program: madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) syz_mount_image$hfs(&(0x7f00000001c0), &(0x7f0000000180)='./file1\x00', 0x30000c8, &(0x7f0000000100)=ANY=[], 0x11, 0x2c6, &(0x7f0000005bc0)="$eJzs3btuE08Ux/HfjJ3E/3+isCFBSJSBSNAgCA2iMUKueAIqBMRGirCCgCAuVUBUCEFPR8Er8BA0IF4AKioeIFSLZmbt9WXXNpbjjcP3I8XatWd2z3gvc46laAXgn3Wt9v3jpZ/uz0gllaTXVyQrqSKVJZ3Qycrjnd3t3WajPmhDJd/D/RmFnqavzdZOI6ur6+d7JCK3VtZS53vB4niDRK44jq/+KDoIFM5f/RmstKD5dL0yxZhG8WLMfnsTjmPWmH3t66mWi44DAFCsZP63IZPXUpK/WyttJNO+zw8O2/w/rv2iAzhw8cBPO+Z/X2XFxh3fY/6jtN7zJZz73LaqxFH2PNez7tNH25NgmmFVpY/F/nd3u9k4v3W/Wbd6qWqio9maf62HU7dlSLTrGbXpACOM3WRnlL5etXNuDJsh/ieSuuJfHXOPYzOfzVdz00R6r3o7/yvHxh0mf6SiniMV4r+Qv0U/ysi1UnLbqFartqvJit/JKXWWEsNGWcmuSNQ6o1bU/QNBNCxO3+t4T68wuotDeq1m9tpsreX0Wuvq5UbTPpvz93fQzFtzw6zrlz6p1pH/WxffhgZemelVYzbCVOC/8TCe+ezdlf02o76Zo/9yaX+LC3mh/+69p13/EA++zSHPG93RZS0/evb8XqnZbDx0C7czFh4std+ZeyVltil4QXvpOwuKvb7GrUlpmoGdm+gG3f1jaGN3lR2Kg3KkF2pfpnsiFbFQ8P0JU5Ee9KIjQUFc3mVC/ZfWK+WQ7LmXKDNPH/GHgGSLscux2xVc2jcOGbmk//+qglvMr+D6a66+mtHXXKfPSmdG32OUxHlEmJq+6Ra//wMAAAAAAAAAAAAAAAAAAMyaafw7QdFjBAAAAAAAAAAAAAAAAAAAAABg1rWf/6vW83812vN/e5+7Msnn/77bUfbzfwFM0p8AAAD//0gLf7E=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000280)={0x77359400}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f0000048000), 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8080c61) r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r1, 0x2007ffc) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000340), 0x106, 0x3}}, 0x20) getpid() fsopen(&(0x7f0000000000)='proc\x00', 0x0) syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff) linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0) syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x1000000, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x2, 0x58a, &(0x7f0000000740)="$eJzs3c1rXWkZAPDnPc1NbzrtzJ22ttaOckHBMmJJ006qpjjWyQSE4oRp04UrY5N2wtwkJclIOgzahejG/8HVbBRkQN0ILnTrQnciA67ErVEGBhRHOSfnfiUZk5mbm4/m94PknnvOcz7eAwk872cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFff/nm8JW0308BAAAA9NM3b786PCL/BwAAgCfaHe3/AAAAAAAAAHDYpcjih5Fi9dRaOll8X1e9NbfwxurU+MTWpw2l4sxjRXz+U70ycvXaC6PXv9T8/P/n77YL8crtOzfrLy3OP1yaXV6enalPLczdW5yZ3fEVej1/o+eLF1Cff/2Nmfv3l+sjl692HV6t/e34U+dqY19++eytZuzU+MTE7Y6YgcrHvvsmengAAAAcbYORxbVIcefiz9OpiMii91x4m7qDfhuKWp5/F4WYGp8oCtKYm15YyQ9ONhPhWndOPNjMkfcgF+9JLeJ0/qyDMnoAAAB2rhJZfCZSXPhgLT0dEceaefAXiokBt79AbQ8ecgsDEXEmIi7FIcjZAQAAYJ8djyxejRS/adTimTKvLvL/r0WM7ffDAQAAALtiILK4HineG1tLtaI/QEQ8PzU+Ub91t/6NhfuLHbGTqWxRP+zjA/aSvgkAAAAcANXI4lTR4r+Wnv2QmIE9fiYAAABgdw1FFv+KFJ9/8bvFvHJRzEv/zNhXTt6Y6Jxh7vw218ljL0fExR2Oya+Ucw1OpsmUsk1Xe7wrhQMAAAAK1ZTFXyPF+3+uFt8vlbl50ugPAAAAT46UxQ8ixVcn11LasC79sY71/VsO+9j//j7/UPWlxYePluYevLay5fET1ZvfWV5Zmr639eH1tQu7ukNst44hAAAA7EAlZfHPSPH7xjutvLNcA6DsAdBONN++0c5Nq2nD0aLe4Omi3qA1huCpkZHO7S1T1o8wP16tvO+x3osNAAAAR0pKWQxGis/97pPl2v8nYlMbdBn3h0hxY/G5Mi4bzOOawwRqxe/q/bnG7HAeOx4pftloxkYRe7yMPdOOvZLH/ja/7nR3bLWMPduOHcljP4gUry1tHfuJduzVPHYpUvzsJ/Vm7Ik89mQZe64de/neYmOmby8YAAAADoBKyuJXkeLH/663hvx3t/+3W9vffqvd3r9pgr4PafPvtf2/1rHvcVkPcbysrxjYpr7ilUhx4dnnmuUp6gqa3QrW1zpo11f8I1Isfas7drCMPd2OvbLjFwsAAAAHSLP//x/v/rrV5b7MgcuvW+f/n9o4P2Cf8v/ONQnzey4/evP16UZjdmk/Nyof8azvR0TXnnQQSmHjv6WD8jx7ulH+UT0+KM/T60Zv/wcBAOAoyPP/u5Fi9b13W+3dZf5fdpVv5//vf6+d/49tvFCf8v/THfvGyvkGKgMR1ZX5h5XzEdXlR29+cW5++sHsg9mFq6MvjA6Pjl6/NlIZbDbut7d6flcAAABwWOX5/3Ck+PuPftoan7+T9v8TGy/Up/z/TMe+/J7tRr98z196LT4AAAAcCXn+/4tI8aeL77Tm0evO/zvm/3+rPc7+0mfXewu0agf6lP+f7dhXK+4bMbRLZQcAAAAAAAAAAAAAAAAAAICDopKy+E+keLc6kMoJ/3c0/9/Mxgv1afz/uY59M7E36//1/FIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkMoii7lI8enza+nFfMe3I052fgIAAACH3v8CAAD//16XHzs=") write$binfmt_script(r3, &(0x7f00000008c0), 0xfecc) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0) [ 93.496816][ T5301] Bluetooth: hci0: command tx timeout [ 93.734579][ T5322] loop0: detected capacity change from 0 to 64 [ 93.771998][ T5322] ======================================================= [ 93.771998][ T5322] WARNING: The mand mount option has been deprecated and [ 93.771998][ T5322] and is ignored by this kernel. Remove the mand [ 93.771998][ T5322] option from the mount to silence this warning. [ 93.771998][ T5322] ======================================================= [ 94.711304][ T5322] hfs: request for non-existent node 8 in B*Tree [ 94.714269][ T5322] hfs: request for non-existent node 8 in B*Tree [ 94.938680][ T5322] [ 94.939812][ T5322] ====================================================== [ 94.943040][ T5322] WARNING: possible circular locking dependency detected [ 94.946016][ T5322] syzkaller #0 Not tainted [ 94.947958][ T5322] ------------------------------------------------------ [ 94.951017][ T5322] syz.0.0/5322 is trying to acquire lock: [ 94.953308][ T5322] ffff8880382f40b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300 [ 94.957203][ T5322] [ 94.957203][ T5322] but task is already holding lock: [ 94.962415][ T5322] ffff888011840778 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xf2/0x15e0 [ 94.966862][ T5322] [ 94.966862][ T5322] which lock already depends on the new lock. [ 94.966862][ T5322] [ 94.971456][ T5322] [ 94.971456][ T5322] the existing dependency chain (in reverse order) is: [ 94.975417][ T5322] [ 94.975417][ T5322] -> #1 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}: [ 94.979297][ T5322] __mutex_lock+0x19f/0x1300 [ 94.981528][ T5322] hfs_extend_file+0xf2/0x15e0 [ 94.983845][ T5322] hfs_bmap_reserve+0x107/0x430 [ 94.986147][ T5322] __hfs_ext_write_extent+0x1fa/0x470 [ 94.988576][ T5322] __hfs_ext_cache_extent+0x6b/0x9b0 [ 94.991077][ T5322] hfs_extend_file+0x39b/0x15e0 [ 94.993452][ T5322] hfs_get_block+0x412/0xc50 [ 94.995742][ T5322] __block_write_begin_int+0x6c6/0x1910 [ 94.998362][ T5322] cont_write_begin+0x737/0xae0 [ 95.000671][ T5322] hfs_write_begin+0x66/0xb0 [ 95.002907][ T5322] cont_write_begin+0x2e7/0xae0 [ 95.005115][ T5322] hfs_write_begin+0x66/0xb0 [ 95.007314][ T5322] generic_perform_write+0x2e2/0x8f0 [ 95.009900][ T5322] generic_file_write_iter+0x14a/0x680 [ 95.012512][ T5322] vfs_write+0x61d/0xb90 [ 95.014676][ T5322] __x64_sys_pwrite64+0x199/0x230 [ 95.017143][ T5322] do_syscall_64+0xe2/0xf80 [ 95.019372][ T5322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.022210][ T5322] [ 95.022210][ T5322] -> #0 (&tree->tree_lock/1){+.+.}-{4:4}: [ 95.025648][ T5322] __lock_acquire+0x15a5/0x2cf0 [ 95.027897][ T5322] lock_acquire+0x106/0x330 [ 95.030181][ T5322] __mutex_lock+0x19f/0x1300 [ 95.032397][ T5322] hfs_find_init+0x18e/0x300 [ 95.034594][ T5322] hfs_extend_file+0x35c/0x15e0 [ 95.036884][ T5322] hfs_bmap_reserve+0x107/0x430 [ 95.039206][ T5322] hfs_cat_create+0x20f/0x800 [ 95.041558][ T5322] hfs_create+0x66/0xe0 [ 95.043572][ T5322] path_openat+0x18dd/0x3e20 [ 95.045921][ T5322] do_filp_open+0x22d/0x490 [ 95.048067][ T5322] do_sys_openat2+0x12f/0x220 [ 95.050334][ T5322] __x64_sys_openat+0x138/0x170 [ 95.052881][ T5322] do_syscall_64+0xe2/0xf80 [ 95.055118][ T5322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.057785][ T5322] [ 95.057785][ T5322] other info that might help us debug this: [ 95.057785][ T5322] [ 95.062106][ T5322] Possible unsafe locking scenario: [ 95.062106][ T5322] [ 95.065361][ T5322] CPU0 CPU1 [ 95.067638][ T5322] ---- ---- [ 95.069908][ T5322] lock(&HFS_I(tree->inode)->extents_lock); [ 95.072549][ T5322] lock(&tree->tree_lock/1); [ 95.075711][ T5322] lock(&HFS_I(tree->inode)->extents_lock); [ 95.079152][ T5322] lock(&tree->tree_lock/1); [ 95.080997][ T5322] [ 95.080997][ T5322] *** DEADLOCK *** [ 95.080997][ T5322] [ 95.084568][ T5322] 4 locks held by syz.0.0/5322: [ 95.086679][ T5322] #0: ffff888037124420 (sb_writers#12){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 95.090559][ T5322] #1: ffff888011840fa0 (&type->i_mutex_dir_key#8){+.+.}-{4:4}, at: path_openat+0xb53/0x3e20 [ 95.094750][ T5322] #2: ffff88803176a0b0 (&tree->tree_lock){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300 [ 95.098774][ T5322] #3: ffff888011840778 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xf2/0x15e0 [ 95.103303][ T5322] [ 95.103303][ T5322] stack backtrace: [ 95.105812][ T5322] CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 95.105824][ T5322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 95.105830][ T5322] Call Trace: [ 95.105835][ T5322] [ 95.105840][ T5322] dump_stack_lvl+0xe8/0x150 [ 95.105854][ T5322] print_circular_bug+0x2e1/0x300 [ 95.105865][ T5322] check_noncircular+0x12e/0x150 [ 95.105874][ T5322] __lock_acquire+0x15a5/0x2cf0 [ 95.105887][ T5322] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 95.105899][ T5322] ? lockdep_hardirqs_on+0x7a/0x110 [ 95.105908][ T5322] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 95.105922][ T5322] ? stack_depot_save_flags+0x3f3/0x810 [ 95.105977][ T5322] ? hfs_find_init+0x18e/0x300 [ 95.105993][ T5322] lock_acquire+0x106/0x330 [ 95.106007][ T5322] ? hfs_find_init+0x18e/0x300 [ 95.106024][ T5322] __mutex_lock+0x19f/0x1300 [ 95.106035][ T5322] ? hfs_find_init+0x18e/0x300 [ 95.106052][ T5322] ? hfs_find_init+0x18e/0x300 [ 95.106067][ T5322] ? __pfx___mutex_lock+0x10/0x10 [ 95.106079][ T5322] ? rcu_is_watching+0x15/0xb0 [ 95.106090][ T5322] ? trace_kmalloc+0x1f/0xb0 [ 95.106103][ T5322] ? __kmalloc_noprof+0x42d/0x7e0 [ 95.106117][ T5322] ? hfs_find_init+0xaa/0x300 [ 95.106133][ T5322] hfs_find_init+0x18e/0x300 [ 95.106150][ T5322] hfs_extend_file+0x35c/0x15e0 [ 95.106165][ T5322] ? __pfx_hfs_extend_file+0x10/0x10 [ 95.106176][ T5322] ? __mutex_lock+0x319/0x1300 [ 95.106186][ T5322] ? __pfx___mutex_lock+0x10/0x10 [ 95.106194][ T5322] hfs_bmap_reserve+0x107/0x430 [ 95.106204][ T5322] hfs_cat_create+0x20f/0x800 [ 95.106213][ T5322] ? do_raw_spin_lock+0x12b/0x2f0 [ 95.106221][ T5322] ? __pfx_hfs_cat_create+0x10/0x10 [ 95.106231][ T5322] ? _raw_spin_unlock+0x28/0x50 [ 95.106241][ T5322] ? hfs_new_inode+0x838/0xbd0 [ 95.106251][ T5322] hfs_create+0x66/0xe0 [ 95.106259][ T5322] ? __pfx_hfs_create+0x10/0x10 [ 95.106266][ T5322] path_openat+0x18dd/0x3e20 [ 95.106280][ T5322] ? __pfx_path_openat+0x10/0x10 [ 95.106292][ T5322] do_filp_open+0x22d/0x490 [ 95.106300][ T5322] ? __pfx_do_filp_open+0x10/0x10 [ 95.106312][ T5322] ? _raw_spin_unlock+0x28/0x50 [ 95.106321][ T5322] ? alloc_fd+0x64b/0x6c0 [ 95.106333][ T5322] do_sys_openat2+0x12f/0x220 [ 95.106340][ T5322] ? __se_sys_futex+0x3a8/0x450 [ 95.106350][ T5322] ? __pfx_do_sys_openat2+0x10/0x10 [ 95.106358][ T5322] ? rcu_is_watching+0x15/0xb0 [ 95.106365][ T5322] __x64_sys_openat+0x138/0x170 [ 95.106375][ T5322] do_syscall_64+0xe2/0xf80 [ 95.106386][ T5322] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.106395][ T5322] ? trace_irq_disable+0x37/0x100 [ 95.106406][ T5322] ? clear_bhb_loop+0x60/0xb0 [ 95.106418][ T5322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.106442][ T5322] RIP: 0033:0x7f118d19aeb9 [ 95.106455][ T5322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 95.106489][ T5322] RSP: 002b:00007f11895f5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 95.106503][ T5322] RAX: ffffffffffffffda RBX: 00007f118d415fa0 RCX: 00007f118d19aeb9 [ 95.106512][ T5322] RDX: 000000000000275a RSI: 0000200000000200 RDI: ffffffffffffff9c [ 95.106520][ T5322] RBP: 00007f118d208c1f R08: 0000000000000000 R09: 0000000000000000 [ 95.106528][ T5322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 95.106535][ T5322] R13: 00007f118d416038 R14: 00007f118d415fa0 R15: 00007ffc4d70f828 [ 95.106545][ T5322] [ 95.252834][ T5322] syz.0.0: attempt to access beyond end of device [ 95.252834][ T5322] loop0: rw=8388608, sector=27871, nr_sectors = 1 limit=64 [ 95.258806][ T5322] Buffer I/O error on dev loop0, logical block 27871, async page read [ 95.262147][ T5322] syz.0.0: attempt to access beyond end of device [ 95.262147][ T5322] loop0: rw=8388608, sector=27872, nr_sectors = 1 limit=64 [ 95.267599][ T5322] Buffer I/O error on dev loop0, logical block 27872, async page read [ 95.271133][ T5322] syz.0.0: attempt to access beyond end of device [ 95.271133][ T5322] loop0: rw=8388608, sector=27874, nr_sectors = 1 limit=64 [ 95.276598][ T5322] Buffer I/O error on dev loop0, logical block 27874, async page read [ 95.289929][ T5322] syz.0.0: attempt to access beyond end of device [ 95.289929][ T5322] loop0: rw=8388608, sector=27871, nr_sectors = 1 limit=64 [ 95.296447][ T5322] Buffer I/O error on dev loop0, logical block 27871, async page read [ 95.299918][ T5322] syz.0.0: attempt to access beyond end of device [ 95.299918][ T5322] loop0: rw=8388608, sector=27872, nr_sectors = 1 limit=64 [ 95.305668][ T5322] Buffer I/O error on dev loop0, logical block 27872, async page read [ 95.309185][ T5322] syz.0.0: attempt to access beyond end of device [ 95.309185][ T5322] loop0: rw=8388608, sector=27874, nr_sectors = 1 limit=64 [ 95.314799][ T5322] Buffer I/O error on dev loop0, logical block 27874, async page read [ 95.331840][ T5322] syz.0.0: attempt to access beyond end of device [ 95.331840][ T5322] loop0: rw=8388608, sector=27871, nr_sectors = 1 limit=64 [ 95.337597][ T5322] Buffer I/O error on dev loop0, logical block 27871, async page read [ 95.341191][ T5322] syz.0.0: attempt to access beyond end of device [ 95.341191][ T5322] loop0: rw=8388608, sector=27872, nr_sectors = 1 limit=64 [ 95.346664][ T5322] Buffer I/O error on dev loop0, logical block 27872, async page read [ 95.350341][ T5322] syz.0.0: attempt to access beyond end of device [ 95.350341][ T5322] loop0: rw=8388608, sector=27874, nr_sectors = 1 limit=64 [ 95.355974][ T5322] Buffer I/O error on dev loop0, logical block 27874, async page read [ 95.369467][ T5322] syz.0.0: attempt to access beyond end of device [ 95.369467][ T5322] loop0: rw=8388608, sector=27871, nr_sectors = 1 limit=64 [ 95.374770][ T5322] Buffer I/O error on dev loop0, logical block 27871, async page read