Warning: Permanently added '10.128.0.110' (ECDSA) to the list of known hosts. 2021/10/03 07:59:20 fuzzer started 2021/10/03 07:59:20 dialing manager at 10.128.0.163:46657 2021/10/03 07:59:20 syscalls: 1977 2021/10/03 07:59:20 code coverage: enabled 2021/10/03 07:59:20 comparison tracing: enabled 2021/10/03 07:59:20 extra coverage: enabled 2021/10/03 07:59:20 setuid sandbox: enabled 2021/10/03 07:59:20 namespace sandbox: enabled 2021/10/03 07:59:20 Android sandbox: enabled 2021/10/03 07:59:20 fault injection: enabled 2021/10/03 07:59:20 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/10/03 07:59:20 net packet injection: /dev/net/tun does not exist 2021/10/03 07:59:20 net device setup: enabled 2021/10/03 07:59:20 concurrency sanitizer: enabled 2021/10/03 07:59:20 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/10/03 07:59:20 USB emulation: /dev/raw-gadget does not exist 2021/10/03 07:59:20 hci packet injection: /dev/vhci does not exist 2021/10/03 07:59:20 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 2021/10/03 07:59:20 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 2021/10/03 07:59:21 suppressing KCSAN reports in functions: '__xa_clear_mark' 'blk_mq_dispatch_rq_list' 'xas_clear_mark' 'generic_write_end' 2021/10/03 07:59:21 fetching corpus: 0, signal 0/2000 (executing program) 2021/10/03 07:59:21 fetching corpus: 47, signal 14311/17585 (executing program) 2021/10/03 07:59:21 fetching corpus: 97, signal 21967/26306 (executing program) 2021/10/03 07:59:21 fetching corpus: 146, signal 26970/32229 (executing program) 2021/10/03 07:59:21 fetching corpus: 195, signal 30319/36500 (executing program) 2021/10/03 07:59:21 fetching corpus: 245, signal 33089/40130 (executing program) 2021/10/03 07:59:21 fetching corpus: 295, signal 35316/43116 (executing program) 2021/10/03 07:59:21 fetching corpus: 345, signal 37758/46140 (executing program) 2021/10/03 07:59:21 fetching corpus: 395, signal 39754/48708 (executing program) 2021/10/03 07:59:21 fetching corpus: 445, signal 43125/52258 (executing program) 2021/10/03 07:59:21 fetching corpus: 494, signal 45034/54551 (executing program) 2021/10/03 07:59:21 fetching corpus: 544, signal 47382/57054 (executing program) 2021/10/03 07:59:21 fetching corpus: 593, signal 48570/58679 (executing program) 2021/10/03 07:59:21 fetching corpus: 643, signal 50717/60839 (executing program) 2021/10/03 07:59:21 fetching corpus: 691, signal 51898/62318 (executing program) 2021/10/03 07:59:21 fetching corpus: 740, signal 53143/63761 (executing program) 2021/10/03 07:59:21 fetching corpus: 789, signal 55694/65854 (executing program) 2021/10/03 07:59:21 fetching corpus: 839, signal 56909/67109 (executing program) 2021/10/03 07:59:21 fetching corpus: 889, signal 58743/68588 (executing program) 2021/10/03 07:59:21 fetching corpus: 939, signal 59727/69625 (executing program) 2021/10/03 07:59:21 fetching corpus: 989, signal 61408/70892 (executing program) 2021/10/03 07:59:21 fetching corpus: 1038, signal 62873/72068 (executing program) 2021/10/03 07:59:22 fetching corpus: 1087, signal 64371/73137 (executing program) 2021/10/03 07:59:22 fetching corpus: 1135, signal 65282/73886 (executing program) 2021/10/03 07:59:22 fetching corpus: 1185, signal 66245/74636 (executing program) 2021/10/03 07:59:22 fetching corpus: 1235, signal 67165/75288 (executing program) 2021/10/03 07:59:22 fetching corpus: 1285, signal 68209/75953 (executing program) 2021/10/03 07:59:22 fetching corpus: 1335, signal 68972/76465 (executing program) 2021/10/03 07:59:22 fetching corpus: 1384, signal 69850/76979 (executing program) 2021/10/03 07:59:22 fetching corpus: 1433, signal 70395/77332 (executing program) 2021/10/03 07:59:22 fetching corpus: 1483, signal 71329/77813 (executing program) 2021/10/03 07:59:22 fetching corpus: 1533, signal 72212/78249 (executing program) 2021/10/03 07:59:22 fetching corpus: 1583, signal 72901/78576 (executing program) 2021/10/03 07:59:22 fetching corpus: 1632, signal 74200/78944 (executing program) 2021/10/03 07:59:22 fetching corpus: 1681, signal 74988/79166 (executing program) 2021/10/03 07:59:22 fetching corpus: 1731, signal 75490/79321 (executing program) 2021/10/03 07:59:22 fetching corpus: 1780, signal 76154/79460 (executing program) 2021/10/03 07:59:22 fetching corpus: 1829, signal 76723/79565 (executing program) 2021/10/03 07:59:22 fetching corpus: 1877, signal 77254/79677 (executing program) 2021/10/03 07:59:22 fetching corpus: 1881, signal 77297/79756 (executing program) 2021/10/03 07:59:22 fetching corpus: 1881, signal 77297/79756 (executing program) 2021/10/03 07:59:24 starting 6 fuzzer processes 07:59:24 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x100}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="cb00000011040004000082"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0, 0x29}, {&(0x7f0000001880)=""/102388, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0)) 07:59:24 executing program 1: syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_MADVISE={0x19, 0x4, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc}, 0x8001) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x7a05, 0x1700) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)) fallocate(0xffffffffffffffff, 0x8, 0x1, 0x8) r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, 0x0) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000062c40)={0x0, [], 0x0, "00001000"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r3, &(0x7f0000000200), 0x806000) 07:59:24 executing program 5: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='cpuset\x00', 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000000c0)='cpuset.mems\x00', 0x2, 0x0) write$cgroup_int(r1, &(0x7f0000000100), 0x12) 07:59:24 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV4_HTHRESH={0x6, 0x3, {0x0, 0x21}}]}, 0x1c}}, 0x0) 07:59:24 executing program 2: clone3(&(0x7f0000000500)={0x288000, 0x0, 0x0, 0x0, {}, &(0x7f0000000380)=""/222, 0xde, 0x0, 0x0}, 0x58) 07:59:24 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000180)="66530700ae897094e71b0fb1f147a8378f364602812c66538d750f6ee1d001f43f0500bb9fb045f2d1eaa302ab6c2fef2308003ea1315b9532f3af2f5e153eb78020fa00eb298802d8f6c1f3b18d6d35f7018b31a53bad1ec3533c791a753a1fef2c560015000000000000fb8005128e7e4d939955f8ac050003784000400f573fbf000000000000000761f35e959f130dec95128ce7ec033dc0a380543bfc99320be1c1bb99bb063fb66f2d696569eada31b09f9c15f0332701d9d14a3f3109d666578cc0266bce7860eaaf305a0ee2af0f82dfefd5e00d421b000000000000000000b5b320a55aa0687a84d966d8511716628a7044b759125c9345ee39e2359c24d02177857578996667ab1e3d08a36b4622fb0367a73571f3a5ea50adedad463202", 0x123}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) syzkaller login: [ 22.211670][ T22] audit: type=1400 audit(1633247964.092:8): avc: denied { execmem } for pid=1134 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 22.283210][ T1139] cgroup: Unknown subsys name 'perf_event' [ 22.297041][ T1139] cgroup: Unknown subsys name 'net_cls' [ 22.327001][ T1141] cgroup: Unknown subsys name 'perf_event' [ 22.333187][ T1141] cgroup: Unknown subsys name 'net_cls' [ 22.340124][ T1142] cgroup: Unknown subsys name 'perf_event' [ 22.348694][ T1142] cgroup: Unknown subsys name 'net_cls' [ 22.363915][ T1146] cgroup: Unknown subsys name 'perf_event' [ 22.372289][ T1146] cgroup: Unknown subsys name 'net_cls' [ 22.395779][ T1158] cgroup: Unknown subsys name 'perf_event' [ 22.401890][ T1158] cgroup: Unknown subsys name 'net_cls' [ 22.408694][ T1164] cgroup: Unknown subsys name 'perf_event' [ 22.423731][ T1164] cgroup: Unknown subsys name 'net_cls' 07:59:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV4_HTHRESH={0x6, 0x3, {0x0, 0x21}}]}, 0x1c}}, 0x0) 07:59:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV4_HTHRESH={0x6, 0x3, {0x0, 0x21}}]}, 0x1c}}, 0x0) [ 26.552699][ C0] sd 0:0:1:0: tag#3673 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 26.562561][ C0] sd 0:0:1:0: tag#3673 CDB: opcode=0xe5 (vendor) [ 26.568897][ C0] sd 0:0:1:0: tag#3673 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 26.577970][ C0] sd 0:0:1:0: tag#3673 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 26.587007][ C0] sd 0:0:1:0: tag#3673 CDB[20]: ba 07:59:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV4_HTHRESH={0x6, 0x3, {0x0, 0x21}}]}, 0x1c}}, 0x0) 07:59:28 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x100}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="cb00000011040004000082"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0, 0x29}, {&(0x7f0000001880)=""/102388, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0)) [ 26.607928][ T22] audit: type=1326 audit(1633247968.493:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3855 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 [ 26.653588][ T3869] new mount options do not match the existing superblock, will be ignored [ 26.675120][ T3869] new mount options do not match the existing superblock, will be ignored 07:59:28 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x100}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="cb00000011040004000082"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0, 0x29}, {&(0x7f0000001880)=""/102388, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0)) 07:59:28 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) fremovexattr(r0, &(0x7f0000000000)=@known='system.posix_acl_access\x00') [ 26.710511][ T22] audit: type=1326 audit(1633247968.493:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3855 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 07:59:28 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) fremovexattr(r0, &(0x7f0000000000)=@known='system.posix_acl_access\x00') [ 26.750985][ T22] audit: type=1326 audit(1633247968.493:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3855 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 [ 26.782082][ T22] audit: type=1326 audit(1633247968.493:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3855 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 [ 26.807866][ T22] audit: type=1326 audit(1633247968.493:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3855 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 [ 26.835140][ T22] audit: type=1326 audit(1633247968.493:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3855 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 07:59:28 executing program 1: syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_MADVISE={0x19, 0x4, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc}, 0x8001) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x7a05, 0x1700) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)) fallocate(0xffffffffffffffff, 0x8, 0x1, 0x8) r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, 0x0) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000062c40)={0x0, [], 0x0, "00001000"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r3, &(0x7f0000000200), 0x806000) 07:59:28 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) fremovexattr(r0, &(0x7f0000000000)=@known='system.posix_acl_access\x00') 07:59:28 executing program 2: clone3(&(0x7f0000000500)={0x288000, 0x0, 0x0, 0x0, {}, &(0x7f0000000380)=""/222, 0xde, 0x0, 0x0}, 0x58) [ 26.891250][ T22] audit: type=1326 audit(1633247968.493:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3855 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 [ 26.927427][ C0] sd 0:0:1:0: tag#3662 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 26.937275][ C0] sd 0:0:1:0: tag#3662 CDB: opcode=0xe5 (vendor) 07:59:28 executing program 2: clone3(&(0x7f0000000500)={0x288000, 0x0, 0x0, 0x0, {}, &(0x7f0000000380)=""/222, 0xde, 0x0, 0x0}, 0x58) [ 26.943716][ C0] sd 0:0:1:0: tag#3662 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 26.952753][ C0] sd 0:0:1:0: tag#3662 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 26.957858][ T22] audit: type=1326 audit(1633247968.493:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3855 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 [ 26.961776][ C0] sd 0:0:1:0: tag#3662 CDB[20]: ba [ 27.023551][ T22] audit: type=1326 audit(1633247968.493:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3855 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 07:59:31 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000180)="66530700ae897094e71b0fb1f147a8378f364602812c66538d750f6ee1d001f43f0500bb9fb045f2d1eaa302ab6c2fef2308003ea1315b9532f3af2f5e153eb78020fa00eb298802d8f6c1f3b18d6d35f7018b31a53bad1ec3533c791a753a1fef2c560015000000000000fb8005128e7e4d939955f8ac050003784000400f573fbf000000000000000761f35e959f130dec95128ce7ec033dc0a380543bfc99320be1c1bb99bb063fb66f2d696569eada31b09f9c15f0332701d9d14a3f3109d666578cc0266bce7860eaaf305a0ee2af0f82dfefd5e00d421b000000000000000000b5b320a55aa0687a84d966d8511716628a7044b759125c9345ee39e2359c24d02177857578996667ab1e3d08a36b4622fb0367a73571f3a5ea50adedad463202", 0x123}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) 07:59:31 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) fremovexattr(r0, &(0x7f0000000000)=@known='system.posix_acl_access\x00') 07:59:31 executing program 2: clone3(&(0x7f0000000500)={0x288000, 0x0, 0x0, 0x0, {}, &(0x7f0000000380)=""/222, 0xde, 0x0, 0x0}, 0x58) 07:59:31 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x100}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="cb00000011040004000082"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0, 0x29}, {&(0x7f0000001880)=""/102388, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0)) 07:59:31 executing program 1: syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_MADVISE={0x19, 0x4, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc}, 0x8001) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x7a05, 0x1700) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)) fallocate(0xffffffffffffffff, 0x8, 0x1, 0x8) r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, 0x0) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000062c40)={0x0, [], 0x0, "00001000"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r3, &(0x7f0000000200), 0x806000) 07:59:31 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x100}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="cb00000011040004000082"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0, 0x29}, {&(0x7f0000001880)=""/102388, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0)) [ 29.709958][ C1] sd 0:0:1:0: tag#3651 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 29.719823][ C1] sd 0:0:1:0: tag#3651 CDB: opcode=0xe5 (vendor) [ 29.720158][ T22] kauditd_printk_skb: 66 callbacks suppressed [ 29.720168][ T22] audit: type=1326 audit(1633247971.603:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 [ 29.726159][ C1] sd 0:0:1:0: tag#3651 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 29.753974][ T22] audit: type=1326 audit(1633247971.623:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 [ 29.756601][ C1] sd 0:0:1:0: tag#3651 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d 07:59:31 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x100}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="cb00000011040004000082"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0, 0x29}, {&(0x7f0000001880)=""/102388, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0)) 07:59:31 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000180)="66530700ae897094e71b0fb1f147a8378f364602812c66538d750f6ee1d001f43f0500bb9fb045f2d1eaa302ab6c2fef2308003ea1315b9532f3af2f5e153eb78020fa00eb298802d8f6c1f3b18d6d35f7018b31a53bad1ec3533c791a753a1fef2c560015000000000000fb8005128e7e4d939955f8ac050003784000400f573fbf000000000000000761f35e959f130dec95128ce7ec033dc0a380543bfc99320be1c1bb99bb063fb66f2d696569eada31b09f9c15f0332701d9d14a3f3109d666578cc0266bce7860eaaf305a0ee2af0f82dfefd5e00d421b000000000000000000b5b320a55aa0687a84d966d8511716628a7044b759125c9345ee39e2359c24d02177857578996667ab1e3d08a36b4622fb0367a73571f3a5ea50adedad463202", 0x123}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) [ 29.785839][ T22] audit: type=1326 audit(1633247971.663:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 [ 29.790004][ C1] sd 0:0:1:0: tag#3651 CDB[20]: ba [ 29.802598][ T22] audit: type=1326 audit(1633247971.663:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 07:59:31 executing program 5: syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_MADVISE={0x19, 0x4, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc}, 0x8001) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x7a05, 0x1700) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)) fallocate(0xffffffffffffffff, 0x8, 0x1, 0x8) r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, 0x0) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000062c40)={0x0, [], 0x0, "00001000"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r3, &(0x7f0000000200), 0x806000) [ 29.880322][ T22] audit: type=1326 audit(1633247971.663:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 [ 29.913573][ C0] sd 0:0:1:0: tag#3662 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 29.923441][ C0] sd 0:0:1:0: tag#3662 CDB: opcode=0xe5 (vendor) 07:59:31 executing program 2: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000140)={0xa, 0x0, 0x0, @empty}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x8000, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0x2bb98205) splice(r0, 0x0, r2, 0x0, 0x4ff99, 0x0) [ 29.929786][ C0] sd 0:0:1:0: tag#3662 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 29.938834][ C0] sd 0:0:1:0: tag#3662 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 29.947881][ C0] sd 0:0:1:0: tag#3662 CDB[20]: ba 07:59:31 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x100}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="cb00000011040004000082"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0, 0x29}, {&(0x7f0000001880)=""/102388, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0)) [ 30.007935][ T22] audit: type=1326 audit(1633247971.663:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 07:59:31 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000340)="b40fcf43fef626359bc72080bf31a6e7b41829249544ceaccc99d6b02bd568c026bd73f786e5f1375a38793fae6c57a8f3c2b740e64d33d1a031919f6c9b73621228a36f74d771e3feeda93add2bb1ef675c57e4d77db42c39ca74d49332b80b87aee6971c3a9822f080088499c14f9bb6cf9a5cb0b87fa5a1ac9d41dc7c380ab73dcb5064a0a1d8ddec8480dfea0eec4843e2a36914795d4ceff30e0e7b1ca580b68022f377a4ea9f22155116606cb20f0b642b86198f2482af154a", 0xbc}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x5) tkill(r0, 0x3a) sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0xfffffffffffffffc}}, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) exit_group(0x0) [ 30.040141][ T22] audit: type=1326 audit(1633247971.663:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 [ 30.064692][ T22] audit: type=1326 audit(1633247971.663:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 07:59:32 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000340)="b40fcf43fef626359bc72080bf31a6e7b41829249544ceaccc99d6b02bd568c026bd73f786e5f1375a38793fae6c57a8f3c2b740e64d33d1a031919f6c9b73621228a36f74d771e3feeda93add2bb1ef675c57e4d77db42c39ca74d49332b80b87aee6971c3a9822f080088499c14f9bb6cf9a5cb0b87fa5a1ac9d41dc7c380ab73dcb5064a0a1d8ddec8480dfea0eec4843e2a36914795d4ceff30e0e7b1ca580b68022f377a4ea9f22155116606cb20f0b642b86198f2482af154a", 0xbc}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x5) tkill(r0, 0x3a) sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0xfffffffffffffffc}}, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) exit_group(0x0) 07:59:32 executing program 3: clone(0x84a100, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x2, 0x1) 07:59:32 executing program 3: clone(0x84a100, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x2, 0x1) [ 30.089077][ T22] audit: type=1326 audit(1633247971.663:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 [ 30.114362][ T22] audit: type=1326 audit(1633247971.663:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f29d0c8d9 code=0x7ffc0000 07:59:32 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000340)="b40fcf43fef626359bc72080bf31a6e7b41829249544ceaccc99d6b02bd568c026bd73f786e5f1375a38793fae6c57a8f3c2b740e64d33d1a031919f6c9b73621228a36f74d771e3feeda93add2bb1ef675c57e4d77db42c39ca74d49332b80b87aee6971c3a9822f080088499c14f9bb6cf9a5cb0b87fa5a1ac9d41dc7c380ab73dcb5064a0a1d8ddec8480dfea0eec4843e2a36914795d4ceff30e0e7b1ca580b68022f377a4ea9f22155116606cb20f0b642b86198f2482af154a", 0xbc}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x5) tkill(r0, 0x3a) sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0xfffffffffffffffc}}, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) exit_group(0x0) 07:59:32 executing program 1: syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_MADVISE={0x19, 0x4, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc}, 0x8001) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x7a05, 0x1700) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)) fallocate(0xffffffffffffffff, 0x8, 0x1, 0x8) r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, 0x0) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000062c40)={0x0, [], 0x0, "00001000"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r3, &(0x7f0000000200), 0x806000) 07:59:32 executing program 3: clone(0x84a100, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x2, 0x1) 07:59:32 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000340)="b40fcf43fef626359bc72080bf31a6e7b41829249544ceaccc99d6b02bd568c026bd73f786e5f1375a38793fae6c57a8f3c2b740e64d33d1a031919f6c9b73621228a36f74d771e3feeda93add2bb1ef675c57e4d77db42c39ca74d49332b80b87aee6971c3a9822f080088499c14f9bb6cf9a5cb0b87fa5a1ac9d41dc7c380ab73dcb5064a0a1d8ddec8480dfea0eec4843e2a36914795d4ceff30e0e7b1ca580b68022f377a4ea9f22155116606cb20f0b642b86198f2482af154a", 0xbc}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x5) tkill(r0, 0x3a) sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0xfffffffffffffffc}}, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) exit_group(0x0) [ 30.252531][ C0] sd 0:0:1:0: tag#3658 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 30.262578][ C0] sd 0:0:1:0: tag#3658 CDB: opcode=0xe5 (vendor) [ 30.268921][ C0] sd 0:0:1:0: tag#3658 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 30.278065][ C0] sd 0:0:1:0: tag#3658 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 30.287110][ C0] sd 0:0:1:0: tag#3658 CDB[20]: ba 07:59:34 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000180)="66530700ae897094e71b0fb1f147a8378f364602812c66538d750f6ee1d001f43f0500bb9fb045f2d1eaa302ab6c2fef2308003ea1315b9532f3af2f5e153eb78020fa00eb298802d8f6c1f3b18d6d35f7018b31a53bad1ec3533c791a753a1fef2c560015000000000000fb8005128e7e4d939955f8ac050003784000400f573fbf000000000000000761f35e959f130dec95128ce7ec033dc0a380543bfc99320be1c1bb99bb063fb66f2d696569eada31b09f9c15f0332701d9d14a3f3109d666578cc0266bce7860eaaf305a0ee2af0f82dfefd5e00d421b000000000000000000b5b320a55aa0687a84d966d8511716628a7044b759125c9345ee39e2359c24d02177857578996667ab1e3d08a36b4622fb0367a73571f3a5ea50adedad463202", 0x123}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) 07:59:34 executing program 3: clone(0x84a100, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x2, 0x1) 07:59:34 executing program 5: syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_MADVISE={0x19, 0x4, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc}, 0x8001) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x7a05, 0x1700) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)) fallocate(0xffffffffffffffff, 0x8, 0x1, 0x8) r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, 0x0) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000062c40)={0x0, [], 0x0, "00001000"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r3, &(0x7f0000000200), 0x806000) 07:59:34 executing program 0: clone(0x84a100, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x2, 0x1) 07:59:34 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xec, &(0x7f0000001d00)="8d6208f167ff0f26a25750cb070000006083f3cf09690f0800000076751e3811ac940ddb00000000000027b236630a670057a74244a96187389fa2273b94ba06b9e4e3af9c6ff81d781d007fbe72f2f98608448dad202100dfe301745d4dc4635924876db8b60a0afb8fd0264a7d5a900dd544d82797e48adf8259a4270ef0d680984d8b6951f5ffcfe21ad81da7c3e70b5c56880a53b4d196eda27aa6d092efa121fe0c820a50be3abe9517f9e7a45e91c4ffffffffffffd5edc12efa21cb5ef16cdbbda2e5af18ba8733fb3cb407ee6c4252493d2834faafc1f2169271f1ec57ba9225981686fe092caa80"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x2d) tkill(r0, 0x38) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) r1 = gettid() tkill(r1, 0x3a) 07:59:34 executing program 2: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000140)={0xa, 0x0, 0x0, @empty}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x8000, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0x2bb98205) splice(r0, 0x0, r2, 0x0, 0x4ff99, 0x0) 07:59:34 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xec, &(0x7f0000001d00)="8d6208f167ff0f26a25750cb070000006083f3cf09690f0800000076751e3811ac940ddb00000000000027b236630a670057a74244a96187389fa2273b94ba06b9e4e3af9c6ff81d781d007fbe72f2f98608448dad202100dfe301745d4dc4635924876db8b60a0afb8fd0264a7d5a900dd544d82797e48adf8259a4270ef0d680984d8b6951f5ffcfe21ad81da7c3e70b5c56880a53b4d196eda27aa6d092efa121fe0c820a50be3abe9517f9e7a45e91c4ffffffffffffd5edc12efa21cb5ef16cdbbda2e5af18ba8733fb3cb407ee6c4252493d2834faafc1f2169271f1ec57ba9225981686fe092caa80"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x2d) tkill(r0, 0x38) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) r1 = gettid() tkill(r1, 0x3a) 07:59:34 executing program 0: clone(0x84a100, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x2, 0x1) 07:59:34 executing program 0: clone(0x84a100, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x2, 0x1) 07:59:34 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xec, &(0x7f0000001d00)="8d6208f167ff0f26a25750cb070000006083f3cf09690f0800000076751e3811ac940ddb00000000000027b236630a670057a74244a96187389fa2273b94ba06b9e4e3af9c6ff81d781d007fbe72f2f98608448dad202100dfe301745d4dc4635924876db8b60a0afb8fd0264a7d5a900dd544d82797e48adf8259a4270ef0d680984d8b6951f5ffcfe21ad81da7c3e70b5c56880a53b4d196eda27aa6d092efa121fe0c820a50be3abe9517f9e7a45e91c4ffffffffffffd5edc12efa21cb5ef16cdbbda2e5af18ba8733fb3cb407ee6c4252493d2834faafc1f2169271f1ec57ba9225981686fe092caa80"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x2d) tkill(r0, 0x38) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) r1 = gettid() tkill(r1, 0x3a) 07:59:34 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000140)={0xa, 0x0, 0x0, @empty}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x8000, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0x2bb98205) splice(r0, 0x0, r2, 0x0, 0x4ff99, 0x0) [ 32.903685][ C0] sd 0:0:1:0: tag#3709 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 32.913532][ C0] sd 0:0:1:0: tag#3709 CDB: opcode=0xe5 (vendor) [ 32.920034][ C0] sd 0:0:1:0: tag#3709 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 32.929087][ C0] sd 0:0:1:0: tag#3709 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 32.938141][ C0] sd 0:0:1:0: tag#3709 CDB[20]: ba 07:59:34 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xec, &(0x7f0000001d00)="8d6208f167ff0f26a25750cb070000006083f3cf09690f0800000076751e3811ac940ddb00000000000027b236630a670057a74244a96187389fa2273b94ba06b9e4e3af9c6ff81d781d007fbe72f2f98608448dad202100dfe301745d4dc4635924876db8b60a0afb8fd0264a7d5a900dd544d82797e48adf8259a4270ef0d680984d8b6951f5ffcfe21ad81da7c3e70b5c56880a53b4d196eda27aa6d092efa121fe0c820a50be3abe9517f9e7a45e91c4ffffffffffffd5edc12efa21cb5ef16cdbbda2e5af18ba8733fb3cb407ee6c4252493d2834faafc1f2169271f1ec57ba9225981686fe092caa80"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x2d) tkill(r0, 0x38) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) r1 = gettid() tkill(r1, 0x3a) 07:59:37 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000140)={0xa, 0x0, 0x0, @empty}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x8000, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0x2bb98205) splice(r0, 0x0, r2, 0x0, 0x4ff99, 0x0) 07:59:37 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x18c, &(0x7f0000001d00)="8d6208f167ff0f26a25750cb070000006083f3cf09690f0800000076751e3811ac940ddb00000000000027b236630a670057a74244a96187389fa2273b94ba06b9e4e3af9c6ff81d781d007fbe72f2f98608448dad202100dfe301745d4dc4635924876db8b60a0afb8fd0264a7d5a900dd544d82797e48adf8259a4270ef0d680984d8b6951f5ffcfe21ad81da7c3e70b5c56880a53b4d196eda27aa6d092efa121fe0c820a50be3abe9517f9e7a45e91c4ffffffffffffd5edc12efa21cb5ef16cdbbda2e5af18ba8733fb3cb407ee6c4252493d2834faafc1f2169271f1ec57ba9225981686fe092caa8010c48dd660a8a6e7824069287a6efa9a0f7f84b32fc6791c4d21996f9a13efb6c119285eb6e1aa3ccc08f008d028947991608aba8c0bc01f5c79e7cabfb007ef83a6d1d3b09514516646c9f11d17c697eda7f133660f2f47c50050aa8052ad83bf2332c113ef80e11dcf93e44a525a4b30539210871fc52daea5387cd8b6e3f2e5e2ff19aae971784805241ece346440c981a3c30c13bbcc5f246745ba7662e1"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x2d) tkill(r0, 0x38) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) r1 = gettid() tkill(r1, 0x3a) 07:59:37 executing program 1: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000002c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xea, &(0x7f0000000500)="598542348925bad0d8813ff35a5edf029736e75e8354709c9af3258098d2d30cee18b0c5c0577757fdaa34b865d6dae26f32781acab6278d5d5c0745af88eeffd8ad829a3dea625b216c6cfcba0a5598dfb85d7cc431103c31a2d3657bd0df08fc8c690e6ac09bb9172a9a34743b2af1ea1b05ada873ec6b8cb82474ad8c0ec85ffdb9f4e5ee42483d7d85a3808438d57646bc584eda090b4ad49ff969a39ab097764a0471c700aef180f4f198a69bfb5fce70ae3f96c4a217b994656aeff6c5338b3d11053fb12ab30c957c1736ed3cd4fb711cadbb3f19cc0a2e67a1a0594cf7445ccce8478ef33166"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 07:59:37 executing program 5: syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_MADVISE={0x19, 0x4, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc}, 0x8001) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x7a05, 0x1700) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)) fallocate(0xffffffffffffffff, 0x8, 0x1, 0x8) r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, 0x0) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000062c40)={0x0, [], 0x0, "00001000"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r3, &(0x7f0000000200), 0x806000) 07:59:37 executing program 2: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000140)={0xa, 0x0, 0x0, @empty}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x8000, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0x2bb98205) splice(r0, 0x0, r2, 0x0, 0x4ff99, 0x0) 07:59:37 executing program 4: timer_create(0xb, 0x0, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x77359400}, {0x77359400}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000700)={{0x77359400}}, &(0x7f0000000740)) [ 35.925828][ C0] sd 0:0:1:0: tag#3694 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 35.935714][ C0] sd 0:0:1:0: tag#3694 CDB: opcode=0xe5 (vendor) [ 35.942064][ C0] sd 0:0:1:0: tag#3694 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 35.946166][ T22] kauditd_printk_skb: 174 callbacks suppressed 07:59:37 executing program 4: timer_create(0xb, 0x0, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x77359400}, {0x77359400}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000700)={{0x77359400}}, &(0x7f0000000740)) 07:59:37 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x18c, &(0x7f0000001d00)="8d6208f167ff0f26a25750cb070000006083f3cf09690f0800000076751e3811ac940ddb00000000000027b236630a670057a74244a96187389fa2273b94ba06b9e4e3af9c6ff81d781d007fbe72f2f98608448dad202100dfe301745d4dc4635924876db8b60a0afb8fd0264a7d5a900dd544d82797e48adf8259a4270ef0d680984d8b6951f5ffcfe21ad81da7c3e70b5c56880a53b4d196eda27aa6d092efa121fe0c820a50be3abe9517f9e7a45e91c4ffffffffffffd5edc12efa21cb5ef16cdbbda2e5af18ba8733fb3cb407ee6c4252493d2834faafc1f2169271f1ec57ba9225981686fe092caa8010c48dd660a8a6e7824069287a6efa9a0f7f84b32fc6791c4d21996f9a13efb6c119285eb6e1aa3ccc08f008d028947991608aba8c0bc01f5c79e7cabfb007ef83a6d1d3b09514516646c9f11d17c697eda7f133660f2f47c50050aa8052ad83bf2332c113ef80e11dcf93e44a525a4b30539210871fc52daea5387cd8b6e3f2e5e2ff19aae971784805241ece346440c981a3c30c13bbcc5f246745ba7662e1"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x2d) tkill(r0, 0x38) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) r1 = gettid() tkill(r1, 0x3a) [ 35.946177][ T22] audit: type=1326 audit(1633247977.834:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4119 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9269a848d9 code=0x7ffc0000 [ 35.951078][ C0] sd 0:0:1:0: tag#3694 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 35.990921][ C0] sd 0:0:1:0: tag#3694 CDB[20]: ba [ 35.991260][ T22] audit: type=1326 audit(1633247977.854:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4119 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f9269a848d9 code=0x7ffc0000 07:59:37 executing program 4: timer_create(0xb, 0x0, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x77359400}, {0x77359400}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000700)={{0x77359400}}, &(0x7f0000000740)) [ 36.060906][ T22] audit: type=1326 audit(1633247977.854:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4119 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9269a848d9 code=0x7ffc0000 07:59:38 executing program 4: timer_create(0xb, 0x0, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x77359400}, {0x77359400}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000700)={{0x77359400}}, &(0x7f0000000740)) 07:59:38 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x18c, &(0x7f0000001d00)="8d6208f167ff0f26a25750cb070000006083f3cf09690f0800000076751e3811ac940ddb00000000000027b236630a670057a74244a96187389fa2273b94ba06b9e4e3af9c6ff81d781d007fbe72f2f98608448dad202100dfe301745d4dc4635924876db8b60a0afb8fd0264a7d5a900dd544d82797e48adf8259a4270ef0d680984d8b6951f5ffcfe21ad81da7c3e70b5c56880a53b4d196eda27aa6d092efa121fe0c820a50be3abe9517f9e7a45e91c4ffffffffffffd5edc12efa21cb5ef16cdbbda2e5af18ba8733fb3cb407ee6c4252493d2834faafc1f2169271f1ec57ba9225981686fe092caa8010c48dd660a8a6e7824069287a6efa9a0f7f84b32fc6791c4d21996f9a13efb6c119285eb6e1aa3ccc08f008d028947991608aba8c0bc01f5c79e7cabfb007ef83a6d1d3b09514516646c9f11d17c697eda7f133660f2f47c50050aa8052ad83bf2332c113ef80e11dcf93e44a525a4b30539210871fc52daea5387cd8b6e3f2e5e2ff19aae971784805241ece346440c981a3c30c13bbcc5f246745ba7662e1"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x2d) tkill(r0, 0x38) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) r1 = gettid() tkill(r1, 0x3a) 07:59:38 executing program 4: timer_create(0xb, 0x0, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x77359400}, {0x77359400}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000700)={{0x77359400}}, &(0x7f0000000740)) [ 36.097695][ T22] audit: type=1326 audit(1633247977.854:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4119 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f9269a848d9 code=0x7ffc0000 [ 36.136873][ T22] audit: type=1326 audit(1633247977.854:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4119 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9269a848d9 code=0x7ffc0000 [ 36.200246][ T22] audit: type=1326 audit(1633247977.854:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4119 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9269a848d9 code=0x7ffc0000 [ 36.224991][ T22] audit: type=1326 audit(1633247977.854:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4119 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9269a848d9 code=0x7ffc0000 [ 36.249666][ T22] audit: type=1326 audit(1633247977.854:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4119 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f9269a848d9 code=0x7ffc0000 [ 36.274003][ T22] audit: type=1326 audit(1633247977.854:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4137 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9269a848d9 code=0x7ffc0000 [ 36.298676][ T22] audit: type=1326 audit(1633247977.854:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4137 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f9269a848d9 code=0x7ffc0000 07:59:38 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000140)={0xa, 0x0, 0x0, @empty}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x8000, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0x2bb98205) splice(r0, 0x0, r2, 0x0, 0x4ff99, 0x0) 07:59:38 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)=@ethtool_dump={0x38}}) 07:59:40 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040)='proc\x00', 0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000340), 0x0) 07:59:40 executing program 4: timer_create(0xb, 0x0, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x77359400}, {0x77359400}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000700)={{0x77359400}}, &(0x7f0000000740)) 07:59:40 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x18c, &(0x7f0000001d00)="8d6208f167ff0f26a25750cb070000006083f3cf09690f0800000076751e3811ac940ddb00000000000027b236630a670057a74244a96187389fa2273b94ba06b9e4e3af9c6ff81d781d007fbe72f2f98608448dad202100dfe301745d4dc4635924876db8b60a0afb8fd0264a7d5a900dd544d82797e48adf8259a4270ef0d680984d8b6951f5ffcfe21ad81da7c3e70b5c56880a53b4d196eda27aa6d092efa121fe0c820a50be3abe9517f9e7a45e91c4ffffffffffffd5edc12efa21cb5ef16cdbbda2e5af18ba8733fb3cb407ee6c4252493d2834faafc1f2169271f1ec57ba9225981686fe092caa8010c48dd660a8a6e7824069287a6efa9a0f7f84b32fc6791c4d21996f9a13efb6c119285eb6e1aa3ccc08f008d028947991608aba8c0bc01f5c79e7cabfb007ef83a6d1d3b09514516646c9f11d17c697eda7f133660f2f47c50050aa8052ad83bf2332c113ef80e11dcf93e44a525a4b30539210871fc52daea5387cd8b6e3f2e5e2ff19aae971784805241ece346440c981a3c30c13bbcc5f246745ba7662e1"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x2d) tkill(r0, 0x38) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) r1 = gettid() tkill(r1, 0x3a) 07:59:40 executing program 2: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000140)={0xa, 0x0, 0x0, @empty}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x8000, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0x2bb98205) splice(r0, 0x0, r2, 0x0, 0x4ff99, 0x0) 07:59:40 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)=@ethtool_dump={0x38}}) 07:59:40 executing program 0: unshare(0x4060680) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$PTP_EXTTS_REQUEST2(r0, 0x40103d0b, &(0x7f0000000180)) 07:59:40 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)=@ethtool_dump={0x38}}) 07:59:40 executing program 4: timer_create(0xb, 0x0, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x77359400}, {0x77359400}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000700)={{0x77359400}}, &(0x7f0000000740)) 07:59:40 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x4}, 0x0) r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf32(r1, &(0x7f0000000240)=ANY=[], 0xfffffdb6) ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0xff7) fcntl$setsig(r1, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r2}], 0x2c, 0xffffffffffbffff8) dup2(r1, r2) fcntl$setown(r1, 0x8, r0) tkill(r0, 0x16) 07:59:40 executing program 0: unshare(0x4060680) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$PTP_EXTTS_REQUEST2(r0, 0x40103d0b, &(0x7f0000000180)) 07:59:40 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)=@ethtool_dump={0x38}}) 07:59:40 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040)='proc\x00', 0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000340), 0x0) 07:59:40 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r0, 0x29, 0x8, 0x0, 0x0) 07:59:40 executing program 0: unshare(0x4060680) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$PTP_EXTTS_REQUEST2(r0, 0x40103d0b, &(0x7f0000000180)) 07:59:40 executing program 5: set_mempolicy(0x3, &(0x7f0000000080)=0x1, 0x6) keyctl$session_to_parent(0x12) 07:59:41 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x4}, 0x0) r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf32(r1, &(0x7f0000000240)=ANY=[], 0xfffffdb6) ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0xff7) fcntl$setsig(r1, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r2}], 0x2c, 0xffffffffffbffff8) dup2(r1, r2) fcntl$setown(r1, 0x8, r0) tkill(r0, 0x16) 07:59:41 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r0, 0x29, 0x8, 0x0, 0x0) 07:59:41 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040)='proc\x00', 0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000340), 0x0) 07:59:41 executing program 5: set_mempolicy(0x3, &(0x7f0000000080)=0x1, 0x6) keyctl$session_to_parent(0x12) 07:59:41 executing program 0: unshare(0x4060680) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$PTP_EXTTS_REQUEST2(r0, 0x40103d0b, &(0x7f0000000180)) 07:59:41 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x4}, 0x0) r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf32(r1, &(0x7f0000000240)=ANY=[], 0xfffffdb6) ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0xff7) fcntl$setsig(r1, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r2}], 0x2c, 0xffffffffffbffff8) dup2(r1, r2) fcntl$setown(r1, 0x8, r0) tkill(r0, 0x16) 07:59:41 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r0, 0x29, 0x8, 0x0, 0x0) 07:59:41 executing program 0: sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16, @ANYBLOB="f9a37d010000d0a1ce5ed5"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000323c0)=""/102384, 0xfffffffffffffeb0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x2f) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x1b) 07:59:41 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040)='proc\x00', 0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000340), 0x0) 07:59:41 executing program 5: set_mempolicy(0x3, &(0x7f0000000080)=0x1, 0x6) keyctl$session_to_parent(0x12) 07:59:41 executing program 0: sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16, @ANYBLOB="f9a37d010000d0a1ce5ed5"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000323c0)=""/102384, 0xfffffffffffffeb0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x2f) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x1b) 07:59:41 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r0, 0x29, 0x8, 0x0, 0x0) 07:59:41 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x4}, 0x0) r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf32(r1, &(0x7f0000000240)=ANY=[], 0xfffffdb6) ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0xff7) fcntl$setsig(r1, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r2}], 0x2c, 0xffffffffffbffff8) dup2(r1, r2) fcntl$setown(r1, 0x8, r0) tkill(r0, 0x16) 07:59:41 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "e75c59ac2491de5d2837edc15ec8bbc9faf35f"}) 07:59:41 executing program 0: sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16, @ANYBLOB="f9a37d010000d0a1ce5ed5"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000323c0)=""/102384, 0xfffffffffffffeb0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x2f) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x1b) 07:59:41 executing program 5: set_mempolicy(0x3, &(0x7f0000000080)=0x1, 0x6) keyctl$session_to_parent(0x12) 07:59:41 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000300), 0x0, 0x0) ioctl$SG_GET_REQUEST_TABLE(r0, 0x5385, 0x0) 07:59:41 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x4}, 0x0) r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf32(r1, &(0x7f0000000240)=ANY=[], 0xfffffdb6) ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0xff7) fcntl$setsig(r1, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r2}], 0x2c, 0xffffffffffbffff8) dup2(r1, r2) fcntl$setown(r1, 0x8, r0) tkill(r0, 0x16) 07:59:41 executing program 0: sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16, @ANYBLOB="f9a37d010000d0a1ce5ed5"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000323c0)=""/102384, 0xfffffffffffffeb0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x2f) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x1b) 07:59:41 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "e75c59ac2491de5d2837edc15ec8bbc9faf35f"}) 07:59:41 executing program 5: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_test', 0xc0202, 0x0) write$cgroup_devices(r0, &(0x7f0000000000)={'a', ' *:* ', 'w\x00'}, 0x8) 07:59:41 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace_dev_match', 0x0, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 07:59:41 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000300), 0x0, 0x0) ioctl$SG_GET_REQUEST_TABLE(r0, 0x5385, 0x0) 07:59:41 executing program 5: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_test', 0xc0202, 0x0) write$cgroup_devices(r0, &(0x7f0000000000)={'a', ' *:* ', 'w\x00'}, 0x8) 07:59:41 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x4}, 0x0) r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf32(r1, &(0x7f0000000240)=ANY=[], 0xfffffdb6) ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0xff7) fcntl$setsig(r1, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r2}], 0x2c, 0xffffffffffbffff8) dup2(r1, r2) fcntl$setown(r1, 0x8, r0) tkill(r0, 0x16) 07:59:41 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000300), 0x0, 0x0) ioctl$SG_GET_REQUEST_TABLE(r0, 0x5385, 0x0) 07:59:41 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "e75c59ac2491de5d2837edc15ec8bbc9faf35f"}) 07:59:41 executing program 5: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_test', 0xc0202, 0x0) write$cgroup_devices(r0, &(0x7f0000000000)={'a', ' *:* ', 'w\x00'}, 0x8) 07:59:42 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000300), 0x0, 0x0) ioctl$SG_GET_REQUEST_TABLE(r0, 0x5385, 0x0) 07:59:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x4}, 0x0) r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf32(r1, &(0x7f0000000240)=ANY=[], 0xfffffdb6) ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0xff7) fcntl$setsig(r1, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r2}], 0x2c, 0xffffffffffbffff8) dup2(r1, r2) fcntl$setown(r1, 0x8, r0) tkill(r0, 0x16) 07:59:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "e75c59ac2491de5d2837edc15ec8bbc9faf35f"}) 07:59:42 executing program 1: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x103, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="eb02551d981501655f1e5c"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0, 0x29}, {&(0x7f0000001880)=""/102388, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0)) 07:59:42 executing program 5: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_test', 0xc0202, 0x0) write$cgroup_devices(r0, &(0x7f0000000000)={'a', ' *:* ', 'w\x00'}, 0x8) 07:59:42 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace_dev_match', 0x0, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 07:59:42 executing program 1: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x103, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="eb02551d981501655f1e5c"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0, 0x29}, {&(0x7f0000001880)=""/102388, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0)) 07:59:42 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) io_setup(0xd, &(0x7f0000000100)=0x0) io_submit(r1, 0x1, &(0x7f0000000200)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) 07:59:42 executing program 5: socket(0x0, 0x0, 0x0) r0 = epoll_create1(0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f00000000c0)=0x13) r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCXONC(r3, 0x540a, 0x2) 07:59:42 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @remote}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in=@multicast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @local}, 0x0, 0x33}, 0x0, @in, 0x0, 0x0, 0x0, 0xb7}}, 0xe8) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x8000000000001f4) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, 0x0, 0x0) 07:59:42 executing program 2: perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xf7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x14, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 07:59:42 executing program 1: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x103, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="eb02551d981501655f1e5c"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0, 0x29}, {&(0x7f0000001880)=""/102388, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0)) 07:59:42 executing program 1: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x103, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="eb02551d981501655f1e5c"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0, 0x29}, {&(0x7f0000001880)=""/102388, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0)) 07:59:42 executing program 5: socket(0x0, 0x0, 0x0) r0 = epoll_create1(0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f00000000c0)=0x13) r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCXONC(r3, 0x540a, 0x2) 07:59:42 executing program 2: perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xf7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x14, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 07:59:42 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @remote}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in=@multicast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @local}, 0x0, 0x33}, 0x0, @in, 0x0, 0x0, 0x0, 0xb7}}, 0xe8) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x8000000000001f4) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, 0x0, 0x0) 07:59:42 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) io_setup(0xd, &(0x7f0000000100)=0x0) io_submit(r1, 0x1, &(0x7f0000000200)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) 07:59:43 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace_dev_match', 0x0, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 07:59:43 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) io_setup(0xd, &(0x7f0000000100)=0x0) io_submit(r1, 0x1, &(0x7f0000000200)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) 07:59:43 executing program 5: socket(0x0, 0x0, 0x0) r0 = epoll_create1(0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f00000000c0)=0x13) r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCXONC(r3, 0x540a, 0x2) 07:59:43 executing program 2: perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xf7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x14, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 07:59:43 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @remote}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in=@multicast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @local}, 0x0, 0x33}, 0x0, @in, 0x0, 0x0, 0x0, 0xb7}}, 0xe8) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x8000000000001f4) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, 0x0, 0x0) 07:59:43 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) io_setup(0xd, &(0x7f0000000100)=0x0) io_submit(r1, 0x1, &(0x7f0000000200)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) 07:59:43 executing program 5: socket(0x0, 0x0, 0x0) r0 = epoll_create1(0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f00000000c0)=0x13) r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCXONC(r3, 0x540a, 0x2) 07:59:43 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @remote}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in=@multicast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @local}, 0x0, 0x33}, 0x0, @in, 0x0, 0x0, 0x0, 0xb7}}, 0xe8) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x8000000000001f4) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, 0x0, 0x0) 07:59:43 executing program 2: perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xf7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x14, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 07:59:43 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @remote}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in=@multicast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @local}, 0x0, 0x33}, 0x0, @in, 0x0, 0x0, 0x0, 0xb7}}, 0xe8) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x8000000000001f4) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, 0x0, 0x0) 07:59:43 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) io_setup(0xd, &(0x7f0000000100)=0x0) io_submit(r1, 0x1, &(0x7f0000000200)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) 07:59:43 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) io_setup(0xd, &(0x7f0000000100)=0x0) io_submit(r1, 0x1, &(0x7f0000000200)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) 07:59:44 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace_dev_match', 0x0, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 07:59:44 executing program 3: socket(0x0, 0x0, 0x0) r0 = epoll_create1(0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f00000000c0)=0x13) r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCXONC(r3, 0x540a, 0x2) 07:59:44 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @remote}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in=@multicast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @local}, 0x0, 0x33}, 0x0, @in, 0x0, 0x0, 0x0, 0xb7}}, 0xe8) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x8000000000001f4) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, 0x0, 0x0) 07:59:44 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x85, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800004, 0x12, r0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001200), 0x0) 07:59:44 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:44 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) io_setup(0xd, &(0x7f0000000100)=0x0) io_submit(r1, 0x1, &(0x7f0000000200)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) 07:59:44 executing program 3: socket(0x0, 0x0, 0x0) r0 = epoll_create1(0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f00000000c0)=0x13) r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCXONC(r3, 0x540a, 0x2) [ 42.606446][ T4500] loop4: detected capacity change from 0 to 264192 [ 42.614955][ T4500] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 07:59:44 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x85, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800004, 0x12, r0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001200), 0x0) 07:59:44 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @remote}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in=@multicast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @local}, 0x0, 0x33}, 0x0, @in, 0x0, 0x0, 0x0, 0xb7}}, 0xe8) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x8000000000001f4) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, 0x0, 0x0) 07:59:44 executing program 3: socket(0x0, 0x0, 0x0) r0 = epoll_create1(0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f00000000c0)=0x13) r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCXONC(r3, 0x540a, 0x2) 07:59:44 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x85, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800004, 0x12, r0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001200), 0x0) 07:59:44 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x85, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800004, 0x12, r0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001200), 0x0) [ 42.829051][ T4500] ================================================================== [ 42.837143][ T4500] BUG: KCSAN: data-race in vfs_fsync_range / writeback_single_inode [ 42.845131][ T4500] [ 42.847432][ T4500] write to 0xffff888106383440 of 8 bytes by task 4534 on cpu 1: [ 42.855157][ T4500] writeback_single_inode+0x148/0x3e0 [ 42.860509][ T4500] sync_inode_metadata+0x57/0x80 [ 42.865458][ T4500] __generic_file_fsync+0xf5/0x140 [ 42.870634][ T4500] fat_file_fsync+0x48/0x100 [ 42.875204][ T4500] vfs_fsync_range+0x107/0x120 [ 42.879957][ T4500] generic_file_write_iter+0x103/0x130 [ 42.885396][ T4500] do_iter_readv_writev+0x2de/0x380 [ 42.890575][ T4500] do_iter_write+0x192/0x5c0 [ 42.895145][ T4500] vfs_iter_write+0x4c/0x70 [ 42.899623][ T4500] iter_file_splice_write+0x43a/0x790 [ 42.904970][ T4500] direct_splice_actor+0x80/0xa0 [ 42.909882][ T4500] splice_direct_to_actor+0x345/0x650 [ 42.915246][ T4500] do_splice_direct+0x106/0x190 [ 42.920071][ T4500] do_sendfile+0x63e/0xbb0 [ 42.924464][ T4500] __x64_sys_sendfile64+0x102/0x140 [ 42.929664][ T4500] do_syscall_64+0x44/0xa0 [ 42.934147][ T4500] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 42.940106][ T4500] [ 42.942500][ T4500] read to 0xffff888106383440 of 8 bytes by task 4500 on cpu 0: [ 42.950124][ T4500] vfs_fsync_range+0x98/0x120 [ 42.954787][ T4500] generic_file_write_iter+0x103/0x130 [ 42.960225][ T4500] do_iter_readv_writev+0x2de/0x380 [ 42.965407][ T4500] do_iter_write+0x192/0x5c0 [ 42.969976][ T4500] vfs_iter_write+0x4c/0x70 [ 42.974456][ T4500] iter_file_splice_write+0x43a/0x790 [ 42.979811][ T4500] direct_splice_actor+0x80/0xa0 [ 42.984734][ T4500] splice_direct_to_actor+0x345/0x650 [ 42.990188][ T4500] do_splice_direct+0x106/0x190 [ 42.995012][ T4500] do_sendfile+0x63e/0xbb0 [ 42.999404][ T4500] __x64_sys_sendfile64+0x102/0x140 [ 43.004586][ T4500] do_syscall_64+0x44/0xa0 [ 43.009007][ T4500] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 43.014881][ T4500] [ 43.017184][ T4500] value changed: 0x0000000000000007 -> 0x0000000000000084 [ 43.024261][ T4500] [ 43.026564][ T4500] Reported by Kernel Concurrency Sanitizer on: [ 43.033295][ T4500] CPU: 0 PID: 4500 Comm: syz-executor.4 Not tainted 5.15.0-rc3-syzkaller #0 [ 43.041943][ T4500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.051970][ T4500] ================================================================== [ 43.083522][ T1162] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 07:59:45 executing program 0: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:45 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x85, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800004, 0x12, r0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001200), 0x0) 07:59:45 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x85, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800004, 0x12, r0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001200), 0x0) 07:59:45 executing program 5: set_mempolicy(0x4, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000380)=ANY=[], 0x90) 07:59:45 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x85, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800004, 0x12, r0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001200), 0x0) 07:59:45 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:45 executing program 5: set_mempolicy(0x4, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000380)=ANY=[], 0x90) 07:59:45 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x85, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800004, 0x12, r0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001200), 0x0) 07:59:45 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x85, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800004, 0x12, r0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001200), 0x0) [ 43.504131][ T4560] loop4: detected capacity change from 0 to 264192 07:59:45 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x85, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800004, 0x12, r0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001200), 0x0) 07:59:45 executing program 5: set_mempolicy(0x4, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000380)=ANY=[], 0x90) 07:59:45 executing program 1: set_mempolicy(0x4, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000380)=ANY=[], 0x90) [ 43.578489][ T4560] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 07:59:45 executing program 0: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:45 executing program 2: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:45 executing program 3: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:45 executing program 5: set_mempolicy(0x4, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000380)=ANY=[], 0x90) 07:59:45 executing program 1: set_mempolicy(0x4, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000380)=ANY=[], 0x90) [ 43.958791][ T4598] loop3: detected capacity change from 0 to 264192 [ 43.967746][ T4598] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 43.983827][ T4602] loop2: detected capacity change from 0 to 264192 [ 44.023076][ T4602] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 07:59:46 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:46 executing program 1: set_mempolicy(0x4, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000380)=ANY=[], 0x90) 07:59:46 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) [ 44.205427][ T4615] loop5: detected capacity change from 0 to 264192 07:59:46 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) [ 44.258421][ T4615] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 44.279251][ T4625] loop4: detected capacity change from 0 to 264192 [ 44.299279][ T4629] loop1: detected capacity change from 0 to 264192 07:59:46 executing program 3: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) [ 44.329374][ T4625] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 44.367119][ T1162] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 07:59:46 executing program 2: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:46 executing program 0: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) [ 44.393404][ T4629] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 44.426782][ T1155] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 44.498823][ T4646] loop3: detected capacity change from 0 to 264192 [ 44.499139][ T4647] loop2: detected capacity change from 0 to 264192 [ 44.540658][ T4647] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 44.578511][ T4646] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 44.615052][ T4625] ================================================================== [ 44.623328][ T4625] BUG: KCSAN: data-race in dd_has_work / dd_insert_request [ 44.630536][ T4625] [ 44.632854][ T4625] write to 0xffff888102629488 of 8 bytes by task 4629 on cpu 1: [ 44.640482][ T4625] dd_insert_request+0x31d/0x4c0 [ 44.645427][ T4625] dd_insert_requests+0xfe/0x170 [ 44.650350][ T4625] blk_mq_sched_insert_request+0x1fc/0x250 [ 44.656140][ T4625] blk_mq_submit_bio+0x539/0xec0 [ 44.661339][ T4625] submit_bio_noacct+0x6e2/0x7d0 [ 44.666267][ T4625] submit_bio+0x10c/0x190 [ 44.670586][ T4625] submit_bh_wbc+0x2f3/0x330 [ 44.675173][ T4625] __sync_dirty_buffer+0x136/0x1e0 [ 44.680261][ T4625] sync_dirty_buffer+0x16/0x20 [ 44.685002][ T4625] ext4_write_inode+0x2ad/0x3c0 [ 44.689831][ T4625] write_inode+0x89/0x180 [ 44.694150][ T4625] __writeback_single_inode+0x2a2/0x440 [ 44.699678][ T4625] writeback_single_inode+0x17b/0x3e0 [ 44.705047][ T4625] sync_inode_metadata+0x57/0x80 [ 44.709964][ T4625] ext4_sync_file+0x359/0x670 [ 44.714712][ T4625] vfs_fsync_range+0x107/0x120 [ 44.719501][ T4625] ext4_buffered_write_iter+0x3af/0x400 [ 44.725024][ T4625] ext4_file_write_iter+0x2e7/0x11f0 [ 44.730300][ T4625] do_iter_readv_writev+0x2de/0x380 [ 44.735497][ T4625] do_iter_write+0x192/0x5c0 [ 44.740080][ T4625] vfs_iter_write+0x4c/0x70 [ 44.744565][ T4625] iter_file_splice_write+0x43a/0x790 [ 44.749929][ T4625] direct_splice_actor+0x80/0xa0 [ 44.754850][ T4625] splice_direct_to_actor+0x345/0x650 [ 44.760216][ T4625] do_splice_direct+0x106/0x190 [ 44.765056][ T4625] do_sendfile+0x63e/0xbb0 [ 44.769460][ T4625] __x64_sys_sendfile64+0x102/0x140 [ 44.774640][ T4625] do_syscall_64+0x44/0xa0 [ 44.779039][ T4625] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 44.784915][ T4625] [ 44.787231][ T4625] read to 0xffff888102629488 of 8 bytes by task 4625 on cpu 0: [ 44.794747][ T4625] dd_has_work+0x17c/0x250 [ 44.799143][ T4625] blk_mq_run_hw_queue+0x19f/0x250 [ 44.804233][ T4625] blk_mq_submit_bio+0xbb6/0xec0 [ 44.809164][ T4625] submit_bio_noacct+0x6e2/0x7d0 [ 44.814082][ T4625] submit_bio+0x10c/0x190 [ 44.818404][ T4625] submit_bio_wait+0x86/0xc0 [ 44.823070][ T4625] blkdev_issue_flush+0x7f/0xa0 [ 44.827896][ T4625] ext4_sync_file+0x410/0x670 [ 44.832561][ T4625] vfs_fsync_range+0x107/0x120 [ 44.837316][ T4625] ext4_buffered_write_iter+0x3af/0x400 [ 44.842842][ T4625] ext4_file_write_iter+0x2e7/0x11f0 [ 44.848104][ T4625] do_iter_readv_writev+0x2de/0x380 [ 44.853294][ T4625] do_iter_write+0x192/0x5c0 [ 44.857875][ T4625] vfs_iter_write+0x4c/0x70 [ 44.862369][ T4625] iter_file_splice_write+0x43a/0x790 [ 44.867722][ T4625] direct_splice_actor+0x80/0xa0 [ 44.872638][ T4625] splice_direct_to_actor+0x345/0x650 [ 44.877989][ T4625] do_splice_direct+0x106/0x190 [ 44.882838][ T4625] do_sendfile+0x63e/0xbb0 [ 44.887236][ T4625] __x64_sys_sendfile64+0x102/0x140 [ 44.892416][ T4625] do_syscall_64+0x44/0xa0 [ 44.896812][ T4625] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 44.902687][ T4625] [ 44.904989][ T4625] value changed: 0xffff888102629480 -> 0xffff8881028abf88 [ 44.912071][ T4625] [ 44.914371][ T4625] Reported by Kernel Concurrency Sanitizer on: [ 44.920491][ T4625] CPU: 0 PID: 4625 Comm: syz-executor.4 Not tainted 5.15.0-rc3-syzkaller #0 [ 44.929154][ T4625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.939195][ T4625] ================================================================== [ 45.291773][ T4636] syz-executor.1 (4636) used greatest stack depth: 10144 bytes left [ 45.303157][ C1] hrtimer: interrupt took 49581 ns 07:59:47 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:47 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:47 executing program 2: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:47 executing program 4: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) [ 45.381168][ T842] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 45.434118][ T4666] loop1: detected capacity change from 0 to 264192 [ 45.444206][ T4668] loop5: detected capacity change from 0 to 264192 07:59:47 executing program 0: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:47 executing program 3: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) [ 45.483114][ T4666] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 45.483183][ T4668] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 45.561997][ T4685] loop4: detected capacity change from 0 to 264192 [ 45.586885][ T4687] loop2: detected capacity change from 0 to 264192 [ 45.587144][ T4694] loop3: detected capacity change from 0 to 264192 [ 45.611195][ T4694] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 45.635189][ T4687] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 45.683832][ T4685] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 07:59:47 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) [ 45.994448][ T842] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 07:59:48 executing program 3: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) [ 46.103362][ T4715] loop5: detected capacity change from 0 to 264192 [ 46.119395][ T842] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 46.129419][ T4715] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 46.222990][ T4723] loop3: detected capacity change from 0 to 264192 07:59:48 executing program 0: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) [ 46.268081][ T4723] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 07:59:48 executing program 1: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:48 executing program 2: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = fork() wait4(r1, 0x0, 0x0, 0x0) tkill(r0, 0x40) tkill(r1, 0x2e) 07:59:48 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) set_mempolicy(0x1, 0x0, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f00000000c0)={0x0, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x0, 0x1, [{{0x3, 0x0, @local}}]}, 0x110) 07:59:48 executing program 5: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = getpid() r1 = pidfd_open(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}}) [ 46.503514][ T4736] loop1: detected capacity change from 0 to 264192 [ 46.524266][ T4736] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 46.541301][ T1155] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 07:59:48 executing program 3: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:48 executing program 5: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = getpid() r1 = pidfd_open(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}}) [ 46.646510][ T1186] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 07:59:48 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) set_mempolicy(0x1, 0x0, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f00000000c0)={0x0, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x0, 0x1, [{{0x3, 0x0, @local}}]}, 0x110) 07:59:48 executing program 5: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = getpid() r1 = pidfd_open(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}}) 07:59:48 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) set_mempolicy(0x1, 0x0, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f00000000c0)={0x0, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x0, 0x1, [{{0x3, 0x0, @local}}]}, 0x110) 07:59:48 executing program 5: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = getpid() r1 = pidfd_open(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}}) [ 46.770647][ T4779] loop3: detected capacity change from 0 to 264192 07:59:48 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) set_mempolicy(0x1, 0x0, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f00000000c0)={0x0, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x0, 0x1, [{{0x3, 0x0, @local}}]}, 0x110) [ 46.816940][ T4779] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 07:59:48 executing program 0: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:48 executing program 2: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = fork() wait4(r1, 0x0, 0x0, 0x0) tkill(r0, 0x40) tkill(r1, 0x2e) 07:59:48 executing program 5: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = getpid() r1 = pidfd_open(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}}) 07:59:48 executing program 1: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = getpid() r1 = pidfd_open(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}}) 07:59:48 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_io_uring_setup(0x2de7, &(0x7f0000000000), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f00000007c0)=[{0x0}, {0x0, 0xfffffc63}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000007080)=[{{0x0, 0x0, &(0x7f0000002000)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000001f80)=""/2, 0x2}], 0x5}}], 0x1, 0x0, 0x0) io_uring_enter(r1, 0x302, 0x0, 0x0, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f0000000000)=[{{&(0x7f00000001c0)={0x2, 0x4e25, @dev}, 0x10, 0x0}}], 0x1, 0x0) [ 46.902511][ T1186] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 07:59:48 executing program 3: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x434000, 0x88) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x4142, 0x2) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180)='%,+-$\x00', 0x6, 0x3) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141002, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x82) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x141042, 0x0) open(&(0x7f00000003c0)='./file0\x00', 0x2, 0x21) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[], 0x82) sendfile(r3, r2, 0x0, 0xa198) sendfile(r1, r0, 0x0, 0xa198) 07:59:48 executing program 1: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = getpid() r1 = pidfd_open(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}}) 07:59:48 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_io_uring_setup(0x2de7, &(0x7f0000000000), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f00000007c0)=[{0x0}, {0x0, 0xfffffc63}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000007080)=[{{0x0, 0x0, &(0x7f0000002000)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000001f80)=""/2, 0x2}], 0x5}}], 0x1, 0x0, 0x0) io_uring_enter(r1, 0x302, 0x0, 0x0, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f0000000000)=[{{&(0x7f00000001c0)={0x2, 0x4e25, @dev}, 0x10, 0x0}}], 0x1, 0x0) 07:59:49 executing program 1: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = getpid() r1 = pidfd_open(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}}) 07:59:49 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_io_uring_setup(0x2de7, &(0x7f0000000000), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f00000007c0)=[{0x0}, {0x0, 0xfffffc63}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000007080)=[{{0x0, 0x0, &(0x7f0000002000)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000001f80)=""/2, 0x2}], 0x5}}], 0x1, 0x0, 0x0) io_uring_enter(r1, 0x302, 0x0, 0x0, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f0000000000)=[{{&(0x7f00000001c0)={0x2, 0x4e25, @dev}, 0x10, 0x0}}], 0x1, 0x0) [ 47.087357][ T1186] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 07:59:49 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_io_uring_setup(0x2de7, &(0x7f0000000000), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f00000007c0)=[{0x0}, {0x0, 0xfffffc63}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000007080)=[{{0x0, 0x0, &(0x7f0000002000)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000001f80)=""/2, 0x2}], 0x5}}], 0x1, 0x0, 0x0) io_uring_enter(r1, 0x302, 0x0, 0x0, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f0000000000)=[{{&(0x7f00000001c0)={0x2, 0x4e25, @dev}, 0x10, 0x0}}], 0x1, 0x0) [ 47.160542][ T4846] loop3: detected capacity change from 0 to 264192 07:59:49 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_io_uring_setup(0x2de7, &(0x7f0000000000), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f00000007c0)=[{0x0}, {0x0, 0xfffffc63}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000007080)=[{{0x0, 0x0, &(0x7f0000002000)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000001f80)=""/2, 0x2}], 0x5}}], 0x1, 0x0, 0x0) io_uring_enter(r1, 0x302, 0x0, 0x0, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f0000000000)=[{{&(0x7f00000001c0)={0x2, 0x4e25, @dev}, 0x10, 0x0}}], 0x1, 0x0) [ 47.203496][ T4846] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 07:59:49 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_io_uring_setup(0x2de7, &(0x7f0000000000), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f00000007c0)=[{0x0}, {0x0, 0xfffffc63}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000007080)=[{{0x0, 0x0, &(0x7f0000002000)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000001f80)=""/2, 0x2}], 0x5}}], 0x1, 0x0, 0x0) io_uring_enter(r1, 0x302, 0x0, 0x0, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f0000000000)=[{{&(0x7f00000001c0)={0x2, 0x4e25, @dev}, 0x10, 0x0}}], 0x1, 0x0) [ 47.422940][ T842] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 07:59:51 executing program 2: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = fork() wait4(r1, 0x0, 0x0, 0x0) tkill(r0, 0x40) tkill(r1, 0x2e) 07:59:51 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_io_uring_setup(0x2de7, &(0x7f0000000000), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f00000007c0)=[{0x0}, {0x0, 0xfffffc63}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000007080)=[{{0x0, 0x0, &(0x7f0000002000)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000001f80)=""/2, 0x2}], 0x5}}], 0x1, 0x0, 0x0) io_uring_enter(r1, 0x302, 0x0, 0x0, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f0000000000)=[{{&(0x7f00000001c0)={0x2, 0x4e25, @dev}, 0x10, 0x0}}], 0x1, 0x0) 07:59:51 executing program 0: r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x3}, {}], 0x2, 0x0) semctl$IPC_SET(r0, 0x0, 0x1, &(0x7f00000003c0)={{0x1, 0x0, 0x0, 0x0, 0xee01}}) 07:59:51 executing program 3: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r1, 0x0) fallocate(r0, 0x0, 0x0, 0x1000f4) syz_open_procfs(0x0, &(0x7f0000000040)) 07:59:51 executing program 1: setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000000)=0x5, 0x4) sendmsg(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000040)=@in={0xfffffffffffffeea, 0x2}, 0x10, 0x0, 0x0, 0x0, 0xffffff8a}, 0x0) getsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000008c0)=""/102384, &(0x7f00000000c0)=0x18ff0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000000000), 0x4) sendmsg(r0, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0x23, &(0x7f00000008c0)=""/102384, &(0x7f00000000c0)=0x18ff0) 07:59:51 executing program 5: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = getpid() r1 = pidfd_open(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}}) 07:59:51 executing program 5: clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = getpid() r1 = pidfd_open(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}}) 07:59:51 executing program 1: setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000000)=0x5, 0x4) sendmsg(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000040)=@in={0xfffffffffffffeea, 0x2}, 0x10, 0x0, 0x0, 0x0, 0xffffff8a}, 0x0) getsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000008c0)=""/102384, &(0x7f00000000c0)=0x18ff0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000000000), 0x4) sendmsg(r0, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0x23, &(0x7f00000008c0)=""/102384, &(0x7f00000000c0)=0x18ff0) 07:59:51 executing program 4: setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000000)=0x5, 0x4) sendmsg(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000040)=@in={0xfffffffffffffeea, 0x2}, 0x10, 0x0, 0x0, 0x0, 0xffffff8a}, 0x0) getsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000008c0)=""/102384, &(0x7f00000000c0)=0x18ff0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000000000), 0x4) sendmsg(r0, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0x23, &(0x7f00000008c0)=""/102384, &(0x7f00000000c0)=0x18ff0) 07:59:51 executing program 3: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r1, 0x0) fallocate(r0, 0x0, 0x0, 0x1000f4) syz_open_procfs(0x0, &(0x7f0000000040)) 07:59:51 executing program 4: setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000000)=0x5, 0x4) sendmsg(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000040)=@in={0xfffffffffffffeea, 0x2}, 0x10, 0x0, 0x0, 0x0, 0xffffff8a}, 0x0) getsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000008c0)=""/102384, &(0x7f00000000c0)=0x18ff0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000000000), 0x4) sendmsg(r0, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0x23, &(0x7f00000008c0)=""/102384, &(0x7f00000000c0)=0x18ff0) 07:59:51 executing program 1: setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000000)=0x5, 0x4) sendmsg(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000040)=@in={0xfffffffffffffeea, 0x2}, 0x10, 0x0, 0x0, 0x0, 0xffffff8a}, 0x0) getsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000008c0)=""/102384, &(0x7f00000000c0)=0x18ff0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000000000), 0x4) sendmsg(r0, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0x23, &(0x7f00000008c0)=""/102384, &(0x7f00000000c0)=0x18ff0)