015b61583e3", 0x36, 0x4000000, &(0x7f0000000180)={0xa, 0x4e24, 0x81, @empty, 0x7}, 0x1c) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) recvmmsg(r0, &(0x7f0000000880)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000001440)=""/4096, 0x480}], 0x1}}], 0x1, 0x40000122, 0x0) 00:40:05 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:05 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227f, &(0x7f0000000480)) [ 133.145124][T11893] loop1: detected capacity change from 0 to 264192 [ 133.154548][T11897] loop2: detected capacity change from 0 to 66 [ 133.167816][T11895] EXT4-fs (sda1): re-mounted. Opts: barrier=0x0000000000000000,,errors=continue. Quota mode: none. [ 133.173102][ T1040] loop0: p1 p2 p3 p4 [ 133.184877][T11893] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:05 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:05 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2282, &(0x7f0000000480)) 00:40:05 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2283, &(0x7f0000000480)) [ 133.199290][T11897] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 133.211666][T11912] EXT4-fs (sda1): re-mounted. Opts: barrier=0x0000000000000000,,errors=continue. Quota mode: none. [ 133.223914][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 133.229974][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated 00:40:05 executing program 3: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) io_setup(0x6, &(0x7f0000000180)=0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={r0, 0x2, 0x4, 0x8}) r3 = socket$netlink(0x10, 0x3, 0x2) r4 = fork() sendmsg$netlink(r3, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r4, 0xee01, 0xee00}}}], 0x20}, 0x0) io_submit(r1, 0x3, &(0x7f0000000400)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x9, r2, &(0x7f0000000340)="ae12c9f3cfb0d86bdea28c22bdb327c15c2b8d450a6e5dff462c22998672e76c6b802d14433a01a731d1820b697c9c24e13d462fd86a03310a6ef6716069195a565b275967b9961099dbb3b6dab78c6a72ad86c7517486821735192b15e2b2eed97fbb2b40ed18d1da4a14ad249c9699afa1eb73257cdaec77ec7a03d539eb74e81a3b71fd5f7b0b48fe740dc348657365033256dda904f22275f21456dfd7ba54397d167748e09ba10398fb9219be2c521384ea5931e2c1f5b521c4ac", 0xbd, 0x0, 0x0, 0x0, r0}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x6, 0x7fff, r3, &(0x7f0000000100)="bf9c186938d05f492ded18422d5e01819ffe0b147bb89dd2b77db88dd22018fc0c50cc88774fdcb2a0def6c3f13415369642e512a1261b7839c50f34740a8b8d7a20f2a2d8fb2f25a42ef9118ac8f5c4ace5501cb794176cbf12ed4f65082a22dc", 0x61, 0x0, 0x0, 0x0, r0}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x9, r0, &(0x7f0000000200)="83a65533085e406882c2dd833b56a6615c3ab68bfa88747f18af11a02229228871bdf053105499a3d360ae506c29e7566c42d32daa2b055f5d9b", 0x3a, 0x7, 0x0, 0x3, r0}]) r5 = open(&(0x7f0000000000)='./bus\x00', 0x145802, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x100000000) dup3(r5, r0, 0x0) syz_io_uring_setup(0x2de1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x0, 0x0) io_submit(r1, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}]) [ 133.248137][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 133.266473][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:05 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:05 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2284, &(0x7f0000000480)) 00:40:05 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x0) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 133.292940][T11897] loop2: detected capacity change from 0 to 66 [ 133.301328][T11897] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 133.346233][T10158] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:05 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fef, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:05 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 133.399557][ T1040] loop0: p1 p2 p3 p4 [ 133.404647][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 133.410737][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 133.419304][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 133.427546][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 133.427779][T11959] loop2: detected capacity change from 0 to 66 [ 133.445364][T11959] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 133.456472][T11966] loop1: detected capacity change from 0 to 264192 [ 133.476116][ T1040] loop0: p1 p2 p3 p4 [ 133.476533][T11966] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 133.481382][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 133.495171][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 133.505404][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 133.513279][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 133.521152][T11959] loop2: detected capacity change from 0 to 66 [ 133.528070][T11959] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 133.558271][ T8] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:06 executing program 4: r0 = request_key(&(0x7f0000000000)='encrypted\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)=',].#-.\r&\x00', 0x0) r1 = socket$inet(0x2, 0x4, 0x40001) setsockopt$inet_int(r1, 0x1f00000000000000, 0xd4, &(0x7f0000000100)=0x6, 0x4) keyctl$restrict_keyring(0x1d, r0, &(0x7f00000000c0)='rxrpc_s\x00', &(0x7f0000000140)='^@@\x00') 00:40:06 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2285, &(0x7f0000000480)) 00:40:06 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x2, 0x0) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:06 executing program 3: r0 = socket$inet(0x2, 0x840000000003, 0x2) setsockopt$inet_int(r0, 0x0, 0xc8, 0x0, 0x4) close(r0) sendmsg(r0, &(0x7f0000001540)={&(0x7f0000000000)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000080)="f99dce1a8682058541d744307305aab103fc225441d2accc66f4d310d9ac0f7929ded104d4dc7efe31e2a269ffab543cd69e552b794e3e4b62301b108823b7ef97e0", 0x42}, {&(0x7f0000000100)="c14e3d9e3d9f3ce78c148768daaaa0b46476ca8dfa6d0602de5b7aa8fe3835e7290bf4f90f064d668c993e979b07c64d81bc3c4d3ec1629c2bff926fa64641c2ca727ff44b5e96188bb82b430d88d132b09e7cf16ae3c9015c8a19ef1d3461a88f2da628c02a019d9eac5eb823a659f718b4b24b37c2b9affd07e8024f5cbd52de0eface10d4b290d5015cab1ec33d2f5acde89cfa7d2c44d834e2827d8437de27dc75d9f8b77dd2bf9e49aa03e8eff6c4eeed7df63cadff6d776ef0b2e822fc52e04cc77bae08b49dd9be9262447fdddc177ab22a435670d6bbd4e1", 0xdc}, {&(0x7f0000000200)="e7d310c0", 0x4}], 0x3, &(0x7f0000000280)=[{0x1010, 0x104, 0x0, "1a7995d43fd2e7b5fbb52ad1c85d36254c17f9935a7d256002ae3a3cef087dfbf3b11165b7c7986d8e9f0f423050548c475046bc3832e82bf5fd01787057211b4d5acfa266cfc4699de0c9f5de90ae1b3dcfddc06db0a7b730425dc3f9509d9398f157af63a0030807f5ad67c7f5a1d391280025ae14fdb0356856fa71dc033731b53a4af33f76a88dddc8d45308a37ca710e4a709ccb49bff6f0f6faba1431625f0ed3b746fb86b5127ac3d42c69a4e81024f0fb0a1735239c367fb6a6c62601b2e2bbfdc1327200c878723469c264b283381363573ed8f1e01520b4b1edb510ab8cfbe5c4d40ac1e41b3b1a8c43384bc8657ee81763518701bc2e96d1e4808b986179ca869a55d5f239b24751887f94eae8bbbe59657798be411912b293d08c445950dbc5ebf1efdd1c9c0bef58dbfd338e1856a62799c6ab1f35114dc1cbb811a61206848ac110ac702d554ee5653fef0c4ce4ebb0c9b08f30c42431cdb114b59e065e324a03e97c0733984478d3bd1382d3f3b77276be3b29662cc3dbf2ecdfe2e03030a8ea6af6e9d3e237cd0fd473703a0d78c7e0e4495a316560f44f0bb687281d3085e244145b0d23a1e213862848605c72c9bfb79daf9deede1428cb864cc516b3aba636f6d25108a97128a204630c85e8871df43b2e17e3bfb4f7283eaec31343c5bf0df7abfa4e95a19a962df6a5f935eaaeccbe27ee30b76add07f39b29cc7b658b896f453a1104a9321007104ea5b46b35061471392e9640505f08a5c8a285d05472b74060de40b760583724e49ab951c51814250a69cd66f40e9178e525c25365b84a4b5da24249ca406e2d181105ee0cd0af0bff447381270cc93c403a03670085132c4d4a07a41282944ed3ae30885a3edd1fd6342024380ede29de507d4e5b60af2f4c7b321ca067f14bb6736eb3583a4b0e60e9645981e5817da6a709cf61cee0d8a81a6052a82c09828e0317bbf8e669f09a922d7b2ba29ba33e9a6ca35a2f12741c1d38fb4d4b4b98a7a6568eaf0cbc66896ec8ecf44405a902308d531febc0b863587de77f6836792f6fde9d85b5feeea6a462d703e994f1bdecf4bcafb147820c1aaa6c42fd3ce49633e3b08927bfdefbd0e73aaaf502c30e0fd8266bfd8e86b592f10af2d3872c191fd16ed23497e7f522bbf5d80bd5231aa97ec423b9235f3f96ad05a2cc6410610c8913ea676468e23f86d2c562b1e7e79ebb6bb40f1a614350dcf32601f584faa99f8affcec62c3f0fddd83066dbe52a999a2268274b791bb58cfc117b9ce68084881704f67fd4408a3d0dc4c21e03424b0e2fd3f4ba6863afdec98960e1de529257c37ff0ffb50ce9e811676dca0fe0c05d2b9574fd9d98ef1b01383f257f96f61cd361854878a0eff93bd82d2e3bc8d85f30f995e68048b12bd8c177b43fb68b087e375945f22dd44cccf325ff6e866fe5c0d1aa010c025896865d2c21f55e20b6a4744d50d560ea2ed327d949f1fb49df89e7800a00d7a5521fdcbf680f48f696e62aa71b967a7547f82321825a3f6ce5906cc9e082369ac4468c06028b2c50942d80e1e1119ff7018a0da6579ddcdc62149d49bcae89f6d8c8f2dc72f08d9bf9e061c880439fe9a13d423eb7be277079e3fdb70f370a7fc74e20679bb08fd3fb6f3a8c5c55d2e92c80fab2e4720c42e7edcf4f41dd8692d4074e32ef262448291b0072f0b9bce730f5d652ad321865f95848831d4cff149dfa940bacadbe1148a76a7294c3d1b91343100668f3d01444684400b484e3d2fc99a3d968e4bf279bb77b34a44769bd0abdbe42e55ad6c04a7a3d1831fe1c8e26f4f90cb88d61ae1beea74b9aabae3fc3b228f8cf609fbad400c386b17ce2a9d56c1e7361e1a841d87e9693e6836fa0825653d2686a4fd649a6d1eb6f8eeef86cc75059aab1ca1dfa6b466bb887369961d8302107b078111d33eed863ed3c3a5344773a8afdc1b08ceb3c5d28a87f612173cdf59f810055c265ede05f35d690e49410d95ac0de08ef5c28959f0469c6759f4a059aa66a0e982f286ddb8bfc8ffedf4d6ec3457e8566c25533b8240d1d65a96a001ad6c4dfa3ed1a1ae4440a99da66f7cbd7a7dbb7e0e9171ebf5c4cdcecce517ff0c7475843b0dea5ebb0895ea524beacfce988582b596ec3e4f51f20e0c16bc1ecab2fbd577fac25ad07f73876942e902147ed3e83ba6b3ccd3ee7f4af9e52c31ca94dced9b153a4e9238ab9310be15e786666ac9e35961c0f526cdbd5ad994cbf2ac9f782c2147d143f449b8953ce08121ee54844710017ed8d533bb56ffd4fc82121afdecc155777badfcd2fcef4622655d13eb581813fadc4c75b0d8b1db13c7637a14a646b465e005dd170fe232604e877973bed1d0986c9bb2e8917c593338a3dc3994c160917c59f2e1d01954c80b6f6fe2c2901098f6b82fe09fc75a50c9011e0aa041c01d2421ad5e65875ed009862beb015a59a5e743dbbc72c95bf8a0f2855abee902655b9cc141b1d35fd2080ab32c78e3d2b0bce99a5efafe7a31ef93c6045eaa8a0916b87f3283ef45ae800f358c867f2acdf69ef383e4cf6dbc239bdd696dc4d7879cc4375ff43aa0f60caca86663423e868baec9e0c41124a52487aab14d2364aa0f33559757986f2316e4255af0e06b8c48dec5f493796b362f8df3fb2719932060a1b8a30ae6cb5cd39df3d8e8617aff315faa38f48b7c3c2b600b53f891832bc906e9cc72c0e8f92d4c8102fd10851c9cdb0e027c4d09b9044beb14e0dd87c9875b217f5d9716054fda8282eefb7ce805e6f01064d22acfcf8d804320b0164e6bba5e6428136f092ce50aedbd65144ba51a33c59b44e156e00fe3524adf5f4d03505124fd805f070580807a1c4743f2abf8031a36512d0939a8f4351efec08b7084e98852d0eaae89d8ea332ab2e50d4ae88fd9c923f0f21acd0a735e272d6f0e9f3c9af2618ce73ade19ecfadfafcc4c6a9304450b39ac6a8230e3744ea1f98e20981c2bafe0f33daa095f473962b4fb024161ae13b63ad612ba9c55b33a3c0bbc662e367d7c7fb502762ea2dae6670edfebb289361795f1af8a8eee23af0d38ddf2bbf60a7203a29629eead5952795197c444a5078bdaa5cdc5ae2344e1c911e593a33f5dce2aa859cf3224e25c609fba16777e329399176ad86f434372f89602b8ec00abf48f2de379d95b34abf29be06b36160326376da7f9b13472cbf550823243a8cda52fde5982a1231b77cce8b638e3a057b398aae1b9153c7cd9bf4c9ed9d3348a1a3979a88bb7c62e97b743a065884fad20b4b0a8e28b75eacf092ef846f46128f3fa7946b90bceb7cd14b2e95baf644d592cd9bf39d8d6fd440b690dab44d7a4de41b71eaea8c646ff5de3297e931ba5e0d08703ae6809d242796c7b35c451f3c236490b9e401b808130dbff3f4bfea33a9f1a936be4f37a62822c463fe0ec2a2c24429916edd12da93abb02bdb7cd1baf978a4d487612110462ada72e1cdc152aa2bfcb28b68e8fd12aa8d6da271daa94fdb89b55f64cb803bc01575e215d4a8f66360b43c1d0be43a357413aad787ce820ef3836716bdf6074f985adddf7fefd5484efa9f6c1ba8e67d05e85af90b187a97ac96e637eabe4fe270935967ab75c03722d64a710b865dea53cae3ea65e5aeac6faecac67dc7d0272a1058d9cbfb64d99ba95a0f08936752462bde139437ed3095c9903ea2e05d164040e592fc3555ead5939552019eff0046d28e29504ae17eaab54cca787d26fe1ccb1d16305546aa97236d91befdf8d61fc54fee842e6dd03537ffc6848ef8fd0179932ac8b8b747e347f66c4a347aeecbf4a84eb25d697a7727c8a3c7227375b541fe967ad0fec4194ac90b074c60064ef09dd30935000b479687d69c9cbdce60e0511a4992a49ff2fcaf7d1321f119ced09e85875e08015c09a31e47fcc7b814afd30b7ea808ab71927e4cbbd59b20bbec953e583d9a2214a9dcd3ba3839f4d6402c40c5edc300249fc9246db0c84b93e81b4c80d50746d4b9ca8eb82b1fce05e28aee99aed88cd3fd448e112cf19e3ddd81b90c3f724f4936bc912bc7f86f756a666afde725d2d8cfebc1f62faed879de7afb0e35b0040666e76d1fad93c8edd415c6caf3e27c076621afb3e3f15104755017e83ba04128cfdabc3ebf90e85a7f0b627dc3c5f24bc5e4eb4365da2792bc6fd8005b86434b80d566309afb0bc98032228ca678db5551a43d13bcf0a61dae73a8f487e97eff0fdb663f2ed337b9ab35ad1f3c9990c53ba83feeaf9a7dc255903b5df3944dc6b14be7133b44b58dbcdf512859a221a2bae6b5e8dba877e3e02ca4c66820ad8ff8f39f5cf1f06593adaa6680f25986e49002c5d0ccd2b76288c1f6fa05c95cc5740484a49970edb1860defe5873867fb00c6c662e26093d1a0ba12bd1bbddc103b13f274287c99e91bbcf1a8e177b139e8a2d83a12350e57c0537183687ed279cef7d68036122f7bc3361660de7ce2ea40e7e2e37d87f783c1ce7bbc7990422ac23c9f67941b1b715d4f1c035d154bfa82dee35fa601d71438929f9a5b046bcbdc0497cb907c2a78784f6c1d66365bd6e0d2d6f53f9b31ee47a9927d6e151390922c1cba3aab1d712ab4b3fe3b2270926c919a542804e2fcf999c9cb7d0cced8c5022ccee7ac9be7557068e4054b8795cd1d861b8e2a10aa35fb91be91c419497b6eade86c515dc9d2769775b52c49f85903fadbccf84f562180a39b910da12d6c76af529e9b33a7b3931b899ea5bc4964e127b6a5b33fbe500b854ded9894719e2f1ec32aaa8533a4bc28cab5c72f6e8e87cfc81f4938768e4a052f33039c6b06bc6d0074171b4e7411295f4678a37232e355874871a617871fc6fb6815419ca4dfa01e033b9dda1ea0582a9506744f6f504dbc692248e8f3065b5b759c5e72b723faab481587318a938086b02ddd2ba7adfac77a78e5f8f3735da1cd6a4cb2ce4df27498f87915f41e74965fea2c79b241d000ab9baf82d132acffae8c5b306d28d049e5105f61f85c078d917f5894cdb05592a91f4f58573d70b46a4887087b235e110699e3a0ec587838277d296afda8825ad9026efc4d7b6b1f6f242b49d3bf3329aef4a1fa9bde9fe02521d2ecc5ac654efd0c5d9947eef10f2dec6c6d955c0462fb5b30ec9db123dee01f3b5f585417fa6ba29e6560497290eb635728621de4c1c874ecd620e4db0788b9f83c6ddc8d29d33b7994007b0b3f18a33e1786c797eef826333c1576f55e33d01052537b42928e971d4e84215d73e86116bf5351d47628f31b5495f4bf3cc336d637158f5e1cd0466d4794fc16f90592a7ac237e2e30d9a9f4b93f19d42c1ea0549daaa131600c808c3ad47fcafe36a204feb641a9741bb70d0cc1fd460a04ea76ee0f4078764bcc3487f497f66281fd3b24a9658be60ec387c7a7c35ad6fab62f77eb42288dbc48783b5a8ed5e65d4b0dcb870a52bd05e68399b10179a641dfb697eb6e136b2e91e1ab84559a0cecf40aa7eef26b4cfb98e3b319a0d2f64aa572398b1b67829d1c0566d82f6fc5a2f958a6be063c744bc97c60ebf7cf37cd255ba02c6cf9a1ca17db0e56d4806c1539e754a31d2f1bc516d33d271bf499d4d4fca308ae7e4da237e49337aab4e2e6c841be81724e7d4d03cab20abcec134b07dfa5372329e3bf516999aeab13e2405f91ecf3728fd233fb94e158be5b6d61a904da9f88f576b28fb18bc8f6054c41504cf96d4acf34abaa6a9aeb3caa6ff4aae1644ef40e02a654a000032d48bb966"}, {0x100, 0x3a, 0x18e16690, "6906f18e2d2942cf66ef4cc7b3af56528413778edb5ddc6b186255e7c49df2525c079c4b00d671b0e58b57964cc5df11822ad1023b0cba8087b8df3da078be32b8c4598c8583485145c3af14af09a553d4ed1aded5cd93c7e1c80ccf1cf50679732cc54465f30611586bab5c9dc57173e6be87f3f6f5f96a8967c0276ecf6b4b59de816acf1185c2c2822b02b2c182b1276414281ff1d117998d31472446b89a5022227aa12996cba1fdb793b0b8d4dc776923041b31bf4f2689c378a8e79a2acac388c0fb980ac630dbd8fa55c63fd74109fc09ba22777fd9cf5bbd6f2ce54392c61b29074afdd4dcbb8f"}, {0xe0, 0x7, 0x81, "a72bd6026cc16f91a92bb427e2449380b4c60f0d5069063ae0b951f2173c8a5c5239ee74dd342026032ec04cd6bd7c5687b01a6db26c565b24b520257f5f2a98b2f643931f3c4b005f871fdee7528c76a323dd42a93e7e3f2991e5b715ff36e49893f8566e8c694bc17709536b4d23087eb50a1fd770c1a5466cb45fd590e22705a9d72bac53a782796dc76f391b9988005af6c5557b51be5c9cbff1e75c7f87acdad569fae95ae39fca1b4212c9e5ac8d5b05f1db8739c3c5522dab51afcd2426cbebcbdcf0a43aa9e6"}, {0xa0, 0x113, 0x4, "c6179d0eab6c150fdc2490d42d94a20751a257188f371b7b13b017e203402b31d2a51966af3aba85bfb9aa0b08177eff729986f5b57f118a4aa6b94599de54d326ab7abea735106afefdd5e129ac55677978651ef77019a6b72d405af227e6e2be98dacad4b6f9664c216c939a76f0fb9817b6565c5689acdfe595fd78d395ff9cdc6d27f317d80b47ed"}], 0x1290}, 0x4810) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x0) 00:40:06 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(0x0, 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:06 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5ff0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:06 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:06 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x88002, 0x220) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mkdir(&(0x7f00000003c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) mount(0x0, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00') sendfile(r1, r2, 0x0, 0x800000080004103) preadv(r1, &(0x7f0000000680)=[{&(0x7f0000000180)=""/169, 0xa9}, {&(0x7f0000000240)=""/199, 0xc7}, {&(0x7f0000000040)=""/84, 0x54}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f0000000340)=""/12, 0xc}, {&(0x7f0000000440)=""/242, 0xf2}, {&(0x7f0000000540)=""/185, 0xb9}, {&(0x7f0000000600)=""/91, 0x5b}], 0x8, 0x66, 0x6) [ 134.073429][T12002] loop1: detected capacity change from 0 to 264192 [ 134.080906][T12004] loop2: detected capacity change from 0 to 66 00:40:06 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5ff1, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:06 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2286, &(0x7f0000000480)) 00:40:06 executing program 0: bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(0xffffffffffffffff) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}}) [ 134.083573][T12004] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 134.092572][ T1040] loop0: p1 p2 p3 p4 [ 134.092677][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 134.092694][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 134.093041][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 134.093234][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:06 executing program 0: bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(0xffffffffffffffff) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}}) [ 134.105337][T12002] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 134.132364][T12004] loop2: detected capacity change from 0 to 66 [ 134.132890][T12004] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 134.196874][T12038] loop2: detected capacity change from 0 to 66 00:40:06 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2287, &(0x7f0000000480)) 00:40:06 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2286, &(0x7f0000000480)) 00:40:06 executing program 0: bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(0xffffffffffffffff) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}}) [ 134.270600][ T1040] loop0: p1 p2 p3 p4 [ 134.270715][ T1040] loop0: p1 start 1 is beyond EOD, truncated 00:40:06 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 134.270730][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 134.271292][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 134.271570][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:07 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(0x0, 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:07 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:07 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="1c01000019000100000000000000000002"], 0x11c}], 0x1}, 0x0) sendfile(r2, r1, 0x0, 0x100000002) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$LOOP_SET_FD(r3, 0x4c00, r2) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) [ 134.295431][T12038] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 134.351315][T12038] loop2: detected capacity change from 0 to 66 [ 134.351850][T12038] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 134.437363][ T1040] loop0: p1 p2 p3 p4 [ 134.437410][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 134.437454][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 134.445508][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 134.490996][ T1832] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 134.511101][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:07 executing program 4: setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000000, 0x110, 0xffffffffffffffff, 0x970ef000) r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0xf87e3a0df94740ad, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='illinois\x00', 0x9) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000000c0)={0x87, 0x16, '\x00', [@enc_lim={0x4, 0x1, 0x2b}, @jumbo={0xc2, 0x4, 0x3}, @calipso={0x7, 0x38, {0x2, 0xc, 0x0, 0x5, [0x3, 0x6, 0x5771, 0xa55b, 0xfffffffffffffffd, 0x0]}}, @calipso={0x7, 0x18, {0x2, 0x4, 0x1, 0x1, [0x36c, 0x7]}}, @calipso={0x7, 0x50, {0x2, 0x12, 0x2, 0x0, [0x9, 0x20, 0x3ff, 0x7, 0x2, 0xfffffffffffff3cd, 0x6, 0xc3, 0x10001]}}, @enc_lim={0x4, 0x1, 0x3}]}, 0xc0) syncfs(r0) pread64(r0, &(0x7f0000000180)=""/87, 0x57, 0x4) r1 = pidfd_getfd(r0, 0xffffffffffffffff, 0x0) fgetxattr(r1, &(0x7f0000000200)=@known='trusted.overlay.origin\x00', &(0x7f0000000240)=""/45, 0x2d) getsockopt$inet6_int(r0, 0x29, 0x18, &(0x7f0000000280), &(0x7f00000002c0)=0x4) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x4e20, 0x6, @rand_addr=' \x01\x00', 0xad2d}, {0xa, 0x4e24, 0x0, @local, 0x400}, 0xbe80, [0x3, 0x2, 0x0, 0x401, 0x1000, 0xff, 0xfffffff9, 0x3]}, 0x5c) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e21, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}, 0xfffffffd}}, 0x0, 0x0, 0x17, 0x0, "61f01dedc000904b16e3c8d2ead205699d7492224d6cc66c0c30bc57999580d923957ac96db11008bebd5a514da84cdf832a9f7bd20f25a4ed3bda79dd0d32f888c7331692a235dab5913a4eda8be18a"}, 0xd8) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000480), 0x50802, 0x0) shutdown(r2, 0x0) r3 = signalfd4(r2, &(0x7f00000004c0)={[0x5]}, 0x8, 0x800) sendto$inet6(r3, &(0x7f0000000500)="22919097af9856ef4b8f151c98f3423795abec0a7ac4b57cde9363bad402388af59ea3e7e3f8eeef567f47773cc107a240df5a8a569b0abdda2c5f58a0fb39527e7297e692577464f426c00ce8d1bd38ce7c811e2fd275b54af82b3e6b020f0e99ec7b1e272974f7e5a6b766c2deeffa52f85bb00aa375a6ed8ddd7902c9f6b43215b3feee010584738d97f69e5534510bb1fb1d117e7a55ddfd2862bb8ac233f3c95afd98186b4a8680421a7c97b142635ca2bfbad23e25ae9154414e182394145ba0b3c25cacf1825032048598c734c623190174d48accab08bfec3da46d9a64c157dce700dad417cd43f8087ec968a0d3621e71", 0xf5, 0x4c04, &(0x7f0000000600)={0xa, 0x4e21, 0x1, @empty, 0x4}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000640)={0x6c, 0x9, '\x00', [@enc_lim={0x4, 0x1, 0x3}, @hao={0xc9, 0x10, @private2={0xfc, 0x2, '\x00', 0x1}}, @jumbo={0xc2, 0x4, 0x1}, @jumbo={0xc2, 0x4, 0xd}, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @ra={0x5, 0x2, 0x7fff}, @hao={0xc9, 0x10, @local}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}]}, 0x58) epoll_wait(r1, &(0x7f00000006c0)=[{}, {}, {}], 0x3, 0xf26) r4 = socket$packet(0x11, 0x2, 0x300) sendmmsg$inet(r4, &(0x7f0000001e80)=[{{&(0x7f0000000700)={0x2, 0x4e23, @local}, 0x10, &(0x7f0000001d00)=[{&(0x7f0000000740)="7b489d338b33f944a194a96be361c07893eda8e66e8fcf6b79b97b68efef533d0f55af2ba083559e2a30a9f1b93df2e3addff90209cc76fe1bcecd607c46dc3d17eb69ad26b5beebc4eb3b68cc2a672d61f9877b61fb79bc3cbc6a93f4a3868734566e2fe43da7749eb0725d61cfc6ba072b2d640ca357746a97a6678e8348371ab0dc20dccb", 0x86}, {&(0x7f0000000800)="f74309b256c10dadea6e0fdc3e70e4a6e207be4c3bbe929897f909f6", 0x1c}, {&(0x7f0000000840)="e07fb3f960db5b6f3672402c377ba45b9a76a371c85a1a303652ae99f5303b510da1c7db23ae26ceba9dacb7508523263ecf4cf169d0f87dc32b8d591868d6442e9b660f0c3c4390eff81d645110352edec2c6d4d43fde88821418958ab65ec46bd13183057175cc65d6d3f4ce96f1d47100ec49671db33eeb2ad43a3ee2f3c3923ac6643aac2821ba9073dffe1639a096556e15f4c94b8cd028fd212c7ec45ba5d235903e6b412e36729c73509b5bac78a2653d32c2de9a4214f7767c677fec4ad4b308e829f49238307380ae5e938572c7132de82303ba846228c67d77eeddf4adb223fe3fc6ab93bd6f96f31bf1024671389121d6ebd5694d9e306b8930f235d9e68c57147085b5b1996ede8027d972a06cf19ece75bf318e4f272d1250bb28de6facf092c3ba0398711f9b5da3e5b5932a7e215e4ceb98dc3f11ae571ed4347355559969c65b9b1790ae39a7bd756d5b9c53e3c4ae301f7bbcfc59df9dd4655f2394dadc35acfd6f66afd8c40202028f087308f43926d54504fc1b4e9816e92d51854cc24f4e3494aae62237817a0d0953c07035f13533a41dcf984e6198ac9627766886adbcbd81bac6909a694d16eb169e63caf1bd77d3a528a74ae0fc40220e489ff23a7288eafb66054bd3f9a5c63ca2f73b6603e7e85c140404fcbdb61cb8cd6ada07b1997d653293f37609acc20d2e69da7cdd97fd6a964cb206b6ee82d904bc89034ccff0c9ff2ce5466caf9f6cdb2fdd9ba5db24e17eab86f5c68ae4fdcec165887deb5ff25bcb8486ba52cf45fd3038c9dd6ae0b94debef13c0dcf99dddd4e26bf9d506ec1b501e3bc5b73b31a19158fb5ff39521860967119df52155fc2f3e33e5a35fa7f378fd3a374b08d1eceff50c6bfeac085bdf131510a4ca6b2b222fc2f4c482fd54813f75d6e6361eba56453f1279c2eec34ff97caf1573195ffdb3c5e02e51096fe0ce7d405a736bfcb5460f30d1d516447cef5fd41f476e1b0fd99657934ac874be991e51fd2d6b76665331259d5c253948f90f65336c2a764f205d20945ac75a2b3da493132431ac96b667d7d9979f91b0574f1cdce2524b99ab09b24f3471ba32a75f7f5953bf0cc79b234661c7674566abd1904162a75504246fd4d54fa48fdd3e0b678e9e11e5f1c4200ddf13256fd3b9627a6705f2433cf6e45d9ada77ad69ddf15931158bbeb4bfb8d447743757a58010709e9dc888b601ddb0108c03ff073141833d6113f4cba4fe6573f287d406c8b96316bbb5c17eb2af10046fcca3b983f9cba3cf488c896f1a5ad10393abac9f14a94a3b8bb8231da0da290970276a0c6ee90bb1c7fc24abe4e55bea4d624e7da3e3a07e0846d8ebf30d9f3884ef087ff1626327bb770f49006c9d9846e4c257af087e4fb3b738b5a165ba48424871c9731d6e872c9aac405690c5b22a60a98cd5512a3a9b993344732559935d2f2c1aa56508f280b6168b698086f45c180512a49fa1689b5ffe010dac315c2d6c9139a577567d059f906b2857bd3164a893dafbc183466b7cc0f875ba8b4446b8634ac30f3c74335c1db9d37c5a0571c35f6f93dfdb0b1a4748b70b88c51173633cebecbf100b79f86651a7b9d5f20bae85fcf7cc683b30d4595322e9c4664e53598c830b325bb8e5fa48901af0bdbdb792cc43d6c440ad1c6ff468f061bd1fe3cae865cbe57bdd1c111f7c94704b90798e7baa640b61aef63b5791874503dec56088b5eeec716bf83be557f2baa89364031e8f962cce52dda6d13ec5ee9becc823382d953e9d0a09fd77c71a27a90b9242ed79899187e7294e722184e1ce210a2e26cd30c4963650e0437544fa70d8da1f8befc4ad770e9090ade2fdca4f681bb12364a1cd0cde01b23027ab0857967566a19ed9e381f455bfee8bbcb1858c8fe5386e0ee6b5f3023327d04f512ad6f710b2679ff18fc0cd08266c23b0cbbfa36abeefec329b17e1e36cfe6c4f2c56da0f0e7c2e22b7607d1cd6267c087981e8ed9164856a7a2021997a6101fdead5220cbc07ea10259ef5dbdfa62bf4686a2695842674ec50ff61dc27c9b0649914c463da590368ae04931eeed08d21734a97aad0ffe8c61f55799b3abc047acdd8e48e19ebcba9a133e9aaebf55b61864b4de7fde93365755bdb4dc12c0fc88147996837e277d0ca562e269d52f12398d0759fb1d7843a58840bd532577d6f2f317088d10a6dafcddd0f3cd450157c7f5fe15a11ed52eb68ee1dda9019809511332b72602ce3f180c416b75395e2f34b9f073fd9be0d61101ca096157e516fdce5351cbb899849814f2747a64c29e3af5a0211b5176f927246d75871a7f3170de4c5b60e5e9054cefa16e3f1182fc97c99e814b586d3ab2756f1e8442de4ae6c2215c3e852e7ccd5f6e01a0f34ec4644a3386dcfcc445f4482bcafaf5b0130652bca962863027f06974719e8af8fc1d8fd51b0509a690ee2a66be5c5a8a57f2c22d093a29c6723f6f3afcdbd24816ac920327111251e2762862d323b05e6191f3ede192bd3ad741292cad0b5b18ecce8641181cd02c7f3ade7674da231c23cb3125ff14915e3e5e94fc06366ba9d814ef592f93dc0f6de1ac519f493c60bbd10e362ffeaa71a213e4695ef1855071b82d95663a0f56b80fb8ac18e7f6dbd8bfedde1f4b8624f95483a6a12b79a602091e6145ce9eb4e2f80d22f6abcea4799bb89798d0079c5e6a003d6843b6e7142802896e81bb02b9d33d0ad460b9c20865ff2ff8ab38f6a54a07c16df7401df693bfb074d31f7399dbfd72908ea5f85161c3bb3ebd46fbdd320118ae31bd20ccdf00996898615969e97e87bb41754ffbc18b30d602c7ebc206f60c2410b42b01e00150f61f82806e144178d292ebf226b40eb2cef78fc3643c558620cd866f94f8446d36340a0c0fd74746ef29a661528e1adc8ecdad06b75f84005561d305236874bbd2ff132db023a63eafb206b346a5a3283abe4096a9711047004eaef2891085dcb5fe81d0d8f7d1a93571c271e89621b428e4518c635d729b05fe07091555c747d92cc3d9da81a540f9c6a35099051016fe666569a1b0c8f0e04bbd167c6f89de38b7b53652ed5bddd669ebb048375ac9bf615fea2ac62498700dced8f6c266732d948c0f07b7041122c5ec571bb4e7018c2d6c941baece71fcf54144234711f4c680343013019f769fc8a0eea1ab1b5c0a5e7166a6599adcb6ccc461e7b5501c7c2e7002ae3776048076ef0f11d4016d8f8b4e0f4dcd824329d5d1b06660e7959fcbbbc5b7ac582071168da975f7a4eddfbc6421fc695bb8d56a22927ee25335d198643df4e1b6325cbfec2af7f5958df5fcb5856d1f5ea30a81fa1d5fe8a8ca394d10330cd1d3f36ab09d10847cfe777f6339691202247ea4908aaf307ee739c0f910d0b731d3e765391a3ad4568bb65c7a8af2287f7dab7755607b65785e3faada65c35b5e12584a2cac68e78aa5b9ccd329674a3746badf6bca6d6865dcc103bec807f9d3623d7066d99798e4a085ceb3b985639b5da53cac6bfe502a263cd01ae24f9c18d1c51dbba9cadfebeeaad4ce2c829a233ef7ca46bfc516a43479edb5613b49d3546f3d608eccc7e6e558b7b515254ca608d40bd084e592c19486309f0ee7db4b4022c1dfce33223a1c1642d6b798f7c8c506622e375a7876910d763115de0b6af1070a4aba1e540a132948a9743644faedea4310eafe1b09469b9d787d23a9ae883135f67410d16e9b77b1c900746f625804c0f1203208c8ea34ab896f3930594903a85af1ed3d5b4b75f76e0fd8304b423959484e4d9349025ea56f983b15deae1d5d7e08b72108a088fdfb611f447b951296e91f25797d675bb84eb4026f2bd08c2c91ddb3039a29f5b5653b3b656c6e783b877ffefd502c79b2828d940708dc477beffd04f370411493358494005509c200dad2263a69ba276289f48f6fe6011561b606f7fc617de3eb3daf8c016e6bd46cfc49859f3e5a02ed43c42cdc40c73b99e837909a89c310b39d331a9699bd3d281313e17a342ee2a67706da9a973f54cf031cd8f583d29b6bf7a7bc27a647a7d3cebca1d3b4169f57b8ac227dbaff7e51321ffcd22c66c626eb77cae12be1b20707b6ea81b8f42b437d8ec820c792c91b4e9a9629bdb6b9f11fab6ba29c122e7ddafd70cf80811d0e6bac04b9f67d9ee94573363328c6f84b6af4f54a7471b89f579b689fd9d2e9c60e2e7de1186f0fd3240993a277f4e6cef1a7d61483aa852ca7411e21eac3eafec635f26d3953d3b145b24445791678e43d74a60384b443acec6b627d41bffbef0908dfe222ad53eead33b9a0d023770a9bf14ec6b6a0d0713c237f6dc92271a2b335995f63abec4b4693e26a3fb418b6a6d927b839f5f3d805d697cac0b6a33b95eccf33685edae8c1edf3dd68eef3a0d2f9a0fdd99f09ab7ed8238d2a0db050cd32e18f7c057518629b8488c91cde447cdde8d8768f0b4ee627a2be66a2a76525c34306214eb381c53ad914addf37020b068680e5cdf4f742a9031ccacb2ceb06edb6d6a3a31c7937e9518ae2a9c9c67291e0ff97d0c0bfd4338e4f79b46470c89e9ea3d2a5b7bf13786cc73b5194a2d6829de0492d2ff10366026c8cac90602e3ae83f6d9742d02e947e696d50cb58feae763dbf62ad1bff83459d57d7bbe87c688a84a19211c1b5a38c7b2dcabdf750284d5b7745443d0dd2bd37083bebc5be9e506aa742cd625eff270987ced7e6ddee9b05cdebd763bb35913286a966ab443ae030847171e3d50ada181bd559d8b029fd244d2a5fa5baf8185d8780418da5526996fefef0cfb276c4950b1df8fdf049345ffb50627151e82ab2e2dbfa120899ba399fa228f38676c23c81875644984059dcc35e76d695b6b50d438085be18d5a11dc03a9d08142b9e96ef56272492b3156d1e4b76eb25d9cd059171f18262a50f9bff063202cfc115aab64fdb5fe8837fca8584acbf660e0a15bb66950231aea3557312387e8ba98fc013369db01b99ed84518c051dddaf63fefa8a5f26f4f3586cbb4e5be28f35c67e64502326ed71a30f066a31695d2e43665e1790cc25ce0965ba77287846a175352beefadd7d84a2e4152c6f74b37d2101cd72bdae1cd04bd459919d1d260f8b1a490f8d941ffa3e64e4d82e6e4f47881bc807c452d1901c1fd19118fce97498f8810e8add8ef4291037df703ce321e49dc77cb0ac2389a8a7fbe79bb91534525a670b92a0fb3051e43f937a2eda2e3182e324b2fc216773c22bae4748b489842dec373158a7c9d38aacd9e61bd047b8c8a4afa6e457844291629353d976aa5296127fc66e605b7d862afa55182a728f8c5d5db501232b99a109490671fa3f12a7f4f2789008b82f892368198b179ec65a8b402194add26081277df53d072f2a46a8b440d1c8e5e2f04d7c0e20261d754022d8c0ebb57c1585a4be1954e1b9e57eb7e2ba774eb3ae5282ea782bde490df1d1bc4f290865c4007b580c9e0921e69e6298cbac4c930e0b4706bd9ca06bacd2e204f80a0caa7ee006f699e401dbb2b5d6860f147b2eeb835515de26cfa6aba1246cd4497bdf6ec062f541cf2c0a2b6c6caf539e8ace8f6683d35b46eeb676d903dda6d6dbdb60e665b1775f39a4364d683d0d73162e9bb0fc8b440230cce71bae3dc4d6bb1150d279ad99a882a4dcb3e69d9d973d9bd44de1d504b5c1915d45621c91cf081a951d2843edeb9eecaf0103b3925d418d086d0f801f9c38bf4c56287aa08175a9c5efc3b0702db6b635b5a0a264b457b33f7", 0x1000}, {&(0x7f0000001840)="92b16d424cbc8aa36b386d871e2067f8eddf13bb82b800e28a97f3536ab0a516d8f52ebdfa0e54ce4ec15f2192164bb5903d56e1921287f7c6ac2f5ea159c8075da3d6d20d118c1cfc0afa4ffb94992e93cc266ea0123053bd58bbfb9754a486fe702453200cd774224e28484960a7d9e14d834dbd7902f3a41de1eb373ecc279f53c5d1bf8ef1a4d706ed6a2e8f820f0715669c0cfe89171c6c10a4045be841fb696c1b00e552c9fef03223e6d5215783d86d9b5681a390b43dad43198a1e9ea7cca774294309739c120d633d0257d8e29fa13fbc440f4bd8d0f5a0ed4a0a272c809c06f9", 0xe5}, {&(0x7f0000001940)="fc3b4c54f240b46c8c425bcdd389d59c3584b592472c9b9dc50756f7eda555796cc48aa4492022077cfc5696a473b8f18970ef45e9cdc6b97a94070b81589450f5bd518e64ff400d367ce7593c4a35deced94357b4c997e4670a29bb894615a141a3d2377018391cd7cf", 0x6a}, {&(0x7f00000019c0)="995699388b692953d3557c30f4a37a70ce9e3f0f151a1355e3363ad41a0f7c3e9e377ee90d890d7078082a96c6de636bd93ef5842a7922f3edbf960732", 0x3d}, {&(0x7f0000001a00)="e81bac68a037cd1e9efa5bd90ecf34cb2d4e0ab7e714ffa474c487821824977968454410b0dfeb59383203c47d4227ae9c4ee7277233994949de3b91686e5e3af439435b49fb03cc7a380c47cd060fcff91f7db9968603064861801ac6c301dd7df4349c5e240864baf5f58f9910cd88b6662308e69ac2bae2053526ef552135567f2fec4681ce8366716e6396122aecc63dd5e10b1a40186e0ca472685ff81cbc91b9250d8dd75e5c003ad0c170adbbc4f43df52976a2", 0xb7}, {&(0x7f0000001ac0)="9abfd26d8416946d60e7bcd6ca243afecbcd4412e237c83dc1d1a6128749bbcb425c44b0263371b129d7036885c3fbfa0e2f03d70a8a936d8640482f1b23bc2d9867eda77075f2d004a1b4881a7bbbf41d39de057f40430518b762f03262b8cc8e27007c7046fc800b6272e2ac5348fac3f7a76b45a351dd679239f9294c0111135048cbffa0b090f305095e6bd816707d8e563a2eec2c98104949b329934f893f22ae69130d58103be9ca3a8b5fef8a5de987e2c3e72f46f225cf820bdd851279cdfc35664e2b471b60b629b34cd980", 0xd0}, {&(0x7f0000001bc0)="647f643fca1b41faaabfd1da3f530d05d5ce6ffc1215a5d7ab078b239538240f6f591c78268ef47161801813c88d7c2c8f4437916029c2abbcbeceef8d95a115c95a2a6b0dda2471611feb47427ac724dab756efb9c732c1ecfc550f7546d6634f317ec7c1a6e62891cd840409308a175c1454c0713b6083a0e3e4bba094a290a830b78a9311a773ebf933b4d7ccedcf59421896dd3ea3208c4406b735fd83cb7aed3ee53b90207d86388f8983cfde0623aae4dbd0c6751b466aa1542ba7da2eab36d9dea5151d7e2c515898ac", 0xcd}, {&(0x7f0000001cc0)}], 0xa, &(0x7f0000001dc0)=[@ip_retopts={{0x9c, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x14, [@empty]}, @ra={0x94, 0x4}, @rr={0x7, 0xf, 0xd6, [@broadcast, @local, @remote]}, @generic={0x83, 0x7, "431088d7f6"}, @generic={0x88, 0x8, "935073fc2b14"}, @lsrr={0x83, 0x3, 0xd9}, @timestamp_addr={0x44, 0x24, 0xf, 0x1, 0xa, [{@loopback, 0x2}, {@broadcast, 0x7fffffff}, {@empty, 0x30a}, {@rand_addr=0x64010100, 0xff}]}, @timestamp_prespec={0x44, 0x2c, 0x81, 0x3, 0x5, [{@loopback, 0x1}, {@multicast1, 0x5}, {@private=0xa010100, 0x1}, {@remote, 0x8}, {@multicast1, 0x200}]}, @rr={0x7, 0xf, 0x9d, [@private=0xa010102, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x30}]}]}}}, @ip_tos_u8={{0x11}}], 0xb8}}], 0x1, 0x4009050) 00:40:07 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2288, &(0x7f0000000480)) 00:40:07 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5ff2, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:07 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 134.548237][T12090] loop1: detected capacity change from 0 to 264192 [ 134.580369][T12085] netlink: 264 bytes leftover after parsing attributes in process `syz-executor.3'. 00:40:07 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:07 executing program 4: r0 = open(&(0x7f0000000080)='./bus\x00', 0x145042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x1c1042, 0x0) capset(&(0x7f0000000140)={0x20080522}, &(0x7f0000000180)={0x8, 0x1, 0x4, 0x76, 0xeec1, 0x7}) pwrite64(r1, &(0x7f0000000000)='+', 0x1, 0x4010000bffd) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) [ 134.594766][T12090] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 134.602061][T12101] loop2: detected capacity change from 0 to 66 [ 134.626871][ T1040] loop0: p1 p2 p3 p4 00:40:07 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x2289, &(0x7f0000000480)) [ 134.650628][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 134.656652][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 134.673935][T12101] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 134.693895][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 134.705561][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:07 executing program 4: r0 = memfd_create(&(0x7f0000000400)='\v\xa4J\fIJ\"!w\xe5\n\xfaU\xa9\r\x8b\xf7&d\xa0\xe3\x9dh$X\x14se\x1c\xf0\xdb(\x96}\x9e\x1d>2\xa7\xdf\xa0\xb1\xf28\xd12b\x1d!\xa4\x0f\x9b\xda\xd8)\x98\xfb\xc1\xf3X\xcf\xdf\xa9d(\x9b\xd6+\xd7-\x8a\xe5\x15T1\xc8[Er\x1dF(3\xedfpe7\xa8\xca:\xb1\x97\x94E\xab\xda\x10XvF#\xae\xc7]vO|\x819\xd2x`\x00\x00\x00\rad\xab\xe8j\xb8-\x00\x00\x00\x00\x00', 0x0) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0) write$binfmt_misc(r0, &(0x7f0000000100)={'syz1', "06909c2d07dc5424d920c110c49393901879ebfe28896da9a268509f17cb0baecd6f196791c6c3490a358a2721fdd9ca6395e6b63aa1da498d37e2acf87c1d02d2926e24574b4d87d6555bf3484243b8141f3a10ba5021812680e9759b3f7cc5ddf4cb6511bfc5b0c3abe6a8bec390a969737e548d28009bd9f61e8f78e4149e755915f31903f212ba06813ffca93972c0122195"}, 0x98) writev(r0, &(0x7f0000000500)=[{&(0x7f00000001c0)="bb", 0x1}], 0x1) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000200)="2d13368a655ad4c3feaf02cde4b694d9becbad4e471fbf2ebb5e42e473bc94ae144c6ac91a7386a2863742b8d055b5d4f246807574fb6079e919ec7b73329fbb952f27a3e7352d05fdf28a0837fda7dd3bfd2015cb08fe03b47359d4fa7d47213fb94526273b2c3228f46d5022931f4e425b344912ab1b261802fbd1277028214f853c", 0x83}, {&(0x7f0000001040)="25c0c95be60d2866be00f500869b0f03fc4f3be340bf0c8fab12336740ae6f52ec1aad0f4f54302b346b2531f259145ac5cdeed3e51dba63cd2ea1e05320a83088cfce3bc951945ffda19c799260fdc0c4a4e72770dacdbfcddabe175b8cc8288282ace8012ad1acaa505635318afa974f4be20c4d64f685578de6e6bd20b8f60321bd0ad056833063ffe82c0a6eef4409ff44fc51226b6b49c3213e32123c01fc79098523594ae1417397782078370fb1c875e89438db0147838b6239040aae966cafdbc62e02c5784941e7d76cb1c9ad7dc49a008e08faf637715e0a5d69c15495201dde113c4a79956320e6df7b91443e72023afd6b0064976046f0657fcc9b40ed414fc43dd802bae1915a2fd2e01ae72136686f8654df81a7df65d717c03c4697bf3c30c4eb414531fb9eb27a8ac30b1a7ccebbd3f6cee3425403529c43fe98ba40be15d34573c4f24ac554f98fffd000f6f75ad375fef5f80890700bdc8dbc55945bb38cc531fbe97ce38bc99297caa35e16e0a5d230ee737cc74f0aecb60fa4a2af14e14ecf32133afd05183f1b899f8cef47943378ab08848dab86a1b250e9d6a8fac31a36452b436a92793042f5e655fe092b55b0cbbe6f52150b5b3bccdd9853a4b549755df46e6042ee13fd566e0d7066d8a148a55d77723cc6868cac2dc668e5459dd4b5031ead527d28ef0ff3630252ced0f98ee2cdea01530234cb76b5ba0a5221d457dde0bb6461df468459d9bdc2f6dd9398e908344165ffe518d9ac3fa06c2e321a7fc7f431e015c3f0baf09437ae0b0c80ff7622c5eea7bcec0087cdf04ff244103f779d15feb769179ab511e586fc66c2492e437bd01f4fc82be7031fc09175f4f67fa3a074072bc89f9554674338d864622a2b53ddb6ad45d9f2b2460bda3e562066d6dcaad0baa5e38abf6a78af7c7112665ba636a10feac468dd83a692d415249ae58b6c4a45997759b175ba90f5f45d87cf33bbfcb3eedee880d0b6d6a50600effa4dad5aa61ed82afd4a2a0cd75b44b18e1939f234bb613f63f3963ca031d168e66280cf85d0a87ee9d3518e61f5f33531ea537aa2f99516bd4c340f4390060345211005caaab40bee950c9aa45fb916e5c613f84cf5602007bf886e27d480c075e60a137da9b2da3b489a6366a37989245ef234aae40e9802d18128a16fa1e5569d5733e52fee3a8439f0b389a5572fdd1ce29af85758ea7a4fbd89b64854a35e165bea0771fe94568a749f121cd35b56bb60b14ec388dcc61853847e096000dda5dda1c2c7c1a7ae853cd9bd81aa23b8731fa86874e5a19f93b0eb736ebbd7ba543535710fe0bbc2b0f9a587cc1db40bf168f9069a2ed30c3e3aec8cdf71411299c552c6564cf4c825a3e6c51983c83e0539636a4bc0883fde98fa3fea9642b7a659557bd3475087f8270fe7a9b65f146c03331f6fa75079acee87d48c395dc8ab1a9570884f9320e8a2e4da02ff5919507c4cd1a74207afa3df82f899cd1a59d4d9114fba03d186e061d013854cf3fc3c6c96bfaa701bbf80e56f1869c226dba287e2439d4710ead1a17ab6843d8be7a99f8cff5ce5a845d75bc50a668613943efc281f523016ad702c5121a05189e4c3154103e11e3e35c3b8a6b991e4c88d36d124a208b41d13742460057d7f82c6cc4c9a8dc24f8f98fd7781eafcf84738b72b89bf032af686269016aebd9dff538b7485fd9df6e4db83426e997d4bc1547ff993c2a630823b4f761250ee0a9d94f05073989f49fe3bd300e13ce57f5aa4e8d5f4084dd580f3b88e156b5151f1e8ed47683f3f3c25d42e8afb250b439ceb81b748cc97c858c5343de37c3214099083a7cd834e70cf63d6bf48ebdbf1f9a6c6ab236baad23f52dab0b6dd3c4b5c3492c70dccb0f967c51d1c0202e5ed32557d0cf267682959ee110f46640c9ff3102e1c29dcd8b4045d1ee1e50bbd8782adf8af6a36b367d33e5271ff24c47d6bd9a837481e7f7238d635df5325a261c66fefd693ebb6bb5986d0261e4a331a0927806b7c08b0a1b6ee959cc6d0a663d61f1d0032c97cfdd4c888b10126412cd5641a5123e118eda44544b0475f0361fb15ae757bf6fc314d6e5022548b6dd9a27cb53147564b83f69b8ed4f41bb1efe7427292123b5947f78477acbd63e70838cdc4913e69edef7513a3a4028427290b461e23b97820fbffd6cdd312c842c04e8d537abee3fa6ad5970020c9c3ed7326a256d66e23d04238f507bd84616fa330fee02a166e2c33121eebd4efa1747f03038de742e113018060ec2d03abb845029f58b02b610eb8a206dd98e3d39e69689f2bc48cb22c6cd5ecff03bbe70a16a1d32945801278bb16771ed46a99f2ded640b2b987032150f9183705f3d872955e03dc85953d5bd17bda6c3f3f880c59f6abae62ae1950c18c88900f524a0d324b7fbfa9ff8eae2443ab234dbb68ac54c11460437076112f9a157295d2e7b08c46be2bf0785c143a671027f7dce66f3666d94edad34f0a69966bc0efd9729b33b5b48f0c1fd48ae9dff5fcf996ba5b2f41f0f84d514294e4759ba4ba53c021277d96baa321566f05d782183c6d90140415ce87e73d65147da5250e1271b8cd8a0817f2c96e0d6ccf7e0cf5e9fa69e1c94719d4d5326343ac27cbac004041f26668f14bf527821e39d5afebe7520fef54308356a17dc32a677ed744c11416e7a7faeb46f848da23fcd0acab48ef97d904bd677e4db02be4b80ef127d4b2a7e54e126907c08637fc891516353a08d8c6a4eadb0fcfecfd66b5c08ce9b2a44c28006a24c7d83f87ce541fab69761a0fd290e0432f2ae0b3f58263951d23727fe5182d694ca961f0e84a05cff4c5bb744977fc3595bedb2f186dc1373746411001785ee744cae383f0c1572b0787bf80d57153d3b4c2d59cd15eb167a6fd1fd8e731935c411c2e6a2f382aba4ceb1a56211c3c2b0c369a1d88bc7328a56dc8db6ab781cbffce3e89e80a1934f9022e22a7b5cd7aa90405c8546453f5b8b34ce17219960caa133e2052b8c0cb6faf84676bfeac8614046d487e1d0fa382fdb095d03de283fe1584782effff7ff80d8402890e4a51c2b41c181d5cf1d76930a95e3a09039d9194bbdc5ef7d6f9c517752726e851a0504aa199397de9014339e6c11dc843428c3b31fbb609bc9d24cd8542b5909f95e9548b6bf3a4411fae245e252673630a89af3c586f0cf9816a87bd645ebc58df23d3ac8341e1633dd5e79d2d09a77ad8bb2afb370093482d7677cf4d69f7240c4af3e333457c49e83b5ad2cdb320f1137db45084c1150ad5b56265cc2ca846f49fb2924099ca4e9c4f1ed3cae268db671c8593ae58efcd9b1f82543812d090cfa5d21e48f27f75d923d375c9555d695d86c9d98fb1345a4fef4f6ea710b4098f5afc55d205c8546485c36fa58ee895672a355bdc4d569f27e0f08dc599e50c696b3b7b98f5d4240d9169c6528d92253c1b30c289e79b68e7c0649a8a278223d772c4f8ff8985c283fa0558688d8ed99d9578ccc0d20f2cd5e99649d5154e4b9ae309fe5b6335e1005f39e36de9b07be58e312fae67c350ed679ebc372ae3dbe1573adb21117dfd20561d2ea2b37125609fa90ba90c56f89877dec063d1f38389a7a82862edc12031df1ac3f74ed41cebe5897ab2876527b35e5669a45d9364203d5d68460624ab27f927e24be45a12929d01a27b8b9f9a42620a921c42de9d7026f8b4ab1c192604e1609255b170b8d59988560f0a4aaa7d60e3544a3ba9301e1f5c65abed639b004c0e2755d9a4104bac8866840b2f82a04f9f1990c2cb14a19dc453e399c17e4494a9ccf77c1bb00c38a9c563a30f081e10c08c6d075a0cce4120f917ed3b91219a0c460ca4be8fceeab1e44bb8495032327e6dc4663914eea103c04bdde2b3afd29a2c1913f8d14ab068812c5a62b4d90ee33b6d7b34023e9aaa4a4c0b599ab91d11fcf7412d816c7613163a18e777c337cc45558b051175aa41434427f6583cd25d9fdd2c15360fc4d9a3df6ca95e45fe655c7987ed6a064070f46d56c884d6d7bc7c9018c09dedd079b6d753ffa615afb68b40073d3936664a84e35deedc702aff389bc3bcb7589b222fb53f64469c7cb0aefc4dd57c02c87dbb9c8c5432e6d732b0076a2cbcaed370e026c0f8395162b2db53fe1f98b0fd3ec9004f59ccd2be236afcf89d3330273072abd3665c9dc6e9e1dec80dea56de57f2b7e319e82cf1858ae1cb71b893971bafab4b478a807009b457c1ae4ee9ca4083e9140caed6f5a124fbacfba03e24fce00da17c0993a0605fc6ff1f623c862b0177007e6f4643d436c9ffa0711d6f5d3332e773405a1eb79b247a6405f4316f13a0bfdb6a71c89034d2e365a2a7ee7701165353cb42d31b33b52b78b01a19c33407144eaabe7ee2d2462903d3f8376f1f5c30a7b6eb7494f4a674f4a2f527ab9ac7555120fc33de593fb22c9dd9df71f3903a5687534eea630a8f46455f00c3841c765f9626b63fa8fcd06ac1628b43304301b407913c41d70d9bcf4df90b3bb6e74a6b1f327844febfae11b236b2a0ba559fea9b2edd513facda960e5928dcdb8fc4fa6b3efe593e924e81e283df3566fc018d96490f45cfc58bfc8fd7effcc69d0fe748d78f975e8dfbd2f9fa7231c58e1996adfd760f32e7c7c19d3e0377e079ce1fc19e3d6c58dbe1b02b9be54b8ea486099c7f07cf423d240c6fb33e6874216d7994db6764c440e30932f0a515bacbe9100d9cf035549a0cf85343aaaec2dff806039edcff3546aefdc260839aef8e69c927b8a2ba4f4e7a2c416da281bb2ab5cb60d3fd718b35d4f56119093ee5b3afcc1458c97933e544c4a2481b22b51a86939259b1eec88f20c5560a38a4a2f1c6d5a5958c13b82fea3b7001d280b0860c858adf4eb8d1f0ce39bc1d72c2130ae7f181cee9048505fde7471880368418437b5ac62e15ec036992eea97b58911bf40b96e7efac558c68cb83ab009bd1f25134746d7cc04d3af247aa6247d02386954838aa8a6aeb5dac9483f7393b3114e8e6696c20e10b2a84faf1c46e7622b4e02abd88871e4a21e8cb060af2d80271bd6f358e0591b10daedc9f06ceee14c069f8f905e41bbb86ef31f2fc3029ffced797e7033e14310195ad3777408bbb645b019aa4fe3bc53466103a488b8412f00dd9106b8dd8834feeeb49b0cbd6b4a39ef6267f8b99960599d9ea92881cdea58e193edde9fd4b164ae66b90bf1d39096e51d56575e4a3f308d0e06fcd6cabb73f709324775e5ae232bd33a870f2dde12dc271ff73425f45e4702ee4c90d8a695b08eeb4ad434337319bc1268973c7bf6ecbcfa9b092207c4aaef1ef6d0075087b8a314d2697a926f7292d0eee30ded2a658c6b1af54cee8093f40b69efdb76df1b57bb1ef882a996e5eca3598f390d1fe831546bd608de6c093541aa14a05e6ae4c69bbe1c6b199a2cb4fe53f58d404ff54b945d4d4563c093eb38f03948c23a7b1cf899d43a8b658e82b642ef5b8196585955e1270fbf9c232ec3aef21058a841da0d7105717a6e591ab", 0xf5c}], 0x2) symlink(&(0x7f0000001000)='./bus\x00', &(0x7f00000000c0)='./bus\x00') 00:40:07 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x4b47, &(0x7f0000000480)) [ 134.751550][T12101] loop2: detected capacity change from 0 to 66 [ 134.764968][T12101] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 134.840684][ T1040] loop0: p1 p2 p3 p4 [ 134.856256][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 134.862299][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 134.871937][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 134.881500][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:07 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(0x0, 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:07 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:07 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5ff3, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:07 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x0, 0xd9f, 0x0) syz_read_part_table(0x0, 0x1, &(0x7f0000000100)=[{&(0x7f0000000240)="0201a6ffffff0a000000ff45ac0080ffffff0f00e931190000000000000680ffffffbf0000000900000087771f72003007000f00000000000000008000ca55aa", 0x40, 0x1c0}]) 00:40:07 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x4b49, &(0x7f0000000480)) 00:40:07 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="1c01000019000100000000000000000002"], 0x11c}], 0x1}, 0x0) sendfile(r2, r1, 0x0, 0x100000002) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$LOOP_SET_FD(r3, 0x4c00, r2) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) [ 134.916052][ T1040] loop0: p1 p2 p3 p4 [ 134.925105][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 134.931134][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 134.939785][ T8] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 134.955300][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated 00:40:07 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:07 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x5382, &(0x7f0000000480)) [ 134.967721][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 134.975286][T12159] loop4: detected capacity change from 0 to 1 [ 134.982109][T12163] loop2: detected capacity change from 0 to 66 [ 134.998788][T12163] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:07 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x5385, &(0x7f0000000480)) 00:40:07 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, 0x0, 0x0) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 135.029951][T12159] loop4: p1 p2 < > p3 p4 < p5 p6 > [ 135.035282][T12159] loop4: partition table partially beyond EOD, truncated [ 135.048983][T12179] loop1: detected capacity change from 0 to 264192 [ 135.060866][T12163] loop2: detected capacity change from 0 to 66 [ 135.069470][T12159] loop4: p1 start 10 is beyond EOD, truncated [ 135.075601][T12159] loop4: p2 start 25 is beyond EOD, truncated [ 135.078233][T12163] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 135.081697][T12159] loop4: p3 start 9 is beyond EOD, truncated [ 135.096901][T12159] loop4: p4 size 2 extends beyond EOD, truncated [ 135.107770][T12164] netlink: 264 bytes leftover after parsing attributes in process `syz-executor.3'. 00:40:07 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, 0x0, 0x0) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:07 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x5386, &(0x7f0000000480)) [ 135.122166][T12179] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 135.132948][T12159] loop4: p5 start 10 is beyond EOD, truncated [ 135.139135][T12159] loop4: p6 start 9 is beyond EOD, truncated [ 135.148806][ T1040] loop4: p1 p2 < > p3 p4 < p5 p6 > [ 135.154068][ T1040] loop4: partition table partially beyond EOD, truncated [ 135.176738][ T1040] loop4: p1 start 10 is beyond EOD, truncated [ 135.182891][ T1040] loop4: p2 start 25 is beyond EOD, truncated [ 135.188983][ T1040] loop4: p3 start 9 is beyond EOD, truncated [ 135.194986][ T1040] loop4: p4 size 2 extends beyond EOD, truncated [ 135.209601][ T1040] loop4: p5 start 10 is beyond EOD, truncated [ 135.215795][ T1040] loop4: p6 start 9 is beyond EOD, truncated [ 135.288450][ T1040] loop0: p1 p2 p3 p4 [ 135.298921][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 135.304987][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 135.313471][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 135.327288][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:07 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:07 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, 0x0, 0x0) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:07 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5ff4, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:07 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(0x0, 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:07 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x541b, &(0x7f0000000480)) 00:40:07 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) mmap(&(0x7f0000087000/0x1000)=nil, 0x1000, 0x1000008, 0x2a932, r0, 0x17172000) sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="b8000000190001000000000000000000fe8000a2000000000000000000000000000000000000000000000000000000000753dbf4a1ef7df60a00808000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/112], 0xb8}}, 0x0) [ 135.353083][ T1040] loop0: p1 p2 p3 p4 [ 135.357389][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 135.363437][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 135.371542][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 135.393519][T10158] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:07 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:08 executing program 3: recvmsg(0xffffffffffffffff, &(0x7f00000013c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001280)=""/123, 0x7b}], 0x1}, 0x0) bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000100)) bind(0xffffffffffffffff, &(0x7f0000001200)=@pptp={0x18, 0x2, {0x2, @private=0xa010100}}, 0x80) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000140)={0x0, 0x1, 0x6, @remote}, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x20000000) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000200)={{}, 0x0, 0x0, @unused, @name="4bc3c75e48c04b6c064b8c0da38bf881c3aa22783006240c7405859fceb82df26a346f0e83f55c6630f3c58c661a0122192aafeb655669a8353e318592695939fa0a0d8732aff0a2c2f8aea134c3f0e0772a8e438f873a02ef08aa01addcb863b976f4122aa053091feae7b6a454122105929600ba634a3776095746ee5209de920b7efaf14b01227146f9d9d7bd5b9de801a544f10051af6e10246a3ce049a77e322a32a343fdcd753ba4695c0663dee19b8757f1925a0b73e31a9353240ac88fe322503176294055dcfd025cc8c515d25a02283fd7b504dc05fa82d51b89fe0ad29f5984cb9e2da0f8dbb70b3c8e29e74b1ed2a53def65e5c4985c6c0eef30e921224b4b4ed48d9d4d61849a8af3f74270b4bef05c393a92f406c5aa5eb86dec5e931623ef63991a59765af782f6c60a02e5d21c11551e009bbe3845b1da395057f33924fdae28ba771f2036f1a1cf0bf1de795102767d17f5c098df076415d535670b7270a6bf4786e4a8266824ee837d1d2b28b5bf3a65f8bcec4c47a81c4d28df3a0eaf1de1ea3e083d08d184f477ea8990e5254889399ac205180c84be05b4a4a472cb93d4e01650a00447bd29b781c2aceb01f60c5d154bed2fb0336e71ec264c8c2eadd93ce5a69623447c101083003d4fbd2dce8464cdf10096ab631de294a89ec641821db5db855f0cb46f652cbe7d619862e0c73992e9e7b269aa72276a9e54898f77d22b512e450327be8a37a2df735e283762477c65a777343d850ff9ff9478e5759e7d3e40727de2192c8eff0766342a9d4dfe16e0f5aa628e2a3f6e4d408e79bbbf81db3e68c41d2ae29cdb8191a1f9a42d06d738314b11ed92d25027399c6f7dc8a3036424d88928bff7ae9712967c1bc5cc26b360545a8f22f28ca121841cf02e2b8422074e6ac246fd134490775752201bc39ba6610a7eff8571bb3fd5c70b82e83bf7c808ecfbe994f8342baccd82dc8a18fd7dbdab76a0ab93ec4c3f0a16f645cbf04141d1380108ece0afd76623e2942c94e92c230f1b8f7ef18850e09e157d3ea4ae5b339364c32786a8f075af92421f1866a9b333a28f5f61c15e65d71c6ba2eff04b914a45f97e5b31ae95035bedbea5524fccb7a1ad88d4569d9f7d135f49d92d6d8c0798883839d6497cc27a98ff145cfb7bececcce784d30462cb9529b6221d83d349da4811148a30f45e8057de474c57f4074c04e827d0652f96f28e8b71c32442545d4690408373d70272ce69adc3dd457586530ed286753097743c271d35561a659208c5a9b276a21d8ced64c9d4e187ba19393638423ea012ca3f3cfa8c48301570defec3beb553de0043811bfe2d1ec131509f6aa4d26c1508c1333e65a2ab2ef4bdd7bca20c7a700eb3311837e95d1f61e042fa90cdb85062ead234666d219afaa51f6317d1da1938d78356b0331a3948096899513cc455c6e3e3246023d36bb4643c4a62b86ac3ec6858d2a024b902376c450b89de88d2e80284e1eacf60dd3ba1ebd792836b23e2e1504a70d9d0aaea2c30d6ff18cc9977561e5f20116ae019aa4a491c36e52a0428139dd4862e457144e7669d1aa8c789d285234b74157f3eefe45b85f99d91dd6ff333e8f762c863574624b869e8767fb00fdb2aa5f67203865b7507b1137e958a1d1dc798e544a4005506372b32629f672bcd8ef10b6957f5bbc8da3be3ce18a1776d459e35c3e8c00538602d331b8203a7a5f38856deb9e0e8b20021ee31e12e749493c031ce21815ef841bffda89c93d63866a1aba31c7525d372e81fd96c2585799670ec211f6c615e39dfdc5c0174ce4c5f9c2f03cd403d94461ebea1e0dfe060e10c9973164850888a6dce6108b8589913725cbb0b244df5e2f0026a6614976d0e0ddf7c6cba937427722281a02085ffa6a36c356e11b2d9c775c85fdc966e8408d3440d70780c0ba7820d0296a71803e965d1733ef0a01815321d03b44877d873182bb72dc6c33af92476b1f0274821a075fefa509c901d6e352b630f7fc56cd7a692e33feb0a2f7a6a7ca8a84bad3aa09ae2c08db614e0362b8ab3b97daf772582f9576e3f1c8b2e09d2d55ca4123a9188f2930a780189ab3730a5eaebb16b8239fddd31c8b36f2731b9636d094caaebad25c4d6e72a116fe4dc8996005dab1aed5cc5dd53ad681213fae918a81f12c1c7865c001e2f1f148cbedca0828fcd797e5d61546daae267b233c663131e46028c3b8e30ee04f39505dedc153ad08f837091bd9c4e1fdec29b4064543849fddb30a8d9218b1eab45028b5a5824773633c0dcb53fd6aa03158bcb8e42bfbacfa8dc3ff971adc36fc31245fa6aef79b827a36809e084fb29f69d040606392a61a8d3f56759189d55bd654859924172b8fa7120e82681728f363acfa2b92edee67d4287ac8d89342765609481d1bbe981c1cee05305741db2fbdef213853fa0fbec3b023747529ba285cb9aaf4450d7fb32f35056ea509dbaf394aeaf56fac7dc1079ab01648c3dba213bb04eee8b261343d1f1cac42ced613da2467bf1c1ceeb9d2657b3ba981c87a4f5e1138b901564b0f78a6e1d05568f4d48a841e047288255d05c17413c1fab0455e415f5d8a8b107345a5c0f8fe645b292ad7a70eb7336302e14ad32c12191c6e274ac89dab2e06ec752c84582e9578a215e8dcf2670d7d262c4aaf57d6bf122d32dab6d221f9cdb424f5541c2364edc92744eb2c2888d2a845e732d2d7add1af8076b1a9da6396f87506121ed8dc5c8dfe6e97a1741185c67a78ffad95b3a05fe99ab3927b2e7bac24ff8249995dca973622b29e9bfd3e793421f44a58d32e518e2a75cfd17141417f22ffe0a8c95c7fc7c8bd78d71787131eea1f27b6e0bef1ef7bd2f1b669f82a35cebed6ebbb8249de3589a9bc5c7ae25917f81d90c248dc755fff8a039f36d967ec6f3d6244a9177cb3eb79ecba7eca28a94e71e8f02c77ded922c91b3abbb53ae8ddff4ab47dcbdb8521f4182935e2df8314439a0562a8e1b447bcd968d248df4f101e02a34a5c0cc8c55a9ec73a7f52452e775a2fee449fefe105ef3ea5530c418179f60d2a4569a91bf8c69222816d0804445b5cb53bb6e898883510cfebc42fac24d0b3d785a5d5ca4649b826a186071ed3f98d2c7543a3e0df24d74d9391ce766a4dc70c6d08cdb6af4f75bc4f9bbc0a5e80859efef6dcc1aa3a2e776509d23a33fcf83d0ea1ee8e0875fc0e80a7f4c489c604afa0f550fcd49466bea92191523650aa445bfc1b0eb0e01e4e1094fe97522962118b91fb513841d87958e7996f39e8c070280dbdb3e999c252e70cec5188f78a9162b260f8e8f99fd9b3df875e584d98296752d448df46dc4246755121a1cafcc828c0ca6dd4655c66450f7bd5d329bddf970090c0549b833b47c40ae891d68cf2986d4571d6a0e9c6b326442583d04f0468d8ade4638e149bab2470554364a6427896b9069683d70568373df0f2b8b675d0135de74fcba823a126a75bce3dfd21fec07e73656440949bce1a6f4d79623f326e10a657dca20d79de31164d196ff44f37cfafe8a90d29d134efc82db36e5eb633d208fa330cd6cd5c4cb501e1ce97cd856398687c0ce47386ca039d5612829e0f8d0260e61a2d2922113ee7e9f0fa3de6afbd89ef6bca7300174830bff3f947ae4499fd357041bd8aebd3c80d17120e42837d856aeb03d219fccd0a52440a593b7fd9dff080b2e89dfebf0548fc9a18e335d60f393f06781534281d6d4d36a66e5a641a30d04ebf6cf78966a5629a44e6f02ad3e3c26ca32423485ae68f946f4c48cf5e912fb3ff5c74b60e840cc6e341fb770fae39d9c693f27fa007d2721e0db8bd2ecfb9b9d4eb4b819b081b5f67945b0ab0b8ade0f2e036b56e7178493ec795c9022caecff6e0fc81b97d57b6cf225f268586720519bb6fab0c4a33b55df853c8667acb9e96e94924237a68aa05aecc6a4e1af2e89aed086185c5b9444da34fa9e210a2ae7a8aa59dfd1a7297c641f06c274833bdbef7988b8cbef65e030bad5efcff9bab562f1a65d8b64ee2f0247feec41bace55b8fb51fc0b04a15c3fcd09be371696bbbc6ee76830ef1f4ffba28446e36bf39d489f0250fbf9d588623e1f6b62d874f9b76bc86517f7ed8d8a1bf82b5e2ba392658cc317227258aa7f2aae9c4a636b9698f85bc4fe577e246d04531c8fe6ad38386baccf3a6ad7429b78acabdebe0805f17b5a43aacd00b42d86b9d127b25feb950c12eab58e7a2600864afa643f3e5b50dd8d89beb6410b674397c79fbf351e63b0680620871c08f7d06b2a4aa222d299a10b31fb28cbc4c170eea4c4d8033c5d4ea4bece9f048bd63961c25e63e941f3248d6af72f7a814bc16b51e22b54e7c84e9f3076f59b505e6e84838c955ad8be00dd594fca33595c2ab85f80a197cd045f738294704f516c23d7a11d0e26a41a834c6f19f48179b27953917f065ecf275ca7bdca5819ff48cbc993a8853e85bf5c8e81f00b9cb3f25e16bd611e7fa5fb2beed364578b6871d4bbcc8363467b4123c844e894933dd2b703044afba08d3564c801e83efd11dc6aa153249a153718235c015f030c6576f8d8a03fce268a5934fd30187e386699d4c85cde2b9e56bb0da27d40de33c996023489378a09719e85623bf1b7fd36d0f33980d99afe2be5ae115146ecf55028ae41650ee83e8b12c09c0bae234aaba04c42da9f5f7552f11567543f83957dd087e56d4d3d7318445e7a74827bc266fba8518e1bcf2bc2f7906a3606f1628d7550d7ddebade6f58fb9b1a2fd8a2013de98b1200c398b066197a1ab281e11a93e33c7b8514b98d574a09ba9cbae385baeac17759baaed0779803b7964f4d57e1e4f8d3e16e3602dfe4715597056ebcc6ec84de6b71bd3e196a2897a3852868eaf70c0fc8651b9ff779220d44989f0d20adb763b1be1b65dfb1dcdf8f1078df8b461b185bf17385ed61a7457fa348b6ea495643a78b4c8ddf521991527060bc38292ff278881be04e27e24c5ef9988b2f4449f7eeca220a269fa49609370dc6a3b230fc86787d33696927e4bbb1e2f91c9d55a1f2416ee30076c0446d9afd77732591e6a8cff4b0b5e04ff1ce2baa995041b8149ac8b98c4f6d2e8382bc38629aa926ff14d50ed8e7260978abe23fa595ee07a227f0d7f7f979aeaadcac84ee183cd3c75f90f76e85405556f4b2da9e7e29ff5251c3a8c8bf9010b93d84530841c19fefaa1ef92b65618b1b26e004433eca2d21ad371bc1f2edca16424a4af47f72727ce884fe9d7410a241dea87a4f3b18712dd0badf6d382c3023ac8ca03a24b5e6df5417ab0ddb9a2da98510b07d6c37df45a0afd9df8bb659b656396e87eccbb52c558f859c409e4f5fd6cb36e7d973d5e828bcefdff27abc30d5a83d75a6af749ea798d30560732fb329e9081b8d5dd7734637dbfeb5af293de4ec884a58aa1769aee4aa04764049d1dc41215704cfab6fc962b550618018140fb16843f9838a4b8d3b6fd374a580ddaef28fa571ce313498b4c7cd33c84b1de77b37323089f46880abe99924033a699d01574ee2ec6a7dcd56f6168fdbc5a94f3e1ab7a6ec80c43639053d1ea74768d0e9aac2b2c6ea719c9ccb18a46c04fb8a4d08eb983c47fbec7ba674bd8e07e9fee44b78ee0a948340813554a6ee3b64d3bfc31e226783f6329a3836a741e6ccde80126b24f63d3"}) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x842, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000100)="8e0e9b50081b3d559b3348", 0x12e9}], 0x1) fsmount(r1, 0x0, 0x0) 00:40:08 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x5421, &(0x7f0000000480)) [ 135.403438][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 135.432438][T12233] loop4: detected capacity change from 0 to 264192 [ 135.435247][T12236] loop2: detected capacity change from 0 to 66 00:40:08 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 135.465026][T12233] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 135.476848][T12236] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:08 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:08 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x5450, &(0x7f0000000480)) [ 135.513022][T12251] loop1: detected capacity change from 0 to 264192 [ 135.522291][T12251] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 135.533733][ T1040] loop0: p1 p2 p3 p4 [ 135.553119][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 135.553137][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 135.553531][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 135.553800][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 135.566150][T12236] loop2: detected capacity change from 0 to 66 [ 135.566736][T12236] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:08 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:08 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(0xffffffffffffffff) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:08 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5ff5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 136.050383][ T8] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 136.081602][ T1040] loop0: p1 p2 p3 p4 [ 136.085775][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 136.091799][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated 00:40:08 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_FONTX(r0, 0x4b6b, &(0x7f0000000040)={0x1e1, 0x20, &(0x7f0000000d00)}) writev(r0, &(0x7f0000000080)=[{&(0x7f00000000c0)="98f3a44c06ec66e524a678ef7d2b762c0a7e9e8502f7d4c7b5587c1caae57417d06aae5c9374e41c1ad475c4543248600ef645ebc0b325495214830dec2dea25c80e61118467bbfc11adef7c718596513f8e53a8c0072fc9c0d60e15f94044dd5e3a2e66b1bbd990ee4abb7a0152363fcd355b22e6c7f55d87a635c9740782784b2fd4395a1955922e3afd09f518abbf57bd222fa8d96b3349fb5fb1326a6279b2ded9f8204da3804c7d527486db60ed52f0c0923cfa5e1302e92a9bd9303c48788a73cc10e5d52492a7b22ca2d9a2041fd94c5191e3e9ae3591a7baa4087757bda3fbe6746e7bb4dbbdc818abfcb2deb8af9b60b4b1771f262b70d87ea5758f24fc64e6724d58f1c4c4a84870c8d241b492c151c1df99a8520abb14a63883cf5f5864a42af1c6e354d9a24307bc13a5d483a937d44403431633cea13c93ac9b0671cd3ad68a274bd785d9ba0186be2d7aba4a3d78f81999ed98bab1ba719492026b29a516477102fe149ff6918b374815d92f3ba466799d272e923d4172d5dfccea48f3f6f5e8b85b720e58496fdf763d224182791429611d0e294b7ce59179f2c3676568f76e78055f9eff51828742e1a18b46c54601f3467955e21bace6454226f7ec2766c5bd09db60e54ef93b7daac95dc83cded72c887bedaa3a0afd921defabc46806da6d36fb509681b8fb7f7d3779d2a026dad258c31a677158f969efb77bdfcf39907d721f7a485f85cf4ba77d725dc01d21dd04573b21c5be28cb853884cb4b0606958330e1fc8ea65acc7c12cf494f46c4161c066f96a64e047aaafab66b2b0b0ea50de15a369fa90b171163cd91530d547033fa50e8e126a356201e075129dedd3d3f668837dc319d9e10a0f12b9deb0e275b7a304adb05a207b3c435c2af898393719df2e6708ad3e4d512d608a61b3f3bcddf7ffb863495a7859f34c5e934103a0e0d8b9bd11236d107466c286c98c12e4e1374983f955fe57d10083c019ed6ef3e01f3563452ebb37b9d48deb31dc44d643ea4d5edd17286ac7e03b8e1927105678685e2c3e5c9554f401f539ed33a236896ad8301e432ad5e56309a1f44a72650ab38a043d2454c5ab049b7da2e4d93679cba53799bcd48d61b4a83439541b485b784defa67c248a5d18915ae34b53b272beb850406fe186f78f844b7cbfba0d3e51f1b92582dbd29465b6a1ca22a34d07db9d8db1539301475493fdeabfe1834db42c1b1b46858e9e170c830c2863047fa7a2e6f6000fdf775441b1c63ce6201fdbd3807efab778b5dfc0a06b2cd99c6403e2f791c25da56a34cad93cd6616c0a799818244610f61cfdcacbe02cdfdd3c9be450d65a4393c30eb826fde9abf42ee0a062377de75beac4baca37a3cfd1ed03e35c90a32b79ec3903fd39cd61fbf7296ee44cc48b0a9ee007ccc0af38f1491d201c8545fbc18b7a6884b0c4b3f830795fe058827144fe99df5e02137ed9fa58e534d29188772519d711e9feb566ec881094db418781133e487621ac2ca2f7262bee8f8fae0375096f21c89a1ec3777c16d3e00867b50e94a986a919e5463ed4c91748cc11c74a4252aa4ad209c544bc6195eab61e0ae87d30a5c0089037070fc077fda7fed906dacbbcf36580a6129f709d5ca2c7d0fc6be9462e179eb69709463870c6a557142c827161458da7b2076ded98534373d2334a0bae83d9a11118f7ba8269a812e6921058a9c400c645b009b77aa03b5d92e5c886e7e05f6397338e60cc67e9139f46efa36260dae9a11b6aec09cee08ca75cc365a13d7a3fe3f6e1d22da73cd4fddb3eab0dd45029c9f2da314ff25660284df12200c3b9953f89fd494656da42457269f94b61175ef93fbc3a638dc9425bb30518fe2ed4f95139d6edbc03ac5f714ebc619d31f2950b55525a4b24d492156a434c556ad0a82e4fbc25270ade4d280836adc11b8ee009b8e8f64b9d81ccdbe5c0059f14187380e9f3fb42cf337fcf90a16a09eb40ebbf44ef76f412225bf1a825bef84727f354caefc0fd3e39cf5070b76605d814dd0888c27bcb4c9939cccade5c94049295835f952f312b648ad8762134bb900727554d2412f117e83639e3152c811cc8807de8a70fb78a7fa2b1e4979ec3ce006f4f7ac40d6b73e0aee35ff75ad03c0d4eed84030cbe57644ab17226004c12a984b98c0f16184e9d59d2b8a71ec7edb18cb5be53a08b8386297ee074ff1bbcb7e875efec34b72db2c507004c919d0b32f462dc8c5cdd8f07b57b5fa04ed6501adc22c01e23b2370e4b3f890b8d10d6234bb22b61d7a036f6601c7dff0411196311118e2004b7985fdce7075648b14ff57938eefdcb97c414a6e6a2f7aa04548af4fba18edf3cda5056ae0806c306368e4801db336ef69225a76560c9ee59171a9f7f6baedfc954f33863fa07508feb2e43a1d1a00b37dd03e38c2f75192e9dd9d751e4e58fe54f365cf8191bf13d4bd71e2725b521bafff0ff10f590189201b2eb1ffe75f3b28f5b6c1e9b3ab5a66284a77885b334c400daf4cb75c158a06dd3bf564b61ab6ff1db368dfb7dd48425b3baada136917fc06183ebf31150e2c8b3f73ccf65de40c6e1290f37675cdf6b105f2c0440b8aca041521bf6a3af0277e4e40fcdc8861bce0baf024ec5517c509ffec314924bcaff1c0c267e241951610ffd4e8c5ca1d9f6a71eae1dafffc7cabe929b1ed7766b81ea954f50f091a9d8aeeea8f519614961066069ebbbf5c8d95ddc2ec29f3ad2e929c1956a69a40508cb899d54358e93db343b01b8bd2f5929bf38df2b90c5daa7a21b30aaa7c87c0ecb280c9ad7eba8c9a9efc95c25143d37116ac145e0284f28bef5eda97325dc7e37866306acb933ed4bf29736b4985fba0507b5ffbf7321ec5eabecc601409dbb3f8d204af17e716d4aa7cf99c2656d4303570eeb7aa2c6d47cb3bcbf2039649b4d18f7d1c437a967f69b67011f926dab5921efd3cf2d58c069931da6c62b1aefda5fc9e001ac3c8d5f24a2134183db0fb6c27812da76ed8018cd21385f116415e5498ad23aaa8a6848feb4cd9cfbf712edb5ab922ce835502015ff130cbbac8fb3347287539e941e56e1958be28daceccd01cb3541f6e0511681c00a2a9245e3b580ac4cf64171e134694aa0f77a7a28448da50f3bd5c58a3b50b900bcce48bc3ad0c70f30486e3a74991296e36918717804170a566fbfcd708082c1062968b83c0d0c40152cf29f7f6d0de47c895c6ac639619675a35b6984b15361250daf6a49747354df78d81514c2a5e426812bbc0ee15ed046395b8540d6c744b2f103471a554bf46b5fe20d2174ccd8a06d853bb9744ebcf38f279a570790f719a1942096691055c781bca43c883e586c7c8daf8752e58d24d5bd07821aaa736be1f1becf1d1dd9be4a68c8c696b89f1cd33727c092fab173ba6aebec34e1c62e7fc4ab0a2a7511606daf26892f5d666fec16bcdedf38c33ff03ed56062d8493af50581d0dcdf83cb6db4fc0028d0856b96f2e5e288953e98b1309ded5ae76eba58db8a15930a01b105dc6ca8e96e58f07498f74ed5ef9e75abda48cfc3ea03388d31c7602109306bafc0b63dda6c4ec6df02b6946adf9b8af8162c6114c76788719227e4538d9725197e9fa4966a00907e376ea328a0142aaa108a30556d5dbc928ff6d40b7c26bbfef2f5651a22ec58e03814a1eb9b2c1cba88a1031f2e3ffe8cebbcc21c8afb66376c739cfe4e459f795ba9384c68cfd8f96e1b50194e3f98fa27cd2cb79de6fb9632f7af51b46ce8d924f515ddf8988c851ee57c7345e8c8717e8440c864cee91d1261874335f1588c2b1dccea0e444eb93e18b996d623918acbf11ca8cf4a7f6c8d9e0a127629dd15f4cc5448efb9faa8edddb921612fa6cfbce83f6d5acfd91319898ca228745aa16bc93fc12526f9e665fc82a7fc7b049cf44c2bc15d332d19ca313a654fdc90d57a0ed92b664b275bf0e747fde496e10cb2b83730b7c5ecfcd94a85abb5cee20299e6a59962c97cea93b9f05d9716ded93a723f7a37e06c88e4951352ec40b6c514080afb15d2966bbc6375f7eb2915b1a86421be3ba0591f59f80e01039ac94ae7a1e623b3009ec190f124e05f73533ee3a52dab913848a11e82ddf5fd64b0c4a626ae8b87e410472b83ce7696675dec104f4a61c263f86e82406a394bf6465dbd28088f75584e10b77979184a5fa2fcbcb176ed4fd5c5fb6d6a90f7ff32902f2a4353f225e4103c740fa8a495e20bced4c3d97222ae046361a46471b07df2ddf77d7b3a1ede7a440f05be7e6846f41f4c75f3b4d29594990cef2bd00e6c572b59d32b54949d336bff2aa412be8ac1a6574adbb8af21b8ec57f1101883403de3f29530dc7f40872d8ac6a57d1a6017cd8cbf79afab13cf49573c935eb6879b67d079482f08ad8c46d1b45", 0xc3f}], 0x1) 00:40:08 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x5451, &(0x7f0000000480)) 00:40:08 executing program 3: mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4, 0x4010831, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x2) r1 = fork() sendmsg$netlink(r0, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xee01, 0xee00}}}], 0x20}, 0x0) write$binfmt_elf64(r0, &(0x7f0000000000)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x3, 0x8, 0x4, 0x8c, 0x3, 0x5, 0x7ff, 0x3b7, 0x40, 0x29a, 0x1, 0x20, 0x38, 0x2, 0x4, 0x90bd, 0x7f}, [{0x60000000, 0x7fff, 0xe60f, 0x6, 0x100, 0x100, 0x4, 0x7}], "a74381ea7a55043762e892f5d261ae1f2630f9631bdaba8e8bd68ba0a256e4ecebd33de5a103a5be9a9ee8cfe89e9664127ff79608b15243f350951107cff56a9fbeb2752a8a9785bbe5a0165d81b7", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xac7) prctl$PR_SET_THP_DISABLE(0x29, 0x1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) 00:40:08 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(0xffffffffffffffff) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 136.093344][T12298] loop2: detected capacity change from 0 to 66 [ 136.119151][T12298] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 136.128518][ T8] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 136.139789][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated 00:40:08 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(0xffffffffffffffff) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:08 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x5452, &(0x7f0000000480)) [ 136.147511][T12307] loop1: detected capacity change from 0 to 264192 [ 136.153694][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 136.178893][T12307] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 136.195593][ T1040] loop0: p1 p2 p3 p4 00:40:08 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 136.200207][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 136.206243][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 136.214498][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 136.223603][T12298] loop2: detected capacity change from 0 to 66 [ 136.230717][T12298] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:08 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5ff6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:08 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x5460, &(0x7f0000000480)) [ 136.248480][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 136.298482][T12341] loop2: detected capacity change from 0 to 66 [ 136.310696][T12341] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 136.344613][T12341] loop2: detected capacity change from 0 to 66 [ 136.365399][T12341] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 136.441076][ T1040] loop0: p1 p2 p3 p4 [ 136.455214][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 136.461263][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 136.493867][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 136.520437][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:09 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:09 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x40049409, &(0x7f0000000480)) 00:40:09 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5ff7, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:09 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r4, 0x0}, 0x10001) r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r5}, 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(r5, 0x4, &(0x7f0000000080)='[#\'@-\x00', &(0x7f00000000c0)='./file0\x00', r1) preadv(r1, &(0x7f0000000280), 0x100000000000008d, 0x4, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_NOP={0x0, 0x5}, 0x4) mmap(&(0x7f0000101000/0x4000)=nil, 0x4000, 0x2, 0x28011, r0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r6, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a000028060001001a"], 0x1c}}, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0) 00:40:09 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 136.559631][ T1832] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 136.637151][T12370] loop2: detected capacity change from 0 to 66 00:40:09 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 136.679897][T12370] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 136.697054][ T1040] loop0: p1 p2 p3 p4 [ 136.701254][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 136.707293][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 136.721279][T12380] loop1: detected capacity change from 0 to 264192 00:40:09 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x40086602, &(0x7f0000000480)) 00:40:09 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, 0x0, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 136.731295][T12380] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 136.743377][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 136.755869][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 136.764313][T12370] loop2: detected capacity change from 0 to 66 00:40:09 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x40087602, &(0x7f0000000480)) [ 136.776678][T12370] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:09 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, 0x0, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:09 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5ff8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:09 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x401c5820, &(0x7f0000000480)) [ 136.897718][ T1040] loop0: p1 p2 p3 p4 [ 136.913507][T12416] loop2: detected capacity change from 0 to 66 [ 136.920140][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 136.926170][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 136.942550][T12416] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 136.952422][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 136.988495][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 136.996499][T12416] loop2: detected capacity change from 0 to 66 [ 137.004632][T12416] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:09 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(0xffffffffffffffff, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:09 executing program 4: r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x0) close(r0) r1 = inotify_init1(0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r3, 0xee00) fcntl$setstatus(r0, 0x4, 0x2c00) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f00001d5000/0x4000)=nil, 0x4000, 0x1800009, 0x110, 0xffffffffffffffff, 0xfffff000) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r5 = gettid() fcntl$setown(r0, 0x8, r5) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) setreuid(r3, 0x0) rt_sigtimedwait(&(0x7f00000002c0)={[0xfffffffffffffff6]}, 0x0, 0x0, 0x8) inotify_add_watch(r1, &(0x7f0000000040)='./control\x00', 0xa0000000) rmdir(&(0x7f0000000080)='./control\x00') 00:40:09 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, 0x0, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:09 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x4020940d, &(0x7f0000000480)) 00:40:09 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5ff9, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 137.115734][T10158] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:09 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:09 executing program 4: r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x0) close(r0) r1 = inotify_init1(0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r3, 0xee00) fcntl$setstatus(r0, 0x4, 0x2c00) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f00001d5000/0x4000)=nil, 0x4000, 0x1800009, 0x110, 0xffffffffffffffff, 0xfffff000) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r5 = gettid() fcntl$setown(r0, 0x8, r5) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) setreuid(r3, 0x0) rt_sigtimedwait(&(0x7f00000002c0)={[0xfffffffffffffff6]}, 0x0, 0x0, 0x8) inotify_add_watch(r1, &(0x7f0000000040)='./control\x00', 0xa0000000) rmdir(&(0x7f0000000080)='./control\x00') [ 137.210862][ T1040] loop0: p1 p2 p3 p4 [ 137.216223][T12443] loop2: detected capacity change from 0 to 66 [ 137.230077][T12451] loop1: detected capacity change from 0 to 264192 [ 137.238193][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 137.244228][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated 00:40:09 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:09 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x80086601, &(0x7f0000000480)) [ 137.271647][T12443] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 137.290299][T12451] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 137.303980][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated 00:40:09 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x0, 0xd9f, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x1c, r4, 0x9, 0x0, 0x0, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}]}, 0x1c}}, 0x0) sendfile(r3, r2, 0x0, 0x100007094) 00:40:09 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x80087601, &(0x7f0000000480)) [ 137.328565][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 137.341291][T12443] loop2: detected capacity change from 0 to 66 [ 137.350988][T12443] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:09 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(0xffffffffffffffff, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:09 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:10 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x801c581f, &(0x7f0000000480)) [ 137.387686][T10158] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:10 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5ffa, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:10 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0xc0045878, &(0x7f0000000480)) 00:40:10 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0xc0045878, &(0x7f0000000480)) [ 137.502782][T12490] loop1: detected capacity change from 0 to 264192 [ 137.511711][T12494] loop2: detected capacity change from 0 to 66 [ 137.524445][T12494] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 137.525993][ T1040] loop0: p1 p2 p3 p4 00:40:10 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(0xffffffffffffffff, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 137.550753][T12490] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 137.552989][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 137.565826][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 137.581342][ T8] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:10 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0xc0189436, &(0x7f0000000480)) [ 137.601239][T12494] loop2: detected capacity change from 0 to 66 [ 137.609197][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 137.609630][T12494] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 137.624662][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:10 executing program 4: socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfff, 0x0, @perf_config_ext={0x40005, 0x101}, 0x404a, 0x0, 0x0, 0x5, 0xfffffffffffffffc, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x7, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x400, 0x100}}) creat(&(0x7f00000001c0)='./file0\x00', 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) eventfd(0x1) openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) setfsuid(0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) fchmod(r1, 0x0) write$eventfd(r1, &(0x7f0000000540)=0x5, 0x8) io_setup(0x100, &(0x7f00000003c0)) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000080)) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x400452c9, &(0x7f0000000040)) 00:40:10 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0xc020660b, &(0x7f0000000480)) 00:40:10 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0xc0481273, &(0x7f0000000480)) [ 137.670512][T12519] loop1: detected capacity change from 0 to 264192 [ 137.690202][T12519] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:10 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5ffb, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:10 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 137.803707][T12536] loop2: detected capacity change from 0 to 66 [ 137.816674][ T1832] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 137.855602][T12536] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 137.884255][T12542] loop1: detected capacity change from 0 to 264192 [ 137.890919][T12542] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 137.910936][T12536] loop2: detected capacity change from 0 to 66 [ 137.911497][T12536] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 138.010970][ T8] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:10 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:10 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5ffc, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:10 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:10 executing program 4: socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfff, 0x0, @perf_config_ext={0x40005, 0x101}, 0x404a, 0x0, 0x0, 0x5, 0xfffffffffffffffc, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x7, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x400, 0x100}}) creat(&(0x7f00000001c0)='./file0\x00', 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) eventfd(0x1) openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) setfsuid(0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) fchmod(r1, 0x0) write$eventfd(r1, &(0x7f0000000540)=0x5, 0x8) io_setup(0x100, &(0x7f00000003c0)) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000080)) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x400452c9, &(0x7f0000000040)) 00:40:10 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) r1 = syz_io_uring_setup(0x2000, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r2, 0x0, 0x10001) syz_io_uring_submit(0x0, r2, 0x0, 0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x100000a, 0x50, r1, 0x10000000) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f00000000c0)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x0, {0x0, r4}}, 0x2) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 138.294877][ T1040] loop0: p1 p2 p3 p4 [ 138.299003][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 138.305019][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 138.335559][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 138.351956][T12563] loop2: detected capacity change from 0 to 66 [ 138.355365][T12568] loop1: detected capacity change from 0 to 264192 [ 138.371577][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:10 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) r3 = openat$urandom(0xffffffffffffff9c, &(0x7f00000000c0), 0x10000, 0x0) ioctl$BTRFS_IOC_START_SYNC(r3, 0x80089418, &(0x7f0000000140)) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@mcast2, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6=@initdev}}, &(0x7f0000000040)=0xe8) r5 = memfd_create(&(0x7f0000000440)='/dev/urandom\x00', 0x7) r6 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f00000005c0), 0x2, 0x0) dup2(r5, r6) statx(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x7ff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@empty, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4e24, 0x1f, 0x4e24, 0x101, 0xa, 0x20, 0x20, 0x32, r4, r7}, {0xfee2, 0x200, 0x9, 0x6, 0x39, 0x4, 0x7ff, 0x9}, {0x2, 0x375, 0xffff, 0x8}, 0xc5, 0x6e6bbb, 0x1, 0x0, 0x3, 0x2}, {{@in=@empty, 0x4d2, 0x33}, 0x2, @in=@empty, 0x3503, 0x0, 0x0, 0x8, 0x7fffffff, 0x4, 0x5}}, 0xe8) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 138.382301][T12568] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 138.393220][T12563] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:11 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:11 executing program 5: sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)={0x40, 0x0, 0x100, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_HIDDEN_SSID={0xa, 0x7e, @default_ibss_ssid}, @NL80211_ATTR_IE={0x20, 0x2a, [@ssid={0x0, 0x6, @default_ap_ssid}, @supported_rates={0x1, 0x1, [{0x1b}]}, @cf={0x4, 0x6, {0x20, 0x9, 0x80, 0xf2}}, @sec_chan_ofs={0x3e, 0x1, 0x3}, @ext_channel_switch={0x3c, 0x4, {0x0, 0x6, 0x24, 0x7f}}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000001}, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) write$binfmt_elf64(r0, &(0x7f00000004c0)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x2, 0x1, 0xe1, 0x9, 0x2, 0x6, 0x6, 0x7, 0x40, 0x27, 0x6, 0x1, 0x38, 0x1, 0x7, 0x9, 0x8004}, [{0x7, 0x803, 0xce, 0x3fe, 0x4c, 0xffffffff80000001, 0x4, 0x5}], "078a1c4c69fc2b80fd1a4593ebae58f6c85fadfaa28224470f0f13e4e7cc482adec706429005416d6dc7b1c711b90b7a626ce9193b49a0", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x8af) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 138.447953][T10158] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 138.461975][T12563] loop2: detected capacity change from 0 to 66 [ 138.482091][T12563] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:11 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5ffd, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 138.546131][T12594] loop1: detected capacity change from 0 to 264192 [ 138.558364][T12594] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:11 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:11 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) r2 = socket$netlink(0x10, 0x3, 0x2) r3 = perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0xa6, 0x76, 0x1, 0x80, 0x0, 0x40, 0x400, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xc9, 0x4, @perf_config_ext={0x7fe000, 0xe24}, 0x314a, 0x2, 0x2, 0x7, 0x81, 0x40, 0x8, 0x0, 0x7, 0x0, 0x55}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0xb) preadv(r3, &(0x7f0000002940)=[{&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000000340)=""/179, 0xb3}, {&(0x7f00000000c0)=""/32, 0x20}, {&(0x7f00000004c0)=""/175, 0xaf}, {&(0x7f0000001640)=""/230, 0xe6}, {&(0x7f0000001740)=""/4096, 0x1000}, {&(0x7f0000000240)=""/86, 0x56}, {&(0x7f0000002740)=""/206, 0xce}, {&(0x7f0000002840)=""/233, 0xe9}], 0x9, 0x7f, 0x1000) r4 = fork() sendmsg$netlink(r2, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r4, 0xee01, 0xee00}}}], 0x20}, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000005, 0x4000010, r2, 0xd2508000) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) r5 = accept4$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x14, 0x80000) fcntl$addseals(r5, 0x409, 0x2) [ 138.635289][T12603] loop2: detected capacity change from 0 to 66 [ 138.650655][T10158] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 138.684556][T12603] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 138.723031][T12614] loop1: detected capacity change from 0 to 264192 00:40:11 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) r1 = syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000100)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r2, 0x0, 0x10001) syz_io_uring_submit(0x0, r2, 0x0, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r5, 0x0}, 0x10001) r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r6}, 0x0) r7 = socket$netlink(0x10, 0x3, 0x2) r8 = fork() sendmsg$netlink(r7, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r8, 0xee01, 0xee00}}}], 0x20}, 0x0) r9 = syz_open_dev$vcsa(&(0x7f00000000c0), 0x200, 0x0) bind$netlink(r9, &(0x7f0000000140)={0x10, 0x0, 0x25dfdbfd, 0x20}, 0xc) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000040)=@IORING_OP_CLOSE={0x13, 0x5, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r10}}, 0x3) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) [ 138.758032][T12614] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 138.768179][T12603] loop2: detected capacity change from 0 to 66 [ 138.777482][T12603] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 139.047794][T10158] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:11 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:11 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) syz_io_uring_setup(0x2d37, &(0x7f0000000040)={0x0, 0x0, 0x10, 0x80000000}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f00000000c0)=0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x10001) syz_io_uring_submit(0x0, r1, 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000480)) 00:40:11 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5ffe, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 139.173842][ T1040] loop0: p1 p2 p3 p4 [ 139.178030][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 139.184089][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 139.210051][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated 00:40:11 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:11 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 139.220952][T12647] loop2: detected capacity change from 0 to 66 [ 139.234136][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 139.249151][T12647] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 139.322748][T12647] loop2: detected capacity change from 0 to 66 [ 139.325897][T12664] loop4: detected capacity change from 0 to 264192 [ 139.335885][T12665] loop1: detected capacity change from 0 to 264192 [ 139.342867][T12647] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 139.353334][T12664] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 139.377694][T12665] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:12 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5fff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 139.497033][T12677] loop2: detected capacity change from 0 to 66 [ 139.537257][T12677] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 139.627915][T12677] loop2: detected capacity change from 0 to 66 [ 139.642495][T12677] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:12 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x6000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 139.773388][T12691] loop2: detected capacity change from 0 to 66 [ 139.799366][T12691] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:12 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 139.838757][T10158] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 139.878053][T12691] loop2: detected capacity change from 0 to 66 00:40:12 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 139.887982][T12691] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 139.898676][ T8] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:12 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x6001, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 139.952832][T12702] loop1: detected capacity change from 0 to 264192 [ 139.978878][T12702] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 140.008438][T12710] loop2: detected capacity change from 0 to 66 [ 140.029412][T12713] loop4: detected capacity change from 0 to 264192 [ 140.037225][T12710] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 140.062598][T12713] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 140.108258][T12710] loop2: detected capacity change from 0 to 66 [ 140.129537][T12710] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:12 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 140.162060][ T1040] loop0: p1 p2 p3 p4 [ 140.166238][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 140.172277][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated 00:40:12 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x6002, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 140.214148][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated 00:40:12 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 140.259266][T12730] 9pnet: Insufficient options for proto=fd [ 140.273399][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 140.308531][T12735] loop2: detected capacity change from 0 to 66 [ 140.333762][T10158] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:12 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 140.351520][T12735] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:12 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 140.379583][T12740] 9pnet: Insufficient options for proto=fd [ 140.392894][ T1040] loop0: p1 p2 p3 p4 [ 140.417036][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 140.423088][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 140.441618][T12735] loop2: detected capacity change from 0 to 66 [ 140.451314][T12735] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) 00:40:13 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x6003, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 140.476631][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 140.482680][T12750] loop1: detected capacity change from 0 to 264192 [ 140.502706][T12750] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 140.503021][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 140.561040][T12756] loop2: detected capacity change from 0 to 66 [ 140.583519][T12756] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 140.596919][T10158] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:13 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 140.600141][T12760] 9pnet: Insufficient options for proto=fd 00:40:13 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:13 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 140.632072][ T27] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 140.651146][T12756] loop2: detected capacity change from 0 to 66 [ 140.657819][T12756] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (8 blocks) [ 140.662636][T12766] 9pnet: Insufficient options for proto=fd 00:40:13 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 140.692954][T12772] loop1: detected capacity change from 0 to 264192 [ 140.707701][T12772] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 140.727410][T12778] 9pnet: Insufficient options for proto=fd [ 140.733918][T12779] loop4: detected capacity change from 0 to 264192 00:40:13 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:13 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa39b, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 140.746979][T12779] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 140.760243][ T1040] loop0: p1 p2 p3 p4 [ 140.778876][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 140.784923][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated 00:40:13 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 140.808838][T12789] loop2: detected capacity change from 0 to 81 [ 140.833682][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 140.838329][T12789] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 140.850879][ T8] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 140.857829][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:13 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 140.927709][T12789] loop2: detected capacity change from 0 to 81 [ 140.939218][T12789] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 140.949940][T12797] 9pnet: Insufficient options for proto=fd 00:40:13 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 140.994800][T12804] loop1: detected capacity change from 0 to 264192 [ 141.027367][T12804] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 141.071490][ T1040] loop0: p1 p2 p3 p4 [ 141.089573][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 141.095660][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 141.110793][ T8] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:13 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa39c, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:13 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:13 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:13 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 141.132545][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 141.155156][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 141.162232][ T8] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 141.162732][T12822] loop2: detected capacity change from 0 to 81 00:40:13 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 141.204553][T12822] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 141.210573][T12828] loop1: detected capacity change from 0 to 264192 [ 141.234707][T12828] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 141.259968][T12822] loop2: detected capacity change from 0 to 81 [ 141.262440][ T1040] loop0: p1 p2 p3 p4 [ 141.277566][T12822] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 141.288499][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 141.294535][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated 00:40:13 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 141.312066][T12846] loop4: detected capacity change from 0 to 264192 [ 141.329791][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 141.345449][T12846] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 141.349706][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:13 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa39d, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:14 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 141.432852][ T1040] loop0: p1 p2 p3 p4 [ 141.440622][T12860] loop2: detected capacity change from 0 to 81 [ 141.451221][T12860] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 141.461252][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 141.467331][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 141.491509][T12860] loop2: detected capacity change from 0 to 81 [ 141.498851][T12860] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:14 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa39e, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 141.559496][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated 00:40:14 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:14 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 141.599918][T12871] loop2: detected capacity change from 0 to 81 [ 141.610732][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 141.623800][T12871] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 141.635671][ T8] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 141.671345][T12871] loop2: detected capacity change from 0 to 81 [ 141.678442][T12871] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:14 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 141.716944][T12885] loop1: detected capacity change from 0 to 264192 [ 141.734945][T12885] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:14 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa39f, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:14 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 141.801519][ T1040] loop0: p1 p2 p3 p4 [ 141.807868][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 141.813915][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 141.860604][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 141.888354][T12901] loop2: detected capacity change from 0 to 81 [ 141.894701][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:14 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, 0x0) [ 141.930253][T12901] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:14 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:14 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 141.994616][ T1832] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 142.018104][T12901] loop2: detected capacity change from 0 to 81 [ 142.035713][ T1832] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:14 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, 0x0) [ 142.070166][T12901] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 142.101336][ T1040] loop0: p1 p2 p3 p4 [ 142.105374][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 142.105879][T12919] loop4: detected capacity change from 0 to 264192 [ 142.111444][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated 00:40:14 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, 0x0) 00:40:14 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa3a0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 142.152459][T12919] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 142.172584][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 142.180988][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 142.184929][T12931] loop1: detected capacity change from 0 to 264192 00:40:14 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r1}}) [ 142.233120][T12931] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 142.245912][ T1040] loop0: p1 p2 p3 p4 [ 142.247529][T12937] loop2: detected capacity change from 0 to 81 [ 142.256996][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 142.263022][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 142.296818][T12937] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 142.318410][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 142.337539][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 142.381728][T12937] loop2: detected capacity change from 0 to 81 [ 142.399745][T12937] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:15 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r1}}) [ 142.433334][T12955] 9pnet: Insufficient options for proto=fd [ 142.441908][ T1040] loop0: p1 p2 p3 p4 [ 142.458421][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 142.464556][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated 00:40:15 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa3a1, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 142.494990][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 142.512050][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 142.593759][T12967] 9pnet: Insufficient options for proto=fd 00:40:15 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r1}}) [ 142.637229][T12970] loop2: detected capacity change from 0 to 81 [ 142.683350][T12970] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 142.722150][T12973] 9pnet: Insufficient options for proto=fd 00:40:15 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}}) 00:40:15 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:15 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 142.786469][ T27] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 142.812335][ T1040] loop0: p1 p2 p3 p4 [ 142.818289][ T4424] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:15 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa3a2, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 142.836617][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 142.842836][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 142.869080][T12984] 9pnet: Insufficient options for proto=fd [ 142.875156][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated 00:40:15 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}}) [ 142.876610][T12990] loop2: detected capacity change from 0 to 81 [ 142.889382][T12988] loop1: detected capacity change from 0 to 264192 [ 142.911138][T12990] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 142.921218][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 142.951027][T12990] loop2: detected capacity change from 0 to 81 [ 142.959685][T12988] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 142.962974][T12999] 9pnet: Insufficient options for proto=fd [ 142.969719][T13004] loop4: detected capacity change from 0 to 264192 [ 143.004889][T12990] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 143.032145][ T1040] loop0: p1 p2 p3 p4 [ 143.036421][T13004] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 143.046101][ T1040] loop0: p1 start 1 is beyond EOD, truncated 00:40:15 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}}) 00:40:15 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa3a3, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 143.052175][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated 00:40:15 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 143.092173][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 143.110317][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 143.117407][T13018] loop2: detected capacity change from 0 to 81 [ 143.155549][T13018] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 143.168510][T13022] 9pnet: Insufficient options for proto=fd 00:40:15 executing program 0 (fault-call:6 fault-nth:0): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:15 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa3a4, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 143.200425][T13026] loop4: detected capacity change from 0 to 264192 [ 143.250772][T13026] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 143.270688][T13031] FAULT_INJECTION: forcing a failure. [ 143.270688][T13031] name failslab, interval 1, probability 0, space 0, times 0 [ 143.278722][T13032] loop2: detected capacity change from 0 to 81 [ 143.283356][T13031] CPU: 1 PID: 13031 Comm: syz-executor.0 Not tainted 5.14.0-rc4-syzkaller #0 [ 143.298217][T13031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 143.308273][T13031] Call Trace: [ 143.311560][T13031] dump_stack_lvl+0xb7/0x103 [ 143.316151][T13031] dump_stack+0x11/0x1a [ 143.320316][T13031] should_fail+0x23c/0x250 [ 143.324744][T13031] ? __se_sys_mount+0x4e/0x2e0 [ 143.329510][T13031] __should_failslab+0x81/0x90 [ 143.334274][T13031] should_failslab+0x5/0x20 [ 143.338822][T13031] __kmalloc_track_caller+0x64/0x340 [ 143.344116][T13031] ? strnlen_user+0x137/0x1c0 [ 143.348795][T13031] strndup_user+0x73/0x120 [ 143.353223][T13031] __se_sys_mount+0x4e/0x2e0 [ 143.357868][T13031] ? fput+0x2d/0x130 [ 143.361752][T13031] __x64_sys_mount+0x63/0x70 [ 143.366329][T13031] do_syscall_64+0x3d/0x90 [ 143.370735][T13031] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 143.376622][T13031] RIP: 0033:0x4665e9 [ 143.380499][T13031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 143.400091][T13031] RSP: 002b:00007f2a40c44188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 143.408487][T13031] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 143.416442][T13031] RDX: 0000000020000040 RSI: 0000000020000100 RDI: 0000000000000000 [ 143.424414][T13031] RBP: 00007f2a40c441d0 R08: 0000000020000140 R09: 0000000000000000 [ 143.432381][T13031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 143.440336][T13031] R13: 00007ffcab9dcb8f R14: 00007f2a40c44300 R15: 0000000000022000 00:40:16 executing program 0 (fault-call:6 fault-nth:1): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 143.473837][ T1040] loop0: p1 p2 p3 p4 [ 143.478517][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 143.484581][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated 00:40:16 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 143.522249][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 143.542772][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 143.553134][T13048] FAULT_INJECTION: forcing a failure. [ 143.553134][T13048] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 143.566347][T13048] CPU: 0 PID: 13048 Comm: syz-executor.0 Not tainted 5.14.0-rc4-syzkaller #0 [ 143.575117][T13048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 143.585175][T13048] Call Trace: [ 143.588457][T13048] dump_stack_lvl+0xb7/0x103 [ 143.593062][T13048] dump_stack+0x11/0x1a [ 143.595785][T13052] loop4: detected capacity change from 0 to 264192 [ 143.597223][T13048] should_fail+0x23c/0x250 [ 143.608140][T13048] should_fail_usercopy+0x16/0x20 [ 143.613179][T13048] _copy_from_user+0x1c/0xd0 [ 143.617783][T13048] strndup_user+0xb0/0x120 [ 143.622210][T13048] __se_sys_mount+0x4e/0x2e0 [ 143.625884][T13052] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 143.626805][T13048] ? fput+0x2d/0x130 [ 143.626829][T13048] ? ksys_write+0x157/0x180 [ 143.626848][T13048] __x64_sys_mount+0x63/0x70 [ 143.648781][T13048] do_syscall_64+0x3d/0x90 [ 143.653209][T13048] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 143.659172][T13048] RIP: 0033:0x4665e9 [ 143.663075][T13048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 143.682681][T13048] RSP: 002b:00007f2a40c44188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 143.691108][T13048] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 143.699077][T13048] RDX: 0000000020000040 RSI: 0000000020000100 RDI: 0000000000000000 [ 143.707393][T13048] RBP: 00007f2a40c441d0 R08: 0000000020000140 R09: 0000000000000000 [ 143.715370][T13048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 00:40:16 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x10001) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r4}, 0x80) openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0) syz_io_uring_setup(0x187, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r7 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r7, 0x0}, 0x10001) r8 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r8}, 0x0) ioctl$RTC_VL_CLR(0xffffffffffffffff, 0x7014) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000004, 0x810, r0, 0x56f6a000) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x40086602, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x4000, 0x8003}) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000200), 0x400086) ioctl$PERF_EVENT_IOC_PERIOD(r10, 0x40305829, &(0x7f0000000040)) 00:40:16 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 143.723347][T13048] R13: 00007ffcab9dcb8f R14: 00007f2a40c44300 R15: 0000000000022000 [ 143.733643][ T4424] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 143.814307][T13060] loop1: detected capacity change from 0 to 264192 [ 143.841961][T13060] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 143.920485][T13032] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:16 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa3a5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 144.101115][T13068] loop2: detected capacity change from 0 to 81 [ 144.131896][T13060] ================================================================== [ 144.140021][T13060] BUG: KCSAN: data-race in __add_to_page_cache_locked / dio_complete [ 144.148092][T13060] [ 144.150421][T13060] write to 0xffff88813602d388 of 8 bytes by task 13063 on cpu 0: [ 144.158138][T13060] __add_to_page_cache_locked+0x256/0x4b0 [ 144.163870][T13060] add_to_page_cache_lru+0xa0/0x1b0 [ 144.169078][T13060] page_cache_ra_unbounded+0x262/0x410 [ 144.174551][T13060] ondemand_readahead+0x579/0x7b0 [ 144.179587][T13060] page_cache_sync_ra+0xaf/0xe0 [ 144.184454][T13060] filemap_read+0x388/0x1220 [ 144.189060][T13060] generic_file_read_iter+0x75/0x2c0 [ 144.194362][T13060] generic_file_splice_read+0x22a/0x310 [ 144.199927][T13060] splice_direct_to_actor+0x2aa/0x650 [ 144.205315][T13060] do_splice_direct+0xf5/0x170 [ 144.210095][T13060] do_sendfile+0x773/0xda0 [ 144.214520][T13060] __x64_sys_sendfile64+0xf2/0x130 [ 144.219649][T13060] do_syscall_64+0x3d/0x90 [ 144.224075][T13060] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 144.229983][T13060] [ 144.232314][T13060] read to 0xffff88813602d388 of 8 bytes by task 13060 on cpu 1: [ 144.239945][T13060] dio_complete+0x238/0x480 [ 144.244468][T13060] __blockdev_direct_IO+0x23e3/0x2500 [ 144.249855][T13060] fat_direct_IO+0x111/0x1e0 [ 144.254459][T13060] generic_file_direct_write+0x27d/0x4f0 [ 144.260107][T13060] __generic_file_write_iter+0x1a9/0x300 [ 144.265762][T13060] generic_file_write_iter+0x75/0x130 [ 144.271149][T13060] do_iter_readv_writev+0x2cb/0x360 [ 144.276364][T13060] do_iter_write+0x112/0x4c0 [ 144.280971][T13060] vfs_iter_write+0x4c/0x70 [ 144.285482][T13060] iter_file_splice_write+0x40a/0x750 [ 144.290877][T13060] direct_splice_actor+0x80/0xa0 [ 144.295833][T13060] splice_direct_to_actor+0x345/0x650 00:40:16 executing program 4: r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x48, r0, 0x300, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @broadcast}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x81}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x48}, 0x1, 0x0, 0x0, 0x40800}, 0x4000004) prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x4000000090}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x8}, 0x0) r1 = syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f00006d5000/0x2000)=nil, &(0x7f000031e000/0x1000)=nil, &(0x7f0000000280)=0x0, &(0x7f0000000100)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r2, r3, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0}}, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r6, 0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x5, 0x0, 0x0, 0x9, &(0x7f00000005c0)={0x77359400}}, 0x10001) r7 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r7}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000600)=@IORING_OP_WRITEV={0x2, 0x1, 0x2000, @fd_index=0x2, 0xffffffffffffffff, &(0x7f0000000940)=[{&(0x7f0000000440)="5eeb3dfb80e151261940d1bbfa2ad496c6d346bb76b4cea446130f8e79f89de5941db9552e44510c445456c9d2a85935958eb21ba78e7c4a5f4959978c547058cfe5615b8dcdc4cb3d4db2555e0a65ce81e56f8ff6dc205f0d45668f8cbe05e0ce72895c141d37c2e14637aa8df20d95421897d5ed6fad4a4f1ac614475c95f1fe5a74184e77547e8a4e5fe6c31768059659b937dc66b5a478d0f652e7fb9b88b9b52db9fddd81162a54950b928951e6326824a296e2404d1b64864241adb0ff9aa1b73bf03cee2463872b28def067ced8cf417bc1d2959560e35b0605f50f5c6fd8735ef370a97a10eabc2efd", 0xed}, {&(0x7f0000000540)="3fa57f13e868f097f2e6fcef3975f0f31436e090360a2a43165adef3f2d4a440109e8a080ea96b78915fbfc45cec95a7f823fff11a0cfdc1482d8ed29f7f8a7171a5df4da54e363f1a55200720c62d305aedb69d6de84b1571936b75f4cf903dc70e574c76cea41b9aba7a99", 0x6c}, {&(0x7f00000005c0)}, {&(0x7f0000000680)="c2ceb1b3073388d0880d49923487154e72e4624998d562196dc67fc09df5352c195d96a2af1fec2ce7a074c20bd0002aab208290576be8f31506fdd2ecdc6fce5987150e499d05aed626225d46ccc0058410932a2172af929642fd03640264d6b8633b68bbc66d407c3ffc861e4847c9ae", 0x71}, {&(0x7f0000000700)="4233756db06bbeb5ea079b226cd38ef97c9f064d74fa5d9b564335cc90ca1fdfd416e9054d9453d712e54e45727c8b8fa62b9252aa0062641dc286bf812e125be5fe20fd753ef617c4b2d8c61df17c5e8ebc5be4cbb3855573871caf7816684418b4d578b93d51cdb0255dc624630c67a42893b70708978c6dac1e", 0x7b}, {&(0x7f0000000780)="0bd01ad034c5b97000b2bdee29050ad82dc8f4bd5c6c7675c3df3c9edd1e2c38827f584e46985f0105e677c9a5cfa4a029b355dc29b9e33f6fd9f63284e847c1ec12ed0f6945c374f4e51bdbb5618538ee465c94b99a49731162a06dc1df5e4f64356e57e36c3e62e5273d153f4961982dcbed03b9e63c23350b98a61afcaba5d2e9b20be03354c49b92771da3bbe2fdf3cafacc82d554748327ba816154594839449ef470fda05bf5f82410f962858ea7a1f5fe6b7f11df1ea4bd454e73e7085fccddc1", 0xc4}, {&(0x7f0000000880)="ecad1264b7633dfa716a008048864c26542f5de59c821942dec311f4ee9fb6ead1a894b1e260900d6c8711bf289f92a7b6210b3aefcaddda0cccfcfe970f90a7407d887f82e3fe9fa9cf3514312a13b9ab45a5f3cd8cb30d18829940861c1b30d261588634c1dc1047458041a07bd46bfe819058e96f851c4aef5ff26f314ac004069c09501f3a85b5a937285ea2d5bbb7438422e2", 0x95}], 0x7, 0x0, 0x0, {0x1}}, 0x0) preadv(r6, &(0x7f0000000280), 0x18, 0xd9f, 0x0) io_uring_enter(r1, 0x2a6e, 0x0, 0x0, 0x0, 0x0) connect$unix(r4, &(0x7f0000000200)=@abs={0x1, 0x0, 0x4e24}, 0x6e) poll(0x0, 0x0, 0xc8) shutdown(r4, 0x1) [ 144.301228][T13060] do_splice_direct+0xf5/0x170 [ 144.306012][T13060] do_sendfile+0x773/0xda0 [ 144.310453][T13060] __x64_sys_sendfile64+0xf2/0x130 [ 144.315586][T13060] do_syscall_64+0x3d/0x90 [ 144.320029][T13060] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 144.325941][T13060] [ 144.328258][T13060] value changed: 0x0000000000000089 -> 0x000000000000008a [ 144.335364][T13060] [ 144.337687][T13060] Reported by Kernel Concurrency Sanitizer on: 00:40:16 executing program 0 (fault-call:6 fault-nth:2): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 144.343830][T13060] CPU: 1 PID: 13060 Comm: syz-executor.1 Not tainted 5.14.0-rc4-syzkaller #0 [ 144.346818][T13068] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 144.352590][T13060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.352603][T13060] ================================================================== [ 144.384730][ T1040] loop0: p1 p2 p3 p4 [ 144.388847][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 144.394884][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 144.412832][T13068] loop2: detected capacity change from 0 to 81 [ 144.419260][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 144.427438][T13068] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 144.440385][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 144.474180][T13084] FAULT_INJECTION: forcing a failure. [ 144.474180][T13084] name failslab, interval 1, probability 0, space 0, times 0 [ 144.486917][T13084] CPU: 0 PID: 13084 Comm: syz-executor.0 Not tainted 5.14.0-rc4-syzkaller #0 [ 144.495817][T13084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.505935][T13084] Call Trace: [ 144.509269][T13084] dump_stack_lvl+0xb7/0x103 [ 144.513872][T13084] dump_stack+0x11/0x1a [ 144.518034][T13084] should_fail+0x23c/0x250 [ 144.522512][T13084] __should_failslab+0x81/0x90 [ 144.527283][T13084] ? __se_sys_mount+0xf2/0x2e0 [ 144.532059][T13084] should_failslab+0x5/0x20 [ 144.536574][T13084] kmem_cache_alloc_trace+0x49/0x310 [ 144.541904][T13084] ? _copy_from_user+0x94/0xd0 [ 144.546678][T13084] __se_sys_mount+0xf2/0x2e0 [ 144.551287][T13084] ? fput+0x2d/0x130 [ 144.555194][T13084] __x64_sys_mount+0x63/0x70 [ 144.559803][T13084] do_syscall_64+0x3d/0x90 [ 144.564238][T13084] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 144.570194][T13084] RIP: 0033:0x4665e9 [ 144.574098][T13084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 144.593789][T13084] RSP: 002b:00007f2a40c44188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 144.602306][T13084] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 144.610807][T13084] RDX: 0000000020000040 RSI: 0000000020000100 RDI: 0000000000000000 00:40:17 executing program 0 (fault-call:6 fault-nth:3): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 144.618785][T13084] RBP: 00007f2a40c441d0 R08: 0000000020000140 R09: 0000000000000000 [ 144.626767][T13084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 144.634749][T13084] R13: 00007ffcab9dcb8f R14: 00007f2a40c44300 R15: 0000000000022000 00:40:17 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:17 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa3a6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 144.687528][ T1832] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:17 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 144.747239][T13091] FAULT_INJECTION: forcing a failure. [ 144.747239][T13091] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 144.758885][T13095] loop2: detected capacity change from 0 to 81 [ 144.760429][T13091] CPU: 1 PID: 13091 Comm: syz-executor.0 Not tainted 5.14.0-rc4-syzkaller #0 [ 144.775284][T13091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.785384][T13091] Call Trace: [ 144.788666][T13091] dump_stack_lvl+0xb7/0x103 [ 144.793277][T13091] dump_stack+0x11/0x1a [ 144.797481][T13091] should_fail+0x23c/0x250 [ 144.801958][T13091] should_fail_usercopy+0x16/0x20 [ 144.807008][T13091] _copy_from_user+0x1c/0xd0 [ 144.811606][T13091] __se_sys_mount+0x115/0x2e0 [ 144.816301][T13091] ? fput+0x2d/0x130 [ 144.820248][T13091] ? ksys_write+0x157/0x180 [ 144.824892][T13091] __x64_sys_mount+0x63/0x70 [ 144.829507][T13091] do_syscall_64+0x3d/0x90 [ 144.833936][T13091] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 144.839882][T13091] RIP: 0033:0x4665e9 [ 144.843784][T13091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 144.863401][T13091] RSP: 002b:00007f2a40c44188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 144.871822][T13091] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 144.879799][T13091] RDX: 0000000020000040 RSI: 0000000020000100 RDI: 0000000000000000 [ 144.887774][T13091] RBP: 00007f2a40c441d0 R08: 0000000020000140 R09: 0000000000000000 [ 144.895820][T13091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 144.903794][T13091] R13: 00007ffcab9dcb8f R14: 00007f2a40c44300 R15: 0000000000022000 [ 144.915583][T13095] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 144.953122][T13101] loop4: detected capacity change from 0 to 264192 [ 144.962140][T13102] loop1: detected capacity change from 0 to 264192 [ 144.990224][T13095] loop2: detected capacity change from 0 to 81 [ 145.003079][T13095] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 145.014291][T13101] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 145.027696][T13102] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:17 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa3a7, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 145.232087][T13117] loop2: detected capacity change from 0 to 81 [ 145.251170][T13117] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:17 executing program 0 (fault-call:6 fault-nth:4): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 145.297480][ T1040] loop0: p1 p2 p3 p4 [ 145.302396][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 145.308556][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 145.317340][T13117] loop2: detected capacity change from 0 to 81 [ 145.327995][T13117] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 145.355285][T13126] FAULT_INJECTION: forcing a failure. [ 145.355285][T13126] name failslab, interval 1, probability 0, space 0, times 0 [ 145.367935][T13126] CPU: 1 PID: 13126 Comm: syz-executor.0 Not tainted 5.14.0-rc4-syzkaller #0 [ 145.376694][T13126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 145.386747][T13126] Call Trace: [ 145.390070][T13126] dump_stack_lvl+0xb7/0x103 [ 145.394674][T13126] dump_stack+0x11/0x1a [ 145.398861][T13126] should_fail+0x23c/0x250 [ 145.403341][T13126] ? getname_flags+0x84/0x3d0 [ 145.408145][T13126] __should_failslab+0x81/0x90 [ 145.412962][T13126] should_failslab+0x5/0x20 [ 145.417482][T13126] kmem_cache_alloc+0x46/0x2e0 [ 145.422260][T13126] getname_flags+0x84/0x3d0 [ 145.426794][T13126] user_path_at_empty+0x28/0x50 [ 145.431690][T13126] __se_sys_mount+0x209/0x2e0 [ 145.436377][T13126] ? fput+0x2d/0x130 [ 145.440396][T13126] ? ksys_write+0x157/0x180 [ 145.444908][T13126] __x64_sys_mount+0x63/0x70 [ 145.449538][T13126] do_syscall_64+0x3d/0x90 [ 145.454052][T13126] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 145.459969][T13126] RIP: 0033:0x4665e9 [ 145.463864][T13126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 145.483535][T13126] RSP: 002b:00007f2a40c44188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 145.491954][T13126] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 145.500026][T13126] RDX: 0000000020000040 RSI: 0000000020000100 RDI: 0000000000000000 [ 145.508060][T13126] RBP: 00007f2a40c441d0 R08: 0000000020000140 R09: 0000000000000000 [ 145.516038][T13126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 145.524009][T13126] R13: 00007ffcab9dcb8f R14: 00007f2a40c44300 R15: 0000000000022000 [ 145.542742][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated 00:40:18 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa3a8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 145.558107][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 145.662689][T13137] loop2: detected capacity change from 0 to 81 [ 145.681964][T13137] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:18 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa3ab, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:18 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 145.779528][T13143] loop2: detected capacity change from 0 to 81 [ 145.805838][T13143] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:18 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 145.907237][T13143] loop2: detected capacity change from 0 to 81 [ 145.931461][T13143] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 145.939431][T13152] loop1: detected capacity change from 0 to 264192 00:40:18 executing program 0 (fault-call:6 fault-nth:5): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 145.966377][T13152] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 146.001449][T13160] loop4: detected capacity change from 0 to 264192 [ 146.008394][ T1040] loop0: p1 p2 p3 p4 00:40:18 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa3ad, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 146.018222][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 146.024247][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 146.029177][T13166] FAULT_INJECTION: forcing a failure. [ 146.029177][T13166] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 146.044136][T13160] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 146.044422][T13166] CPU: 1 PID: 13166 Comm: syz-executor.0 Not tainted 5.14.0-rc4-syzkaller #0 [ 146.062241][T13166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 146.072294][T13166] Call Trace: [ 146.075574][T13166] dump_stack_lvl+0xb7/0x103 [ 146.080173][T13166] dump_stack+0x11/0x1a [ 146.084330][T13166] should_fail+0x23c/0x250 [ 146.088762][T13166] should_fail_usercopy+0x16/0x20 [ 146.093851][T13166] strncpy_from_user+0x21/0x250 [ 146.098709][T13166] getname_flags+0xb8/0x3d0 [ 146.103281][T13166] user_path_at_empty+0x28/0x50 [ 146.108155][T13166] __se_sys_mount+0x209/0x2e0 [ 146.112840][T13166] ? fput+0x2d/0x130 [ 146.116768][T13166] ? ksys_write+0x157/0x180 [ 146.121275][T13166] __x64_sys_mount+0x63/0x70 [ 146.125897][T13166] do_syscall_64+0x3d/0x90 [ 146.130412][T13166] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 146.136317][T13166] RIP: 0033:0x4665e9 [ 146.140209][T13166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 146.159822][T13166] RSP: 002b:00007f2a40c44188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 146.168285][T13166] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 146.176254][T13166] RDX: 0000000020000040 RSI: 0000000020000100 RDI: 0000000000000000 [ 146.184277][T13166] RBP: 00007f2a40c441d0 R08: 0000000020000140 R09: 0000000000000000 [ 146.192272][T13166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 146.200243][T13166] R13: 00007ffcab9dcb8f R14: 00007f2a40c44300 R15: 0000000000022000 [ 146.211877][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 146.221905][T13175] loop2: detected capacity change from 0 to 81 [ 146.241688][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 146.264231][T13175] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:18 executing program 0 (fault-call:6 fault-nth:6): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 146.365731][T13175] loop2: detected capacity change from 0 to 81 [ 146.377478][T13175] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 146.397517][T13184] FAULT_INJECTION: forcing a failure. [ 146.397517][T13184] name failslab, interval 1, probability 0, space 0, times 0 [ 146.410267][T13184] CPU: 1 PID: 13184 Comm: syz-executor.0 Not tainted 5.14.0-rc4-syzkaller #0 [ 146.419035][T13184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 146.429099][T13184] Call Trace: [ 146.432386][T13184] dump_stack_lvl+0xb7/0x103 [ 146.437002][T13184] dump_stack+0x11/0x1a [ 146.441171][T13184] should_fail+0x23c/0x250 [ 146.445610][T13184] __should_failslab+0x81/0x90 [ 146.450387][T13184] ? alloc_fs_context+0x46/0x500 [ 146.455418][T13184] should_failslab+0x5/0x20 [ 146.459937][T13184] kmem_cache_alloc_trace+0x49/0x310 [ 146.465250][T13184] alloc_fs_context+0x46/0x500 [ 146.470032][T13184] ? strncmp+0x34/0x70 [ 146.474224][T13184] fs_context_for_mount+0x1d/0x20 [ 146.479267][T13184] path_mount+0xdf5/0x1ce0 [ 146.483700][T13184] __se_sys_mount+0x23d/0x2e0 [ 146.488475][T13184] ? fput+0x2d/0x130 [ 146.492455][T13184] __x64_sys_mount+0x63/0x70 [ 146.497066][T13184] do_syscall_64+0x3d/0x90 [ 146.501501][T13184] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 146.507464][T13184] RIP: 0033:0x4665e9 [ 146.511362][T13184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 146.530974][T13184] RSP: 002b:00007f2a40c44188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 146.539431][T13184] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 146.547413][T13184] RDX: 0000000020000040 RSI: 0000000020000100 RDI: 0000000000000000 [ 146.555397][T13184] RBP: 00007f2a40c441d0 R08: 0000000020000140 R09: 0000000000000000 [ 146.563434][T13184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 146.571417][T13184] R13: 00007ffcab9dcb8f R14: 00007f2a40c44300 R15: 0000000000022000 [ 146.584672][ T27] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 146.593957][ T4424] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:19 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:19 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa400, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:19 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 146.690426][T13191] loop4: detected capacity change from 0 to 264192 [ 146.723083][T13191] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 146.785579][T13200] loop2: detected capacity change from 0 to 82 [ 146.786970][T13201] loop1: detected capacity change from 0 to 264192 [ 146.826655][T13200] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 146.853933][T13201] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 146.886813][T13200] loop2: detected capacity change from 0 to 82 [ 146.896327][T13200] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:19 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa4a4, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:19 executing program 0 (fault-call:6 fault-nth:7): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 147.062344][ T1040] loop0: p1 p2 p3 p4 [ 147.066485][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 147.072514][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 147.074893][T13222] loop2: detected capacity change from 0 to 82 [ 147.100811][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 147.129417][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 147.136852][T13222] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 147.141174][T13227] FAULT_INJECTION: forcing a failure. [ 147.141174][T13227] name failslab, interval 1, probability 0, space 0, times 0 [ 147.158763][T13227] CPU: 0 PID: 13227 Comm: syz-executor.0 Not tainted 5.14.0-rc4-syzkaller #0 [ 147.167532][T13227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 147.177586][T13227] Call Trace: [ 147.180865][T13227] dump_stack_lvl+0xb7/0x103 [ 147.185461][T13227] dump_stack+0x11/0x1a [ 147.189621][T13227] should_fail+0x23c/0x250 [ 147.194050][T13227] __should_failslab+0x81/0x90 [ 147.198824][T13227] ? legacy_init_fs_context+0x2d/0x70 [ 147.204212][T13227] should_failslab+0x5/0x20 [ 147.208722][T13227] kmem_cache_alloc_trace+0x49/0x310 [ 147.214053][T13227] ? kmem_cache_alloc_trace+0x20f/0x310 [ 147.219612][T13227] ? alloc_fs_context+0x46/0x500 [ 147.224606][T13227] legacy_init_fs_context+0x2d/0x70 [ 147.229911][T13227] alloc_fs_context+0x419/0x500 [ 147.234774][T13227] fs_context_for_mount+0x1d/0x20 [ 147.239816][T13227] path_mount+0xdf5/0x1ce0 [ 147.244266][T13227] __se_sys_mount+0x23d/0x2e0 [ 147.248971][T13227] ? fput+0x2d/0x130 [ 147.252877][T13227] __x64_sys_mount+0x63/0x70 [ 147.257479][T13227] do_syscall_64+0x3d/0x90 [ 147.261946][T13227] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 147.267881][T13227] RIP: 0033:0x4665e9 [ 147.271831][T13227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 147.291445][T13227] RSP: 002b:00007f2a40c44188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 147.299907][T13227] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 147.307919][T13227] RDX: 0000000020000040 RSI: 0000000020000100 RDI: 0000000000000000 [ 147.315895][T13227] RBP: 00007f2a40c441d0 R08: 0000000020000140 R09: 0000000000000000 [ 147.323868][T13227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 147.331932][T13227] R13: 00007ffcab9dcb8f R14: 00007f2a40c44300 R15: 0000000000022000 [ 147.350790][ T1832] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 147.375889][ T1040] loop0: p1 p2 p3 p4 00:40:19 executing program 0 (fault-call:6 fault-nth:8): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 147.379927][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 147.385960][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 147.400180][T13222] loop2: detected capacity change from 0 to 82 [ 147.416936][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 147.428960][T13242] FAULT_INJECTION: forcing a failure. [ 147.428960][T13242] name failslab, interval 1, probability 0, space 0, times 0 [ 147.441792][T13242] CPU: 0 PID: 13242 Comm: syz-executor.0 Not tainted 5.14.0-rc4-syzkaller #0 [ 147.450549][T13242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 147.460408][T13222] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 147.460637][T13242] Call Trace: [ 147.460645][T13242] dump_stack_lvl+0xb7/0x103 [ 147.460664][T13242] dump_stack+0x11/0x1a [ 147.482059][T13242] should_fail+0x23c/0x250 [ 147.486506][T13242] __should_failslab+0x81/0x90 [ 147.491276][T13242] ? v9fs_mount+0x41/0x4c0 [ 147.495731][T13242] should_failslab+0x5/0x20 [ 147.500249][T13242] kmem_cache_alloc_trace+0x49/0x310 [ 147.505546][T13242] ? tsan.module_ctor+0x10/0x10 [ 147.510503][T13242] v9fs_mount+0x41/0x4c0 [ 147.514760][T13242] ? selinux_capable+0x34/0x40 [ 147.519705][T13242] ? tsan.module_ctor+0x10/0x10 [ 147.524569][T13242] legacy_get_tree+0x70/0xc0 [ 147.529171][T13242] vfs_get_tree+0x4a/0x1a0 [ 147.533778][T13242] path_mount+0x11d4/0x1ce0 [ 147.538292][T13242] __se_sys_mount+0x23d/0x2e0 [ 147.542981][T13242] ? fput+0x2d/0x130 [ 147.546978][T13242] __x64_sys_mount+0x63/0x70 [ 147.550288][ T1040] loop0: p4 size 32768 extends beyond EOD, [ 147.551598][T13242] do_syscall_64+0x3d/0x90 [ 147.551610][ T1040] truncated [ 147.565114][T13242] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 147.571018][T13242] RIP: 0033:0x4665e9 [ 147.574956][T13242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 147.594572][T13242] RSP: 002b:00007f2a40c44188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 147.602986][T13242] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 147.611004][T13242] RDX: 0000000020000040 RSI: 0000000020000100 RDI: 0000000000000000 [ 147.618987][T13242] RBP: 00007f2a40c441d0 R08: 0000000020000140 R09: 0000000000000000 00:40:20 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 147.627110][T13242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 147.635088][T13242] R13: 00007ffcab9dcb8f R14: 00007f2a40c44300 R15: 0000000000022000 00:40:20 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa79c, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 147.720583][T13254] loop1: detected capacity change from 0 to 264192 [ 147.741340][T13254] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 147.769779][T13258] loop2: detected capacity change from 0 to 83 [ 147.797845][T13258] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:20 executing program 0 (fault-call:6 fault-nth:9): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 147.842286][ T1040] loop0: p1 p2 p3 p4 [ 147.846420][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 147.852452][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 147.860799][T13258] loop2: detected capacity change from 0 to 83 [ 147.870734][T13258] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 147.880512][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 147.899863][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 147.919668][T13272] FAULT_INJECTION: forcing a failure. [ 147.919668][T13272] name failslab, interval 1, probability 0, space 0, times 0 [ 147.932312][T13272] CPU: 1 PID: 13272 Comm: syz-executor.0 Not tainted 5.14.0-rc4-syzkaller #0 [ 147.941109][T13272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 147.951163][T13272] Call Trace: [ 147.954436][T13272] dump_stack_lvl+0xb7/0x103 [ 147.959032][T13272] dump_stack+0x11/0x1a [ 147.963193][T13272] should_fail+0x23c/0x250 [ 147.967629][T13272] ? v9fs_session_init+0x48/0xcf0 [ 147.972696][T13272] __should_failslab+0x81/0x90 [ 147.977464][T13272] should_failslab+0x5/0x20 [ 147.981970][T13272] __kmalloc_track_caller+0x64/0x340 [ 147.987380][T13272] ? save_fpregs_to_fpstate+0xd8/0x110 [ 147.992857][T13272] kstrdup+0x31/0x70 [ 147.996758][T13272] v9fs_session_init+0x48/0xcf0 [ 148.001686][T13272] ? __schedule+0x42a/0x670 [ 148.006462][T13272] ? should_fail+0xd6/0x250 [ 148.011029][T13272] ? kmem_cache_alloc_trace+0x20f/0x310 [ 148.016657][T13272] ? v9fs_mount+0x41/0x4c0 [ 148.021083][T13272] v9fs_mount+0x57/0x4c0 [ 148.025342][T13272] ? selinux_capable+0x34/0x40 [ 148.030118][T13272] ? tsan.module_ctor+0x10/0x10 [ 148.034973][T13272] legacy_get_tree+0x70/0xc0 [ 148.039571][T13272] vfs_get_tree+0x4a/0x1a0 [ 148.043996][T13272] path_mount+0x11d4/0x1ce0 [ 148.048511][T13272] __se_sys_mount+0x23d/0x2e0 [ 148.053216][T13272] ? fput+0x2d/0x130 [ 148.057121][T13272] __x64_sys_mount+0x63/0x70 [ 148.061784][T13272] do_syscall_64+0x3d/0x90 [ 148.066244][T13272] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 148.072150][T13272] RIP: 0033:0x4665e9 [ 148.076046][T13272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 148.095750][T13272] RSP: 002b:00007f2a40c44188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 148.104242][T13272] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 148.112272][T13272] RDX: 0000000020000040 RSI: 0000000020000100 RDI: 0000000000000000 [ 148.120250][T13272] RBP: 00007f2a40c441d0 R08: 0000000020000140 R09: 0000000000000000 [ 148.128225][T13272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 148.136211][T13272] R13: 00007ffcab9dcb8f R14: 00007f2a40c44300 R15: 0000000000022000 00:40:20 executing program 3: syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000080)=[{&(0x7f00000002c0)="eb3c8f000000732e66617400020101000240008080f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000000)=ANY=[]) chdir(&(0x7f0000000000)='./file0\x00') r0 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6000) io_setup(0x202, &(0x7f00000003c0)=0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x100000169042, 0x0) ftruncate(r2, 0x10099b8) r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000001700)={0x3, [], 0x8, "eed8cc6953666c"}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYBLOB="07000000000000003f00000000000000800000000000000009000000000000000900000000000000ffffffff0000000004000000050000009800000001000000ff0000000000000025ffffffffffffff01800000000000000400000000000000480000428a8d529e67538337d500000000000000000000000000000000000000000000000000000000000000000000d312a45feda4baec00000000000000000000000000000000000000000000000000000000000000000000000000000000000000daf206366c8e65c63ea6d630e2d52e430662de8ce281f6afad6c7556537a496a64ea1f2d06e0d28a9f31bbef2bcb8db99ffd4403ef367a9b47dc4ff8cf2fe1dac1fb2fd1cd11a109dd0b"]) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000062c40)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}], 0x0, "8bebeb894f74c3"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f0000057540)={0x826f, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0xcf, "70da4d1e77691f"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001640)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000054480)={0x29aa, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}], 0x4, "91e3a11f42bc17"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000058540)={0x0, 0x0, "8b7ba6dcbb9d7b96692f029fe9053528ee1939240aaabd7ebc156a4462aa85c3777254d5894ec79793386c68c8b961439cacaeb032b7741f0de56ec59981532c80b63a2ec9d84b1c26ab26e4e80c01e0f3d6f27b70c8365dfd341c2e9793aa0d7f43c2c9477a4a078788b9bd934b6cde99c963639fae00ef41cdf07d00980146478e5e8dd431d0ce34756712437ff4ccc32071f07ca19d57fb0a982da1ff8487cf82005a58a1b29d5e3d73606e3cf9a5732e36ef9945f90426dae3c942f92e14b34b77be951bc05f8345e6a81ec6267a8946b59a0f1fd5dfe4a202057f8b8c1239f481d319421a271a4806a71e01aca7c0a5f85723da884b2a9971742121cf4d", "c8c7c28d495a2e1d8f31fddba21f6e7401f26d61c2106900637fd719c61fcc3b795d37109267aa7be37856b585703a28b62c96129b16eb0a23da1545ed2e2d27860fa75e6bad1c69845891dfb10ecf7a56a180827ead3ffffc5867b94cc32737d50fab8f218456fb8e7781538735cdd86316cf1ddff3f1b7f1a0ddbfabbd6d9ea305ade19422052971e9c946b64be31d6285764cb24e6977a97de4ab3b5616e07360fef2cf2a6e8f4debe18a31d7ac6a272030e9efe0a7d5a740a2d7f1f81f6c44370efbb2ab5bd74e881ed4c36e58f0482fcd6b987ff913457982e194b2acaef8fd7ebe3b265bdc43a2f47ba325419654aab77367f388348b7b1af2a76bc9d8b3fc2cc90c0e99fe691a33cb405140d7f71abf0befab3f626c86f45059892a76d1c96f454905648f1e304a4ef06b5f6b22a0c77970d34ffbd130965b7b7391fcbd2677a100a6efb6929f9ef24eeea5cda926a76e929e20f40710f2036a2db5ac35f41d17ecadafdfe8018e8fa865fc4b417fcd2a4b37ef9a5d38fd44cbf98aa261b1de67b018605a80ab01205b586b1ed15b79cdef7a91cac2f23df5c76d8512e73ad093735d744d5fb57fc59f124991503c965cf004469c26e095ef09749975b2a16a387078996568f2ad8170bb5b830cf237fe3c7f9bd9d7e68a641b51cce5c57a009b9f0de60c57c46d4ea5b5249d2b9a9ad5b945bf897d42267c4a26269ceef55d55d2a467e9a2c874c065d6a1b872f9f631efe6f163416349487e8bc8fe6d13da1f8f3492e78132ac6fdaa03fc486f09f4f29ec07690eaabd5d87e5ed338464baee93b9d9f619d3dc3d1b206be91f97afc3cb991863d8b46feca380716e946bb4f1c8c0bbb02504eb9423d9a1b69ea355df2856ae125ec01b54af74a176a978905f91f6b2d213b4ed83b5052241cef8c4797d9c22833496f1ef4f897ff22d79b9e57b0be4152353d2ee0496e7dcb368bd4f40b35c71a6c66fcb88c6491fa0fccbb8e04600d514a8341d25d64cfd8c81be4a2c62308b0545b1583fde59ff88bad4cc2142a80cc3a02d41b0ff6f2f6a3bc6b3ea098490893b6fa9a5bb9597fe2a8d6a0028d50c745fcd5853f6914dbc1fdf4c367a790e2a459f66b88443e5ef81f4a8dc4bbe40ec60370cb7d77c102e3a7e739e8848d76103144121874e38c104afdb7585c94a0b03256083c97b42dd3cd722e21ced657234c584a9e4f91fe64c60bbd16598817e0c7faf3de45869895477a39d082327361a55441e4d4f737f0ee89fe48ce5cd43a90e0bc00edfc31771f20032e1f18303a91068f64701df684699c4206c52b522d3893fddf5562818d5e74c839cffeb2515573d1cb9431cd0d17fa9fcf09245733556173184128b9f6d2617f0cfe05e0d11ecff16af79aeaf6ae96f638cbdb03707660db0abfc2b5a0287c346b20d6aff0096f4ae3511566a3bcf3a105e57e44609000ebcef4ce6d495867d6f47c5fced0a4ed7cded6c43ef27584fc5cfe0e200d7c7102114084fd8278031277725962776c5525d84bc418b2fd61e8185949f9bcf52b9f6452479d25cda6921340e468d327f6f87aa656a373a92aac64906902de7f42a5a4a9d6b19dc7d50a2c3c9dae5c754fe3b05e2c57c637406d82ff0a55ae3892fe45d11d6641f5d118becf6f477000796f0ad416427d25f86b90bd70a56e0e72b88623121761709655e38d02b6991bf2dc04f64eb94cdc7b00d3f4c25f011a97a16be6fe1bf26b1a8ffab03f1068e89068bd2fbbb032fccb80da2a2f413fa94a20538f148a773e4660b860ff14728f7b696309d29a414e803cf2bc830bed1ef9a8b9512c5be288a10ed6dd0fdabb5d488d5050eece2a04d66c36f1cd9a4222773ad19eaf8c5ae7284b2f55be528b22f06ee7b13900aadf3a173cf84e83754b87551ccb3277c51e2c02705151dda0b78f7748cdd22a35fc7da91f64182a65b8bd36518f722891687c824405830d5cd4dadaf9e308ded0e85599b6003b53b1cd30cd6b7161100fbd7128e200651a96e24abb63395d3db14fad397543701f79c618a5f6cf01fa1fff442a3a7714a3f1b6490108282176ed7d3dbcaf7ba4e37e941fc1118b8ed400b7064b83167833f4656c8c86631eff0a7c59534e579479b14994a156b95122df630ff9aff26a59d23638be90718598e413804d35e3b32c5d067d4abed58b6ff8c616c9fce16ee46150f0b53ceb2e2963ed1870180b3433202cd050de790ae5a09b73e36a4cd29eb90223e2327c89962ae1dd5106fa692ed8ec0e0b1eaa76e9291703a54813a84e8cd4967ab62231e634c8cf31f7fea5c27db1a34e6c072b1b729dc362156f22f8cf53258c0d15ce74ae1664d98042359079cdd6fc1b7ee09b46d3facd1c0f72a2c006f319092f8a140d619589722bfa120fb281bf1dbac6730b57d1b07a59bc534760ce934c5d6275a34a9bb8ca9379e313346bfdbaeee9bf4ec28759e93d29f158ce87d02f4dd3551b4114893a8d6c266c8753b25d93c950e4db950822ad9f048a2ab8af757d0bce48d7cea0b720a7c86854fecee1b298f7198a6963ca389a4c485fd27230fd9ed83c63c6eabecf407fff09025c9c2b0710847e6d1330471b9d1bc0858d808a394dd27c2c5e0d998e12480332876146f6f0c4715295c2061edbbe44456114f144b827b9440651db2f956d767d4fcbd28e246ed5c7960ef7c9612fc64ef3af5ad55520590a0a63d309651b468e072abca2195bc661942f3ea4b0b37a3cbebd547f8b6a80fb37c56a82e7fe475c0fe43ba75f32297415ead409aac99f39ca7cefd4fc7f78f0f1249274120bf4972022ce8603ee1fccefce4d90d6b7fe1f55d0b3cdba97946c3d6a1480dbbe998be351805de3028c69f689afa7f318a732c6ebbad17a9092050a4b92cd08da92d0bf7e87672bcd9cf1f917cbc4998ea155f6e703397664473708ef6f1c08d06810f40dcfd19f8f42af5a0136f334d56b8588bfab1a019cddd1bb6ac4c0cce6b061ec46d1ad08a0e265cc5067f3604870b1d2f8f6efdb0444be887975327be22b9f0446a0613d7e3e7340f7c0bf80f65e3bba3af9fbe2018755df91433af99df0271d7cba3075e0943c74473671b2773f28c073a442dd0b3927789e886d8dacb1855b69243da8a27e26334b7da91fbc84b202321621dc27f15b7c048096775c7ceda5d1a80b579a42eb1660478b43653180a445e143241a52e95d21f3de0aa49eea2ac4b14f148e8261784cdcc750d2a1b28512eba46b54a805ec2283c1a7b59a665071a23ddcd272528f63f7e6147999361d1cd10d0a665945cc8c91aed7ddeaaf00e5c0c27838eb911036095074c758384031e114ecd0a3cbe9e76d6d5fbc391de32c890c0edd31e5f46909d94ae79f5fe75952aff5d06f831cecf8305bb5374fa38591edf9557db878b113c18acbc4adc001d578ada1452932003830be99f8aac7d5320a80607e9a8626bcd046ca138da7a7a5f812f21cf24a0dd548b9b5b9b69a176aa5174e5ddee97ebd641bc1f2229a4cbdec5551e674881e7b13069639c48de4b04a80b1ef976a73ddf1c63d9b608cf0a6fd2bb0944d4ef979bc9699f338ab50e80aaefa8bf7189bd6a49174d15d977f344ca99589ca36e2dfb4b5a83eb1a6c0ba4ad684c8bde0b02c3e9b36ef64d33056aead55d3737711d819e21910b958eb92e4eb2a3339041a1d7866c5ed307fc4a38b5a1c9528fb34c6e51f1e534b99c09fc427694aaa55898f607606fefff99dfdf39ca0e24c21873602a3edb85ece6ec07e6d82d268aad8a181bf0d0b3e26a6bf0852408c76a7e7dd2ca1e2ecb8ab9fd36507e050af2a68f36d161a2f816a72ff43a76e322a055af779b6f73c0fc47944bea8f557d942a1f135913a778cbf80f745b96bfce6586eb139464750f6693abdfb6a93c5376c48ce0c0954c1e3ff87e0a24c0807cf38adaed78fb654b8dd47312cedcffd0884856b2c33d5b2b3ac5fa3b505d811f495a109545152fa2cb6cbbcecef17cbcd15b48bef614a6a30f3bce28662d7e044b26156939b082485368b4bbe38e030e9d3cead2b7f1399b50f4a3ec6ff4e13906af7e8281cf5b007f53103c819ec8e1d65d7fc17b7c0c0d85e7574fb18cf6f36cce95b3716006d4f71abdbdad61ef361a0297d4a8c4d13d56baf6bcae4c6d89ee54c87895f99ac1c13f76937414dd19cbcb14851f40a2b2cfa8cb4b045abbc3a8697d653294f3802ade37f0e20e94436830f2432615657235927294a9f088874c63ae24ceac87a1b02416ef09b272475a76c203bf51ae521083ea35b9cafbd073794897c96020f99b931826102baa29df5e58df591a333fc50833f441f0ac2370659de14e1ed9c5ccb16f4baf363b70b73430515264385847964a8023ed59c43db80c782859b1ee825a3f76348526f5ab890631cd13668b185ed88777edd3d7fd35d7b43b5725c3515e744ddb18b453c2c41ac899cee435787397dbd5d93a6c4f0358cb1bfe67267a908b04b8fe17d4ff6f917e67df575408fc84a8930a9827a8388336f539d067cc10e8456f5180fdca902b4fe5f3cda2bd0c772c353e666dcc1839667604745b4fd8a50dc19905611c415f84c5a284f31a0abe71bbf032565cdb911c81029b51582199586dd7171334d67cc9149f5f6a0c1c159b13117adcc5d7488c22ed1c390b0dba3ab4bed4ee7702b01af96b5837a0cb87539cf44e4a7e8ed6f34ecdda30875a541d83976d404e9079f6f4f696a4bddc25cae26f04a0f7a248c5b6c8749eecf27500296040cf89ca98cd0e7577f1e700656437b402198086767e2d325ef45f8b71a76476bd5c2053e79bf1978360884c9ac5ab5d37fdadd25a5fdec970b0a1334165cd52950cc798c24edfc2a2766248b9f131370363fb14d8cb2ee928aabdbdb8683796193664920b3b282fd5205b6ffc583a518a87ad4912ac1f40f44df6ce48f9cafd203dca4cdab4e28212f943a628579ab78c7230b1f4d0e5cc777b0dd7c76bd2aa274d59f3b03ae05340f10c4fde47a4da610567fd4f11c3ae6121a983af8ab0f12b45a7da5c68cdc5a0ebe2d759bf9570827d57f468e3aeecec8215d8bc69613138b77b70d2fd09b33f10c2f9eefd0e0c1ebaa4fcb447a37b9847c9d4cb2e7d54b65e16baa60716641b8422d6282fcb2530b349d161622d2f6e1384ff277690e1dee178d865d099607223fd927fb397109a2ec2bd3536b9cb5c4f11f89749fce6ceee32de24adc41622b847ecb465532616d3c5d411eba890b024d1a2bfed77582caeec0146a5de9574400995452f550a6e166b3c4747924df2277ed0bdd870efa54d4bc812ab7b04766dc08daa1ed2056970412318f6b349a98c8aceabe055b28c8be1c1305cb03c218077927f5a766bd2cf85dc29a573b0bb0d02f5954e99"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000059540)={0x2, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {0x0, r6}, {r7}], 0xfe, "f85ee040d36c41"}) io_submit(r1, 0x3, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x3a5, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}]) 00:40:20 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, 0x0, 0x0, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:20 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:20 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa79d, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 148.159471][ T1832] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:20 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x2, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 148.226929][T13285] loop2: detected capacity change from 0 to 83 [ 148.236220][ T1040] loop0: p1 p2 p3 p4 [ 148.250231][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 148.256272][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 148.265134][T13285] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 148.279053][T13297] loop1: detected capacity change from 0 to 264192 [ 148.286284][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 148.297618][T13297] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 148.306984][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:20 executing program 3: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:20 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x2) r1 = fork() sendmsg$netlink(r0, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xee01, 0xee00}}}], 0x20}, 0x0) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x9, 0x0, 0x0, 0x7}, 0x10) r3 = dup2(r2, r2) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) r5 = gettid() ptrace$cont(0x18, r5, 0x7, 0x2) sendmsg$TIPC_CMD_SET_LINK_PRI(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="040028bd7000ffdbdf25010000000000000008410000004c00180000000862726f6164636173742d6c696e6b00"/98], 0x68}}, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x200, 0x70bd25, 0x25dfdbfc, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000015) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000700100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000def4655f000000000000000001000000000000000b0000000004000008000000d2c201001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000efdd79b7c3654313ac0cec53e79dcbaf010040", 0x1f, 0x4e0}, {&(0x7f0000010300)="03", 0x1, 0x644}, {&(0x7f0000010400)="03000000040000000500000017000f000300040000000000000000000f008551", 0x20, 0x800}, {&(0x7f0000010e00)="ed41000000040000def4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1800}], 0x0, &(0x7f0000013800)) r6 = epoll_create1(0x0) fcntl$getownex(r6, 0x10, &(0x7f00000000c0)) r7 = signalfd(r0, &(0x7f0000000040)={[0x10001]}, 0x8) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x120000, &(0x7f0000000140)=ANY=[@ANYRES32=r7]) [ 148.331191][T13285] loop2: detected capacity change from 0 to 83 [ 148.342357][T13285] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:20 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x7, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:21 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0xa, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:21 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa79e, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 148.421330][T13314] loop4: detected capacity change from 0 to 1024 [ 148.480278][T13333] loop2: detected capacity change from 0 to 83 [ 148.490773][T13314] EXT4-fs error (device loop4): ext4_quota_enable:6438: comm syz-executor.4: Bad quota inode # 3 [ 148.499964][T13333] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 148.501440][T13314] EXT4-fs warning (device loop4): ext4_enable_quotas:6478: Failed to enable quota tracking (type=1, err=-116). Please run e2fsck to fix. [ 148.525736][T13314] EXT4-fs (loop4): mount failed 00:40:21 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x10, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 148.542656][ T1040] loop0: p1 p2 p3 p4 [ 148.551563][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 148.557578][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 148.577402][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 148.586518][T13333] loop2: detected capacity change from 0 to 83 [ 148.597635][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 148.602068][T13333] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 148.627713][T13337] loop4: detected capacity change from 0 to 1024 00:40:21 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x22, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 148.643253][T13337] EXT4-fs: failed to create workqueue [ 148.648759][T13337] EXT4-fs (loop4): mount failed [ 148.671770][ T1040] loop0: p1 p2 p3 p4 [ 148.687724][ T1040] loop0: p1 start 1 is beyond EOD, truncated 00:40:21 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, 0x0, 0x0, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 148.693848][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 148.717902][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 148.736965][ T8] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:21 executing program 4: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x147, &(0x7f0000000300)="8d31e1d55b6939000000e28c0b1dd2a357b264c8745b78376e18cd3d3dfcb946cf885a21539a0c4a081ceeb24a1d9273bc98f78631776333afd16d66c13830c1beaa1b950e000000000000ab69347b9a915308c482353c485f8bb2965cd7e1292aaa6375f12e59f92cba4a37c9686d403d3a82d09ecbe57d3c3ec2117496b2dd4837334f2de9a39640516defd1e86cdf7a3585dea46ced4a31aaeddba0fa19737336aa9a0edba44df0b8138ed7f91262b41da05a13cd0bdb0d9ababc3074e95d7298a63d1be6978b3cb28d1eafc9615c7a9fb113bd94e0825e7850f5d86a23757ac244d58d632599ea5929fe74774d989ea9d90e9ee65d489860e678532bfa9deb3078094f165f2800b2e237639a4c2ef5fb36f7763e95066727bc95a9beeb326008c56b13fd52f09b7b160f994b94db76b612886c59c05415f209f4e28505e32865e8c4b67e0b"}}], 0x1c) wait4(r0, 0x0, 0x1, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190010000400000007fd17e5ffff080004000000282459801b", 0x39}], 0x1) tkill(r0, 0x1) sendmsg$IPCTNL_MSG_CT_GET_STATS(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x5, 0x1, 0x101, 0x0, 0x0, {0xb, 0x0, 0x2}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4040804}, 0xc0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x38) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) wait4(0x0, 0x0, 0x0, 0x0) r2 = gettid() wait4(0x0, 0x0, 0x0, 0x0) tkill(r2, 0x34) r3 = socket$netlink(0x10, 0x3, 0x2) r4 = fork() sendmsg$netlink(r3, &(0x7f0000000600)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r4, 0xee01, 0xee00}}}], 0x20}, 0x0) sendmsg$NL80211_CMD_LEAVE_OCB(r3, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0002b827bfd15a36189f04aeff00124bb72abd7000"/33, @ANYRES32=0x0, @ANYBLOB="0c009900ff0000007c000000"], 0x28}, 0x1, 0x0, 0x0, 0x810}, 0x4020001) 00:40:21 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa79f, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 148.746392][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:21 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x700, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 148.846037][T13385] loop2: detected capacity change from 0 to 83 [ 148.861834][ T1040] loop0: p1 p2 p3 p4 [ 148.861940][T13390] netlink: 'syz-executor.4': attribute type 16 has an invalid length. [ 148.871340][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 148.880089][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated 00:40:21 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xdc03}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x10, 0x53, 0x45, 0x4, 0x0, 0x3f, 0x80, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x5, 0x6, @perf_bp={&(0x7f0000000040)}, 0x2001, 0x2, 0xd57f, 0x4, 0x20, 0x3, 0x40, 0x0, 0x9}, 0x0, 0xc, r0, 0xa) set_mempolicy(0x0, 0x0, 0x0) [ 148.888652][T13385] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 148.889042][T13395] loop1: detected capacity change from 0 to 264192 [ 148.915115][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 148.926378][T13395] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 148.931337][T13385] loop2: detected capacity change from 0 to 83 [ 148.939218][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 148.950301][T13385] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 149.021462][ T1040] loop0: p1 p2 p3 p4 [ 149.034851][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 149.040917][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 149.070629][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 149.098264][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 149.266017][ T1040] loop0: p1 p2 p3 p4 [ 149.277750][ T1832] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 149.291883][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 149.297897][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 149.321357][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 149.337644][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:21 executing program 3: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:21 executing program 4: set_mempolicy(0x2, &(0x7f0000000040)=0x7, 0x803) msgget$private(0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x500}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 00:40:21 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0xa00, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:21 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa7a0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:21 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, 0x0, 0x0, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:22 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x1020, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 149.457151][T13442] loop1: detected capacity change from 0 to 264192 [ 149.469640][T13439] loop2: detected capacity change from 0 to 83 00:40:22 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, 0x0, 0x0, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:22 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x2010, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 149.514012][T13442] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 149.524208][T13439] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:22 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa7a1, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 149.617351][T13467] loop4: detected capacity change from 0 to 264192 [ 149.724388][T13473] loop2: detected capacity change from 0 to 83 [ 149.746207][T13467] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 149.761069][ T1040] loop0: p1 p2 p3 p4 [ 149.765203][ T1040] loop0: p1 start 1 is beyond EOD, truncated 00:40:22 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x2200, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 149.771269][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 149.818604][T13473] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 149.832102][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated 00:40:22 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0xedc0, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 149.877214][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 149.924821][T13473] loop2: detected capacity change from 0 to 83 [ 149.954624][T13473] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:22 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0x0, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 149.987181][ T1040] loop0: p1 p2 p3 p4 [ 149.995817][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 150.001890][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 150.009103][ T27] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 150.024621][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 150.049220][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 150.130106][T13510] loop1: detected capacity change from 0 to 264192 [ 150.148361][T13510] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:23 executing program 3: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:23 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x20000, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:23 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa7a2, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 150.528772][T13522] loop2: detected capacity change from 0 to 83 00:40:23 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x1000000, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 150.585845][T13522] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 150.596453][ T1040] loop0: p1 p2 p3 p4 [ 150.601587][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 150.607701][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated 00:40:23 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0x0, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:23 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x2000000, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 150.669616][ T8] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 150.681486][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 150.682037][T13522] loop2: detected capacity change from 0 to 83 00:40:23 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, 0x0, 0x0, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:23 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x7000000, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 150.711908][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 150.724308][T13522] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:23 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0xa000000, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:23 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa7a3, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 150.805567][T13559] loop4: detected capacity change from 0 to 264192 [ 150.824043][T13559] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 150.837824][T13566] loop1: detected capacity change from 0 to 264192 [ 150.857488][ T1040] loop0: p1 p2 p3 p4 [ 150.866923][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 150.872982][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 150.881508][T13566] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 150.888763][T13574] loop2: detected capacity change from 0 to 83 [ 150.912537][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 150.921970][T13574] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 150.943493][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:23 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x10000000, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 150.992579][T13574] loop2: detected capacity change from 0 to 83 [ 151.007763][T13574] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 151.064968][ T1040] loop0: p1 p2 p3 p4 00:40:23 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x20100000, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 151.085883][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 151.091936][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 151.132839][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 151.177105][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 151.293434][ T4424] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 151.361138][ T1040] loop0: p1 p2 p3 p4 [ 151.373627][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 151.379730][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated 00:40:24 executing program 3: connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="b80000001900010000ff2de2f15400007f0000010000000000000000009049a6fc0100e1ff000000000000000000000000000000000000000a"], 0xb8}}, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r1, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f00000000c0)={0x0, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) 00:40:24 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa7a4, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) 00:40:24 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x22000000, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:24 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0x0, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) 00:40:24 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0x0, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r0, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 151.409322][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 151.430141][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 151.439099][ T27] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 00:40:24 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0x8cffffff, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 151.492181][T13627] loop2: detected capacity change from 0 to 83 [ 151.499837][T13628] loop1: detected capacity change from 0 to 264192 [ 151.500923][ T1040] loop0: p1 p2 p3 p4 [ 151.523447][T13627] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 151.533506][ T1040] loop0: p1 start 1 is beyond EOD, truncated 00:40:24 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1, 0x50, r0, 0xf4661000) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="8400000000010162bc43087823a14600020000002c000180140001801258e6dd404b0200ac1e00"], 0x84}}, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) [ 151.539615][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 151.547631][T13628] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 151.557246][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 151.562873][T13643] loop4: detected capacity change from 0 to 264192 [ 151.565808][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:24 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0xc0ed0000, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 151.592497][T13643] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 151.630725][T13627] loop2: detected capacity change from 0 to 83 00:40:24 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0xf6ffffff, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 151.651211][T13627] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 151.730903][ T1040] loop0: p1 p2 p3 p4 00:40:24 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0xfeffffff, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:24 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa7a5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000b6ce4d480f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000140f0a590001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000fbf4655f00f4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000040)={[{@nolazytime}]}) [ 151.757112][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 151.763234][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 151.774140][T13663] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.3'. [ 151.797329][T13663] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 151.806724][T13663] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 151.816098][T13663] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 151.822678][T13683] loop2: detected capacity change from 0 to 83 [ 151.844880][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 151.861541][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated [ 151.862112][T13683] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) 00:40:24 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0xffff0000, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:24 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0xffffff8c, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 151.949932][ T1040] loop0: p1 p2 p3 p4 [ 151.967242][ T1040] loop0: p1 start 1 is beyond EOD, truncated [ 151.973293][ T1040] loop0: p2 size 1073741824 extends beyond EOD, truncated [ 151.992595][ T1040] loop0: p3 size 1912633224 extends beyond EOD, truncated 00:40:24 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) open(&(0x7f0000000080)='./file0\x00', 0x10401, 0x0) ftruncate(r0, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(0xffffffffffffffff, 0x1200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x108d1521) sendfile(r0, r2, 0x0, 0x8400fffffffa) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x6, 0x6, 0xbb, 0x1, 0x3, 0x3, 0x8, 0x34e, 0x40, 0x2a0, 0x0, 0x5, 0x38, 0x1, 0x3f, 0x3, 0x2}, [{0x235680b761653cac, 0x7fffffff, 0x12a000000000000, 0xca, 0xa0, 0x7ff, 0x35a7, 0x1}, {0x5, 0xa3, 0x3ff, 0x6, 0x7, 0x8, 0x9}], "9bd2", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9b2) [ 152.006396][T13683] loop2: detected capacity change from 0 to 83 [ 152.020171][T13683] EXT4-fs (loop2): bad geometry: block count 64 exceeds size of device (10 blocks) [ 152.029747][ T1832] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 152.039678][ T1040] loop0: p4 size 32768 extends beyond EOD, truncated 00:40:24 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) syz_io_uring_setup(0x187, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$9p_fd(0xfffffff6, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:40:24 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1, 0x50, r0, 0xf4661000) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="8400000000010162bc43087823a14600020000002c000180140001801258e6dd404b0200ac1e00"], 0x84}}, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0