0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 10) 10:14:41 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f01ad00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:41 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0706040000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 921.121563][ T380] loop2: p1 p2 p3 p4 [ 921.125675][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 921.131753][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 921.151207][T22603] loop5: detected capacity change from 0 to 16949 [ 921.152055][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 921.163888][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 921.170205][T22598] FAULT_INJECTION: forcing a failure. [ 921.170205][T22598] name failslab, interval 1, probability 0, space 0, times 0 [ 921.183821][T22598] CPU: 0 PID: 22598 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 921.192607][T22598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 921.202740][T22598] Call Trace: [ 921.206008][T22598] dump_stack_lvl+0xd6/0x122 [ 921.210637][T22598] dump_stack+0x11/0x1b [ 921.214813][T22598] should_fail+0x23c/0x250 [ 921.219218][T22598] ? __alloc_file+0x2e/0x1a0 [ 921.223921][T22598] __should_failslab+0x81/0x90 [ 921.228691][T22598] should_failslab+0x5/0x20 [ 921.233199][T22598] kmem_cache_alloc+0x4f/0x300 [ 921.238005][T22598] __alloc_file+0x2e/0x1a0 [ 921.242468][T22598] alloc_empty_file+0xcd/0x1c0 [ 921.247252][T22598] path_openat+0x6a/0x1ec0 [ 921.251728][T22598] ? avc_has_perm_noaudit+0x1c0/0x270 [ 921.257124][T22598] ? avc_has_perm+0x70/0x160 [ 921.261698][T22598] ? avc_has_perm+0xd5/0x160 [ 921.266324][T22598] do_filp_open+0x105/0x220 [ 921.270954][T22598] do_sys_openat2+0xb5/0x2b0 [ 921.275554][T22598] ? perf_trace_sys_exit+0x6e/0x180 [ 921.280740][T22598] __x64_sys_openat+0xef/0x110 [ 921.285587][T22598] do_syscall_64+0x44/0xa0 [ 921.290099][T22598] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 921.295998][T22598] RIP: 0033:0x7fc7f63a5954 [ 921.300421][T22598] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 10:14:41 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:41 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000200ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 921.320065][T22598] RSP: 002b:00007fc7f4168ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 921.328533][T22598] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63a5954 [ 921.336492][T22598] RDX: 0000000000000002 RSI: 00007fc7f4169000 RDI: 00000000ffffff9c [ 921.344598][T22598] RBP: 00007fc7f4169000 R08: 0000000000000000 R09: ffffffffffffffff [ 921.352637][T22598] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 921.360596][T22598] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 10:14:42 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f01b200000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000300ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000400ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000500ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:42 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 11) [ 921.485783][T22616] loop5: detected capacity change from 0 to 16949 [ 921.498499][T22618] loop2: detected capacity change from 0 to 1 [ 921.562115][T22618] loop2: p1 p2 p3 p4 [ 921.567356][T22618] loop2: p1 start 10 is beyond EOD, truncated [ 921.573471][T22618] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 921.591153][T22618] loop2: p3 start 225 is beyond EOD, truncated [ 921.597347][T22618] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 921.601404][T22624] FAULT_INJECTION: forcing a failure. [ 921.601404][T22624] name failslab, interval 1, probability 0, space 0, times 0 [ 921.617233][T22624] CPU: 1 PID: 22624 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 921.626021][T22624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 921.636068][T22624] Call Trace: [ 921.639452][T22624] dump_stack_lvl+0xd6/0x122 [ 921.644046][T22624] dump_stack+0x11/0x1b [ 921.648200][T22624] should_fail+0x23c/0x250 [ 921.652644][T22624] ? security_file_alloc+0x30/0x190 [ 921.657834][T22624] __should_failslab+0x81/0x90 [ 921.662644][T22624] should_failslab+0x5/0x20 [ 921.667213][T22624] kmem_cache_alloc+0x4f/0x300 [ 921.672041][T22624] security_file_alloc+0x30/0x190 [ 921.677108][T22624] __alloc_file+0x83/0x1a0 [ 921.681546][T22624] alloc_empty_file+0xcd/0x1c0 [ 921.686351][T22624] path_openat+0x6a/0x1ec0 [ 921.690802][T22624] ? avc_has_perm_noaudit+0x1c0/0x270 [ 921.696172][T22624] ? avc_has_perm+0x70/0x160 [ 921.700804][T22624] ? avc_has_perm+0xd5/0x160 [ 921.705387][T22624] do_filp_open+0x105/0x220 [ 921.709930][T22624] do_sys_openat2+0xb5/0x2b0 [ 921.714512][T22624] ? perf_trace_sys_exit+0x6e/0x180 [ 921.719710][T22624] __x64_sys_openat+0xef/0x110 [ 921.724481][T22624] do_syscall_64+0x44/0xa0 [ 921.728957][T22624] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 921.734870][T22624] RIP: 0033:0x7fc7f63a5954 [ 921.739277][T22624] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 921.758967][T22624] RSP: 002b:00007fc7f4168ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 921.767584][T22624] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63a5954 [ 921.775654][T22624] RDX: 0000000000000002 RSI: 00007fc7f4169000 RDI: 00000000ffffff9c [ 921.783681][T22624] RBP: 00007fc7f4169000 R08: 0000000000000000 R09: ffffffffffffffff [ 921.791710][T22624] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 921.799693][T22624] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 [ 921.854252][T22618] loop2: detected capacity change from 0 to 1 [ 921.881388][ T380] loop2: p1 p2 p3 p4 [ 921.885424][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 921.891543][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 921.899428][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 921.905613][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 921.914917][T22618] loop2: p1 p2 p3 p4 [ 921.919046][T22618] loop2: p1 start 10 is beyond EOD, truncated [ 921.925144][T22618] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 921.932877][T22618] loop2: p3 start 225 is beyond EOD, truncated [ 921.939240][T22618] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 921.947592][ T380] loop2: p1 p2 p3 p4 10:14:42 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac120000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:42 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f01c000000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000800ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:42 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 12) 10:14:42 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700050000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 921.951714][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 921.957921][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 921.965643][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 921.971822][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 922.008127][T22630] loop5: detected capacity change from 0 to 16949 [ 922.015622][T22632] FAULT_INJECTION: forcing a failure. [ 922.015622][T22632] name failslab, interval 1, probability 0, space 0, times 0 [ 922.028284][T22632] CPU: 1 PID: 22632 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 922.037132][T22632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 922.047256][T22632] Call Trace: [ 922.050595][T22632] dump_stack_lvl+0xd6/0x122 [ 922.055188][T22632] dump_stack+0x11/0x1b [ 922.059334][T22632] should_fail+0x23c/0x250 [ 922.063744][T22632] ? kzalloc+0x16/0x20 [ 922.068060][T22632] __should_failslab+0x81/0x90 [ 922.072820][T22632] should_failslab+0x5/0x20 [ 922.077316][T22632] __kmalloc+0x6f/0x350 [ 922.081479][T22632] ? _atomic_dec_and_lock+0x60/0xd0 [ 922.086706][T22632] kzalloc+0x16/0x20 [ 922.090604][T22632] alloc_workqueue+0x12f/0xad0 [ 922.095426][T22632] ? disk_unblock_events+0x35/0x40 [ 922.100535][T22632] ? bd_prepare_to_claim+0x1e6/0x270 [ 922.105889][T22632] ? loop_attr_do_show_dio+0x70/0x70 [ 922.111246][T22632] ? loop_set_status_from_info+0x35e/0x3a0 [ 922.117071][T22632] loop_configure+0x681/0xeb0 [ 922.121743][T22632] lo_ioctl+0x618/0x13e0 [ 922.126111][T22632] ? path_openat+0x18d4/0x1ec0 [ 922.130919][T22632] ? blkdev_common_ioctl+0x438/0x1110 [ 922.136284][T22632] ? selinux_file_ioctl+0x981/0xa10 [ 922.141516][T22632] ? lo_release+0x120/0x120 [ 922.146032][T22632] blkdev_ioctl+0x1d0/0x3f0 [ 922.150538][T22632] block_ioctl+0x6e/0x80 [ 922.154774][T22632] ? blkdev_iopoll+0x80/0x80 [ 922.159358][T22632] __se_sys_ioctl+0xcb/0x140 [ 922.163981][T22632] __x64_sys_ioctl+0x3f/0x50 [ 922.168566][T22632] do_syscall_64+0x44/0xa0 [ 922.172981][T22632] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 922.178881][T22632] RIP: 0033:0x7fc7f63f27f7 [ 922.183346][T22632] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 922.202949][T22632] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 922.211379][T22632] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 922.219344][T22632] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 922.227327][T22632] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 922.235297][T22632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 922.243264][T22632] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 10:14:42 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x2, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a001800ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:42 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f03ce00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a002600ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 922.327122][T22645] loop2: detected capacity change from 0 to 1 [ 922.340930][T22649] loop5: detected capacity change from 0 to 16949 [ 922.361642][ T380] loop2: p1 p2 p3 p4 10:14:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a007300ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 922.381659][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 922.387796][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:14:43 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000fc0ed00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a007e00ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 922.455106][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 922.461373][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 922.486655][T22645] loop2: p1 p2 p3 p4 [ 922.490845][T22645] loop2: p1 start 10 is beyond EOD, truncated [ 922.496922][T22645] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 922.506107][T22645] loop2: p3 start 225 is beyond EOD, truncated [ 922.512310][T22645] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 922.519109][T22660] loop5: detected capacity change from 0 to 16949 [ 922.572909][T22645] loop2: detected capacity change from 0 to 1 [ 922.610691][T22645] loop2: p1 p2 p3 p4 [ 922.614725][T22645] loop2: p1 start 10 is beyond EOD, truncated [ 922.620871][T22645] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 922.628741][T22645] loop2: p3 start 225 is beyond EOD, truncated [ 922.635003][T22645] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:43 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac1c0000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:43 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 13) 10:14:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a00fe00ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:43 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f01f800000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:43 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700060000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 922.691636][ T380] loop2: p1 p2 p3 p4 [ 922.695675][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 922.701772][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 922.716232][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 922.722467][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 922.736394][T22668] loop5: detected capacity change from 0 to 16949 [ 922.751017][T22663] FAULT_INJECTION: forcing a failure. [ 922.751017][T22663] name failslab, interval 1, probability 0, space 0, times 0 [ 922.763723][T22663] CPU: 1 PID: 22663 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 922.772476][T22663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 922.782522][T22663] Call Trace: [ 922.785803][T22663] dump_stack_lvl+0xd6/0x122 [ 922.790549][T22663] dump_stack+0x11/0x1b [ 922.794729][T22663] should_fail+0x23c/0x250 [ 922.799141][T22663] __should_failslab+0x81/0x90 [ 922.803962][T22663] ? alloc_workqueue+0x15d/0xad0 [ 922.808897][T22663] should_failslab+0x5/0x20 [ 922.813419][T22663] kmem_cache_alloc_trace+0x52/0x320 [ 922.818809][T22663] alloc_workqueue+0x15d/0xad0 [ 922.823640][T22663] ? disk_unblock_events+0x35/0x40 [ 922.828756][T22663] ? bd_prepare_to_claim+0x1e6/0x270 [ 922.834105][T22663] ? loop_attr_do_show_dio+0x70/0x70 [ 922.839436][T22663] ? loop_set_status_from_info+0x35e/0x3a0 [ 922.845264][T22663] loop_configure+0x681/0xeb0 [ 922.849943][T22663] lo_ioctl+0x618/0x13e0 [ 922.854188][T22663] ? path_openat+0x18d4/0x1ec0 [ 922.859000][T22663] ? blkdev_common_ioctl+0x438/0x1110 [ 922.864370][T22663] ? selinux_file_ioctl+0x981/0xa10 [ 922.869582][T22663] ? lo_release+0x120/0x120 [ 922.874113][T22663] blkdev_ioctl+0x1d0/0x3f0 [ 922.878668][T22663] block_ioctl+0x6e/0x80 [ 922.882908][T22663] ? blkdev_iopoll+0x80/0x80 [ 922.887492][T22663] __se_sys_ioctl+0xcb/0x140 [ 922.892091][T22663] __x64_sys_ioctl+0x3f/0x50 [ 922.896683][T22663] do_syscall_64+0x44/0xa0 [ 922.901123][T22663] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 922.907064][T22663] RIP: 0033:0x7fc7f63f27f7 [ 922.911499][T22663] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 922.931098][T22663] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 922.939697][T22663] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 922.947667][T22663] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 922.955643][T22663] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 922.964089][T22663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 922.972055][T22663] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 [ 922.991581][T22672] loop2: detected capacity change from 0 to 1 [ 923.033114][T22672] loop2: p1 p2 p3 p4 [ 923.037217][T22672] loop2: p1 start 10 is beyond EOD, truncated [ 923.043364][T22672] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 923.051954][T22672] loop2: p3 start 225 is beyond EOD, truncated [ 923.058139][T22672] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 923.113713][T22672] loop2: detected capacity change from 0 to 1 [ 923.151294][T22672] loop2: p1 p2 p3 p4 [ 923.155378][T22672] loop2: p1 start 10 is beyond EOD, truncated 10:14:43 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x3, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000402ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:43 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ffffe00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:43 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 14) [ 923.161526][T22672] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:14:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000003ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:43 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0fff00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 923.187559][T22676] loop5: detected capacity change from 0 to 16949 [ 923.194383][T22672] loop2: p3 start 225 is beyond EOD, truncated [ 923.200575][T22672] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a008003ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 923.240749][T22678] FAULT_INJECTION: forcing a failure. [ 923.240749][T22678] name failslab, interval 1, probability 0, space 0, times 0 [ 923.253381][T22678] CPU: 0 PID: 22678 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 923.262185][T22678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 923.272294][T22678] Call Trace: [ 923.275580][T22678] dump_stack_lvl+0xd6/0x122 [ 923.280244][T22678] dump_stack+0x11/0x1b [ 923.284422][T22678] should_fail+0x23c/0x250 [ 923.288876][T22678] ? kzalloc+0x16/0x20 [ 923.292971][T22678] __should_failslab+0x81/0x90 [ 923.297737][T22678] should_failslab+0x5/0x20 [ 923.302239][T22678] __kmalloc+0x6f/0x350 [ 923.306420][T22678] ? number+0xa13/0xb60 [ 923.310604][T22678] kzalloc+0x16/0x20 [ 923.314505][T22678] apply_wqattrs_prepare+0x3a/0x630 [ 923.319713][T22678] ? vsnprintf+0xe8f/0xed0 [ 923.324128][T22678] apply_workqueue_attrs+0x9e/0x100 [ 923.329355][T22678] alloc_workqueue+0x777/0xad0 [ 923.334123][T22678] ? bd_prepare_to_claim+0x1e6/0x270 [ 923.339450][T22678] ? loop_attr_do_show_dio+0x70/0x70 [ 923.344732][T22678] ? loop_set_status_from_info+0x35e/0x3a0 [ 923.350596][T22678] loop_configure+0x681/0xeb0 [ 923.355274][T22678] lo_ioctl+0x618/0x13e0 [ 923.359540][T22678] ? __netif_receive_skb_list+0x2b3/0x310 [ 923.365711][T22678] ? blkdev_common_ioctl+0x438/0x1110 [ 923.371108][T22678] ? selinux_file_ioctl+0x981/0xa10 [ 923.376293][T22678] ? lo_release+0x120/0x120 [ 923.380854][T22678] blkdev_ioctl+0x1d0/0x3f0 [ 923.385350][T22678] block_ioctl+0x6e/0x80 [ 923.389633][T22678] ? blkdev_iopoll+0x80/0x80 [ 923.394276][T22678] __se_sys_ioctl+0xcb/0x140 [ 923.398860][T22678] __x64_sys_ioctl+0x3f/0x50 [ 923.403519][T22678] do_syscall_64+0x44/0xa0 [ 923.408009][T22678] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 923.414022][T22678] RIP: 0033:0x7fc7f63f27f7 [ 923.418481][T22678] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 923.438082][T22678] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 923.446472][T22678] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 923.454426][T22678] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 923.462377][T22678] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 923.470723][T22678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 923.478686][T22678] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 10:14:44 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac220000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000204ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:44 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0704060000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 923.510579][ T380] loop2: p1 p2 p3 p4 [ 923.514657][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 923.520764][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 923.545373][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 923.551581][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:44 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 15) 10:14:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000604ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 923.563740][T22696] loop5: detected capacity change from 0 to 16949 [ 923.598081][T22700] FAULT_INJECTION: forcing a failure. [ 923.598081][T22700] name failslab, interval 1, probability 0, space 0, times 0 [ 923.610730][T22700] CPU: 1 PID: 22700 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 923.619593][T22700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 923.629640][T22700] Call Trace: [ 923.632921][T22700] dump_stack_lvl+0xd6/0x122 [ 923.637554][T22700] dump_stack+0x11/0x1b [ 923.641712][T22700] should_fail+0x23c/0x250 [ 923.646221][T22700] __should_failslab+0x81/0x90 [ 923.651149][T22700] ? apply_wqattrs_prepare+0x5f/0x630 [ 923.656518][T22700] should_failslab+0x5/0x20 [ 923.661016][T22700] kmem_cache_alloc_trace+0x52/0x320 [ 923.666298][T22700] apply_wqattrs_prepare+0x5f/0x630 [ 923.671545][T22700] ? vsnprintf+0xe8f/0xed0 [ 923.675959][T22700] apply_workqueue_attrs+0x9e/0x100 [ 923.681206][T22700] alloc_workqueue+0x777/0xad0 [ 923.686116][T22700] ? disk_unblock_events+0x35/0x40 [ 923.691231][T22700] ? bd_prepare_to_claim+0x1e6/0x270 [ 923.696536][T22700] ? loop_attr_do_show_dio+0x70/0x70 [ 923.701932][T22700] ? loop_set_status_from_info+0x35e/0x3a0 [ 923.707788][T22700] loop_configure+0x681/0xeb0 [ 923.712480][T22700] lo_ioctl+0x618/0x13e0 [ 923.716799][T22700] ? path_openat+0x18d4/0x1ec0 [ 923.721704][T22700] ? blkdev_common_ioctl+0x438/0x1110 [ 923.727161][T22700] ? selinux_file_ioctl+0x981/0xa10 [ 923.732362][T22700] ? lo_release+0x120/0x120 [ 923.736959][T22700] blkdev_ioctl+0x1d0/0x3f0 [ 923.741493][T22700] block_ioctl+0x6e/0x80 [ 923.745790][T22700] ? blkdev_iopoll+0x80/0x80 [ 923.750381][T22700] __se_sys_ioctl+0xcb/0x140 [ 923.754967][T22700] __x64_sys_ioctl+0x3f/0x50 [ 923.759551][T22700] do_syscall_64+0x44/0xa0 [ 923.764062][T22700] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 923.769960][T22700] RIP: 0033:0x7fc7f63f27f7 [ 923.774482][T22700] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 923.794082][T22700] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 923.802496][T22700] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 923.810460][T22700] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 923.818451][T22700] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 923.826497][T22700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 923.834548][T22700] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 10:14:44 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x4, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:44 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac250000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000005ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:44 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ffeff00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:44 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 16) 10:14:44 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000fffff03000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000406ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 924.076244][T22708] loop5: detected capacity change from 0 to 16949 [ 924.089115][T22715] loop2: detected capacity change from 0 to 1 [ 924.153244][T22712] FAULT_INJECTION: forcing a failure. [ 924.153244][T22712] name failslab, interval 1, probability 0, space 0, times 0 [ 924.165915][T22712] CPU: 1 PID: 22712 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 924.174678][T22712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 924.184782][T22712] Call Trace: [ 924.188080][T22712] dump_stack_lvl+0xd6/0x122 [ 924.192671][T22712] dump_stack+0x11/0x1b [ 924.196841][T22712] should_fail+0x23c/0x250 10:14:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000018ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 924.201749][T22712] __should_failslab+0x81/0x90 [ 924.206582][T22712] ? apply_wqattrs_prepare+0xbe/0x630 [ 924.211949][T22712] should_failslab+0x5/0x20 [ 924.216453][T22712] kmem_cache_alloc_trace+0x52/0x320 [ 924.221891][T22712] ? apply_wqattrs_prepare+0x5f/0x630 [ 924.227265][T22712] apply_wqattrs_prepare+0xbe/0x630 [ 924.232554][T22712] ? vsnprintf+0xe8f/0xed0 [ 924.237067][T22712] apply_workqueue_attrs+0x9e/0x100 [ 924.242339][T22712] alloc_workqueue+0x777/0xad0 [ 924.247119][T22712] ? disk_unblock_events+0x35/0x40 [ 924.252246][T22712] ? bd_prepare_to_claim+0x1e6/0x270 [ 924.257599][T22712] ? loop_attr_do_show_dio+0x70/0x70 [ 924.262942][T22712] ? loop_set_status_from_info+0x35e/0x3a0 [ 924.268759][T22712] loop_configure+0x681/0xeb0 [ 924.273462][T22712] lo_ioctl+0x618/0x13e0 [ 924.277703][T22712] ? path_openat+0x18d4/0x1ec0 [ 924.282523][T22712] ? blkdev_common_ioctl+0x438/0x1110 [ 924.287893][T22712] ? selinux_file_ioctl+0x981/0xa10 [ 924.293156][T22712] ? lo_release+0x120/0x120 [ 924.297653][T22712] blkdev_ioctl+0x1d0/0x3f0 [ 924.302152][T22712] block_ioctl+0x6e/0x80 [ 924.306381][T22712] ? blkdev_iopoll+0x80/0x80 [ 924.310967][T22712] __se_sys_ioctl+0xcb/0x140 [ 924.315608][T22712] __x64_sys_ioctl+0x3f/0x50 [ 924.320249][T22712] do_syscall_64+0x44/0xa0 [ 924.324668][T22712] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 924.330604][T22712] RIP: 0033:0x7fc7f63f27f7 10:14:44 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff07000c0000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 924.335036][T22712] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 924.354849][T22712] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 924.363260][T22712] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 924.371230][T22712] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 924.379212][T22712] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 924.387181][T22712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 924.395241][T22712] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 10:14:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000020ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:45 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 17) [ 924.418416][T22715] loop2: p1 p2 p3 p4 [ 924.430376][T22727] loop5: detected capacity change from 0 to 16949 [ 924.437997][T22715] loop2: p1 start 10 is beyond EOD, truncated [ 924.444106][T22715] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:14:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000004000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 924.477881][T22715] loop2: p3 start 225 is beyond EOD, truncated [ 924.484116][T22715] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 924.534970][T22732] FAULT_INJECTION: forcing a failure. [ 924.534970][T22732] name failslab, interval 1, probability 0, space 0, times 0 [ 924.547668][T22732] CPU: 1 PID: 22732 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 924.556524][T22732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 924.566619][T22732] Call Trace: [ 924.570020][T22732] dump_stack_lvl+0xd6/0x122 [ 924.574660][T22732] dump_stack+0x11/0x1b [ 924.578917][T22732] should_fail+0x23c/0x250 [ 924.583328][T22732] __should_failslab+0x81/0x90 [ 924.588128][T22732] should_failslab+0x5/0x20 [ 924.592628][T22732] kmem_cache_alloc_node+0x61/0x2c0 [ 924.597824][T22732] ? alloc_unbound_pwq+0x3e6/0x780 [ 924.602925][T22732] alloc_unbound_pwq+0x3e6/0x780 [ 924.607901][T22732] apply_wqattrs_prepare+0x1ed/0x630 [ 924.613218][T22732] ? vsnprintf+0xe8f/0xed0 [ 924.617633][T22732] apply_workqueue_attrs+0x9e/0x100 [ 924.623051][T22732] alloc_workqueue+0x777/0xad0 [ 924.627897][T22732] ? disk_unblock_events+0x35/0x40 [ 924.633016][T22732] ? bd_prepare_to_claim+0x1e6/0x270 [ 924.638414][T22732] ? loop_attr_do_show_dio+0x70/0x70 [ 924.643702][T22732] ? loop_set_status_from_info+0x35e/0x3a0 [ 924.649595][T22732] loop_configure+0x681/0xeb0 [ 924.654318][T22732] lo_ioctl+0x618/0x13e0 [ 924.658565][T22732] ? path_openat+0x18d4/0x1ec0 [ 924.663336][T22732] ? blkdev_common_ioctl+0x438/0x1110 [ 924.668702][T22732] ? selinux_file_ioctl+0x981/0xa10 [ 924.673900][T22732] ? lo_release+0x120/0x120 [ 924.678425][T22732] blkdev_ioctl+0x1d0/0x3f0 [ 924.682918][T22732] block_ioctl+0x6e/0x80 [ 924.687224][T22732] ? blkdev_iopoll+0x80/0x80 [ 924.691862][T22732] __se_sys_ioctl+0xcb/0x140 [ 924.696457][T22732] __x64_sys_ioctl+0x3f/0x50 [ 924.701071][T22732] do_syscall_64+0x44/0xa0 [ 924.705494][T22732] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 924.711396][T22732] RIP: 0033:0x7fc7f63f27f7 [ 924.715807][T22732] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 924.735408][T22732] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 924.743835][T22732] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 924.751799][T22732] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 924.759779][T22732] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 924.767796][T22732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 924.775926][T22732] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 [ 924.796195][T22715] loop2: detected capacity change from 0 to 1 [ 924.796231][T22735] loop5: detected capacity change from 0 to 16949 [ 924.920894][T22715] loop2: p1 p2 p3 p4 [ 924.934827][T22715] loop2: p1 start 10 is beyond EOD, truncated [ 924.941018][T22715] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 924.964532][T22715] loop2: p3 start 225 is beyond EOD, truncated 10:14:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000026ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 924.970886][T22715] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:45 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac260000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000008000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:45 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x7, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:45 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 18) 10:14:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a00003fff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:45 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0708100000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:14:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000040ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 925.031408][ T380] loop2: p1 p2 p3 p4 [ 925.035489][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 925.041724][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 925.059932][T22747] loop5: detected capacity change from 0 to 16949 [ 925.061904][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 925.072605][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 925.099374][T22746] FAULT_INJECTION: forcing a failure. [ 925.099374][T22746] name failslab, interval 1, probability 0, space 0, times 0 [ 925.112136][T22746] CPU: 1 PID: 22746 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 925.120927][T22746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 925.130980][T22746] Call Trace: [ 925.134259][T22746] dump_stack_lvl+0xd6/0x122 [ 925.138999][T22746] dump_stack+0x11/0x1b [ 925.143169][T22746] should_fail+0x23c/0x250 [ 925.147588][T22746] __should_failslab+0x81/0x90 [ 925.152348][T22746] ? kobject_uevent_env+0x1a7/0xc40 [ 925.157593][T22746] should_failslab+0x5/0x20 [ 925.162095][T22746] kmem_cache_alloc_trace+0x52/0x320 [ 925.167484][T22746] ? pwq_adjust_max_active+0x491/0x4b0 [ 925.172949][T22746] ? dev_uevent_filter+0x70/0x70 [ 925.177886][T22746] kobject_uevent_env+0x1a7/0xc40 [ 925.182923][T22746] ? __list_add_valid+0x28/0x90 [ 925.187846][T22746] ? alloc_workqueue+0xa18/0xad0 [ 925.192791][T22746] disk_force_media_change+0xe3/0x170 [ 925.198248][T22746] loop_configure+0x6c0/0xeb0 [ 925.202931][T22746] lo_ioctl+0x618/0x13e0 [ 925.207201][T22746] ? path_openat+0x18d4/0x1ec0 [ 925.211982][T22746] ? blkdev_common_ioctl+0x438/0x1110 [ 925.217694][T22746] ? selinux_file_ioctl+0x981/0xa10 [ 925.222942][T22746] ? lo_release+0x120/0x120 [ 925.227445][T22746] blkdev_ioctl+0x1d0/0x3f0 [ 925.231988][T22746] block_ioctl+0x6e/0x80 [ 925.236301][T22746] ? blkdev_iopoll+0x80/0x80 [ 925.241155][T22746] __se_sys_ioctl+0xcb/0x140 [ 925.246282][T22746] __x64_sys_ioctl+0x3f/0x50 [ 925.250890][T22746] do_syscall_64+0x44/0xa0 [ 925.255326][T22746] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 925.261296][T22746] RIP: 0033:0x7fc7f63f27f7 [ 925.265732][T22746] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 925.285336][T22746] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 10:14:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00000c000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000073ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a00007eff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 925.293743][T22746] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 925.301802][T22746] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 925.309804][T22746] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 925.317761][T22746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 925.325773][T22746] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 10:14:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000380ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 925.392825][T22759] loop5: detected capacity change from 0 to 16949 [ 925.407248][T22762] loop2: detected capacity change from 0 to 1 10:14:46 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000fffff1f000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 925.470981][T22762] loop2: p1 p2 p3 p4 [ 925.476135][T22762] loop2: p1 start 10 is beyond EOD, truncated [ 925.482313][T22762] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 925.523127][T22770] loop5: detected capacity change from 0 to 16949 [ 925.543757][T22762] loop2: p3 start 225 is beyond EOD, truncated [ 925.549945][T22762] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 925.623102][T22762] loop2: detected capacity change from 0 to 1 [ 925.660966][T22762] loop2: p1 p2 p3 p4 [ 925.665066][T22762] loop2: p1 start 10 is beyond EOD, truncated [ 925.671163][T22762] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 925.688801][T22762] loop2: p3 start 225 is beyond EOD, truncated [ 925.695145][T22762] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:46 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac2e0000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:46 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 19) [ 925.751489][ T380] loop2: p1 p2 p3 p4 [ 925.755581][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 925.761679][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 925.769440][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 925.775634][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 925.780641][T22774] FAULT_INJECTION: forcing a failure. [ 925.780641][T22774] name failslab, interval 1, probability 0, space 0, times 0 [ 925.795548][T22774] CPU: 0 PID: 22774 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 925.804430][T22774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 925.814462][T22774] Call Trace: [ 925.817722][T22774] dump_stack_lvl+0xd6/0x122 [ 925.822304][T22774] dump_stack+0x11/0x1b [ 925.826450][T22774] should_fail+0x23c/0x250 [ 925.830922][T22774] ? kzalloc+0x1d/0x30 [ 925.834969][T22774] __should_failslab+0x81/0x90 [ 925.839710][T22774] should_failslab+0x5/0x20 [ 925.844193][T22774] __kmalloc+0x6f/0x350 [ 925.848381][T22774] ? kobject_uevent_env+0x1a7/0xc40 [ 925.853557][T22774] kzalloc+0x1d/0x30 [ 925.857436][T22774] kobject_get_path+0x7c/0x110 [ 925.862178][T22774] kobject_uevent_env+0x1be/0xc40 [ 925.867223][T22774] ? __list_add_valid+0x28/0x90 [ 925.872051][T22774] ? alloc_workqueue+0xa18/0xad0 [ 925.877006][T22774] disk_force_media_change+0xe3/0x170 [ 925.882541][T22774] loop_configure+0x6c0/0xeb0 [ 925.887215][T22774] lo_ioctl+0x618/0x13e0 [ 925.891496][T22774] ? path_openat+0x18d4/0x1ec0 [ 925.896262][T22774] ? blkdev_common_ioctl+0x438/0x1110 10:14:46 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x8, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a00fffeff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:46 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000fffffe0000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:46 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700200000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:14:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a00feffff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 925.901664][T22774] ? selinux_file_ioctl+0x981/0xa10 [ 925.906930][T22774] ? lo_release+0x120/0x120 [ 925.911422][T22774] blkdev_ioctl+0x1d0/0x3f0 [ 925.915925][T22774] block_ioctl+0x6e/0x80 [ 925.920156][T22774] ? blkdev_iopoll+0x80/0x80 [ 925.924745][T22774] __se_sys_ioctl+0xcb/0x140 [ 925.929786][T22774] __x64_sys_ioctl+0x3f/0x50 [ 925.934378][T22774] do_syscall_64+0x44/0xa0 [ 925.938867][T22774] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 925.944773][T22774] RIP: 0033:0x7fc7f63f27f7 10:14:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000002ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000003ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 925.949176][T22774] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 925.968855][T22774] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 925.977531][T22774] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 925.985505][T22774] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 925.993498][T22774] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff 10:14:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000004ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 926.001469][T22774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 926.009449][T22774] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 [ 926.019809][T22786] loop5: detected capacity change from 0 to 16949 [ 926.026695][T22777] loop2: detected capacity change from 0 to 1 10:14:46 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000010000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:46 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 20) [ 926.076261][T22777] loop2: p1 p2 p3 p4 [ 926.080352][T22777] loop2: p1 start 10 is beyond EOD, truncated [ 926.086530][T22777] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 926.137861][T22777] loop2: p3 start 225 is beyond EOD, truncated [ 926.144082][T22777] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 926.160311][T22801] loop5: detected capacity change from 0 to 16949 [ 926.176602][T22798] FAULT_INJECTION: forcing a failure. [ 926.176602][T22798] name failslab, interval 1, probability 0, space 0, times 0 [ 926.189332][T22798] CPU: 0 PID: 22798 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 926.198121][T22798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 926.208235][T22798] Call Trace: [ 926.211512][T22798] dump_stack_lvl+0xd6/0x122 [ 926.216103][T22798] dump_stack+0x11/0x1b [ 926.220344][T22798] should_fail+0x23c/0x250 [ 926.224752][T22798] __should_failslab+0x81/0x90 [ 926.229515][T22798] should_failslab+0x5/0x20 [ 926.234177][T22798] kmem_cache_alloc_node+0x61/0x2c0 [ 926.239426][T22798] ? __alloc_skb+0xed/0x420 [ 926.243929][T22798] __alloc_skb+0xed/0x420 [ 926.248270][T22798] alloc_uevent_skb+0x5b/0x120 [ 926.253037][T22798] kobject_uevent_env+0x863/0xc40 [ 926.258197][T22798] disk_force_media_change+0xe3/0x170 [ 926.263592][T22798] loop_configure+0x6c0/0xeb0 [ 926.268389][T22798] lo_ioctl+0x618/0x13e0 [ 926.272683][T22798] ? path_openat+0x18d4/0x1ec0 [ 926.277453][T22798] ? blkdev_common_ioctl+0x438/0x1110 [ 926.283236][T22798] ? selinux_file_ioctl+0x981/0xa10 [ 926.288475][T22798] ? lo_release+0x120/0x120 [ 926.293010][T22798] blkdev_ioctl+0x1d0/0x3f0 [ 926.297516][T22798] block_ioctl+0x6e/0x80 [ 926.301815][T22798] ? blkdev_iopoll+0x80/0x80 [ 926.306522][T22798] __se_sys_ioctl+0xcb/0x140 [ 926.311201][T22798] __x64_sys_ioctl+0x3f/0x50 [ 926.315791][T22798] do_syscall_64+0x44/0xa0 [ 926.320208][T22798] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 926.326110][T22798] RIP: 0033:0x7fc7f63f27f7 [ 926.330606][T22798] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 926.350292][T22798] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 926.358724][T22798] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 926.366694][T22798] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 926.374712][T22798] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 926.382685][T22798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 926.390653][T22798] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 [ 926.490589][T22801] EXT4-fs (loop5): failed to initialize system zone (-117) [ 926.505848][T22801] EXT4-fs (loop5): mount failed [ 926.532645][T22777] loop2: detected capacity change from 0 to 1 [ 926.564456][ T380] loop2: p1 p2 p3 p4 [ 926.568593][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 926.574696][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 926.588842][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 926.595017][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 926.605425][ T380] loop2: p1 p2 p3 p4 [ 926.609478][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 926.615564][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 926.623383][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 926.629546][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 926.638023][T22777] loop2: p1 p2 p3 p4 [ 926.642584][T22777] loop2: p1 start 10 is beyond EOD, truncated [ 926.648642][T22777] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 926.656146][T22777] loop2: p3 start 225 is beyond EOD, truncated [ 926.662320][T22777] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:47 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac480000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:47 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000005ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:47 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x10, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:47 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000020000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:47 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 21) 10:14:47 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700260000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:14:47 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000008ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 926.721433][ T380] loop2: p1 p2 p3 p4 [ 926.725608][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 926.731703][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 926.739741][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 926.745974][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 926.809638][T22814] loop5: detected capacity change from 0 to 16949 [ 926.828744][T22818] loop2: detected capacity change from 0 to 1 [ 926.838747][T22814] EXT4-fs (loop5): failed to initialize system zone (-117) [ 926.839145][T22810] FAULT_INJECTION: forcing a failure. [ 926.839145][T22810] name failslab, interval 1, probability 0, space 0, times 0 [ 926.851790][T22814] EXT4-fs (loop5): mount failed [ 926.858613][T22810] CPU: 1 PID: 22810 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 926.873041][T22810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 926.883091][T22810] Call Trace: [ 926.886364][T22810] dump_stack_lvl+0xd6/0x122 [ 926.890956][T22810] dump_stack+0x11/0x1b [ 926.895152][T22810] should_fail+0x23c/0x250 [ 926.899630][T22810] __should_failslab+0x81/0x90 [ 926.904403][T22810] should_failslab+0x5/0x20 [ 926.909016][T22810] kmem_cache_alloc_node_trace+0x61/0x2e0 [ 926.914737][T22810] ? __kmalloc_node_track_caller+0x30/0x40 [ 926.920542][T22810] __kmalloc_node_track_caller+0x30/0x40 [ 926.926254][T22810] ? alloc_uevent_skb+0x5b/0x120 [ 926.931404][T22810] __alloc_skb+0x187/0x420 [ 926.935898][T22810] alloc_uevent_skb+0x5b/0x120 [ 926.940702][T22810] kobject_uevent_env+0x863/0xc40 [ 926.945809][T22810] disk_force_media_change+0xe3/0x170 [ 926.951183][T22810] loop_configure+0x6c0/0xeb0 [ 926.955929][T22810] lo_ioctl+0x618/0x13e0 [ 926.960172][T22810] ? path_openat+0x18d4/0x1ec0 [ 926.964966][T22810] ? blkdev_common_ioctl+0x438/0x1110 [ 926.970338][T22810] ? selinux_file_ioctl+0x981/0xa10 [ 926.975539][T22810] ? lo_release+0x120/0x120 [ 926.980111][T22810] blkdev_ioctl+0x1d0/0x3f0 [ 926.984686][T22810] block_ioctl+0x6e/0x80 [ 926.989012][T22810] ? blkdev_iopoll+0x80/0x80 [ 926.993678][T22810] __se_sys_ioctl+0xcb/0x140 [ 926.998283][T22810] __x64_sys_ioctl+0x3f/0x50 [ 927.002868][T22810] do_syscall_64+0x44/0xa0 [ 927.007313][T22810] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 927.013211][T22810] RIP: 0033:0x7fc7f63f27f7 [ 927.017620][T22810] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 927.037518][T22810] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 927.045945][T22810] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 10:14:47 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000018ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 927.053912][T22810] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 927.061925][T22810] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 927.069930][T22810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 927.077998][T22810] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 [ 927.121321][T22818] loop2: p1 p2 p3 p4 [ 927.125736][T22818] loop2: p1 start 10 is beyond EOD, truncated [ 927.131826][T22818] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 927.160753][T22818] loop2: p3 start 225 is beyond EOD, truncated 10:14:47 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000026ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:47 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000004020000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:47 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 22) [ 927.166937][T22818] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:47 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000073ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 927.195859][T22827] loop5: detected capacity change from 0 to 16949 [ 927.230807][T22827] EXT4-fs (loop5): failed to initialize system zone (-117) [ 927.243416][T22818] loop2: detected capacity change from 0 to 1 [ 927.245393][T22827] EXT4-fs (loop5): mount failed [ 927.270903][T22818] loop2: p1 p2 p3 p4 [ 927.275095][T22818] loop2: p1 start 10 is beyond EOD, truncated [ 927.281249][T22818] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 927.304804][T22818] loop2: p3 start 225 is beyond EOD, truncated [ 927.311067][T22818] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 927.331840][T22834] FAULT_INJECTION: forcing a failure. [ 927.331840][T22834] name failslab, interval 1, probability 0, space 0, times 0 [ 927.344510][T22834] CPU: 0 PID: 22834 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 927.353269][T22834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 927.363344][T22834] Call Trace: [ 927.366618][T22834] dump_stack_lvl+0xd6/0x122 [ 927.371211][T22834] dump_stack+0x11/0x1b [ 927.375375][T22834] should_fail+0x23c/0x250 [ 927.379805][T22834] ? skb_clone+0x12c/0x1f0 [ 927.384228][T22834] __should_failslab+0x81/0x90 [ 927.389132][T22834] should_failslab+0x5/0x20 [ 927.393645][T22834] kmem_cache_alloc+0x4f/0x300 [ 927.398460][T22834] skb_clone+0x12c/0x1f0 [ 927.402703][T22834] netlink_broadcast_filtered+0x4fd/0xb60 [ 927.408433][T22834] ? skb_put+0xb9/0xf0 [ 927.412503][T22834] netlink_broadcast+0x35/0x50 [ 927.417268][T22834] kobject_uevent_env+0x8c9/0xc40 [ 927.422311][T22834] disk_force_media_change+0xe3/0x170 [ 927.427690][T22834] loop_configure+0x6c0/0xeb0 [ 927.432364][T22834] lo_ioctl+0x618/0x13e0 [ 927.436652][T22834] ? path_openat+0x18d4/0x1ec0 [ 927.441574][T22834] ? blkdev_common_ioctl+0x438/0x1110 [ 927.446940][T22834] ? selinux_file_ioctl+0x981/0xa10 [ 927.452211][T22834] ? lo_release+0x120/0x120 [ 927.456726][T22834] blkdev_ioctl+0x1d0/0x3f0 [ 927.461299][T22834] block_ioctl+0x6e/0x80 [ 927.465541][T22834] ? blkdev_iopoll+0x80/0x80 [ 927.470127][T22834] __se_sys_ioctl+0xcb/0x140 [ 927.474735][T22834] __x64_sys_ioctl+0x3f/0x50 [ 927.479369][T22834] do_syscall_64+0x44/0xa0 [ 927.483782][T22834] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 927.489681][T22834] RIP: 0033:0x7fc7f63f27f7 [ 927.494091][T22834] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 927.513696][T22834] RSP: 002b:00007fc7f4147f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 927.522215][T22834] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 927.530193][T22834] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 927.538333][T22834] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 927.546308][T22834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 10:14:48 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac4a0000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:48 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a00007eff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 927.554317][T22834] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 10:14:48 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff07003f0000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:14:48 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000030000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:48 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a0000feff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:48 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x300, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:48 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 23) [ 927.613099][ T380] loop2: p1 p2 p3 p4 [ 927.617158][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 927.623267][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 927.632092][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 927.638281][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 927.674766][T22841] loop5: detected capacity change from 0 to 16949 [ 927.699741][T22841] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 927.709935][T22841] EXT4-fs (loop5): group descriptors corrupted! [ 927.717158][T22839] loop2: detected capacity change from 0 to 1 [ 927.723660][T22851] FAULT_INJECTION: forcing a failure. [ 927.723660][T22851] name failslab, interval 1, probability 0, space 0, times 0 [ 927.736275][T22851] CPU: 1 PID: 22851 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 927.745048][T22851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 927.755136][T22851] Call Trace: [ 927.758437][T22851] dump_stack_lvl+0xd6/0x122 [ 927.763088][T22851] dump_stack+0x11/0x1b [ 927.767264][T22851] should_fail+0x23c/0x250 [ 927.771731][T22851] ? __kernfs_new_node+0x6a/0x330 [ 927.776756][T22851] __should_failslab+0x81/0x90 [ 927.781584][T22851] should_failslab+0x5/0x20 [ 927.786085][T22851] kmem_cache_alloc+0x4f/0x300 [ 927.790855][T22851] ? __kfree_skb+0xfe/0x150 [ 927.795384][T22851] ? ___cache_free+0x3c/0x300 [ 927.800053][T22851] __kernfs_new_node+0x6a/0x330 [ 927.804939][T22851] ? ___cache_free+0x3c/0x300 [ 927.809616][T22851] ? kmem_cache_free+0x5e/0xe0 [ 927.814449][T22851] kernfs_create_dir_ns+0x5e/0x140 [ 927.819567][T22851] internal_create_group+0x148/0x860 [ 927.825016][T22851] ? __invalidate_device+0xb0/0xc0 [ 927.830137][T22851] ? set_disk_ro+0x73/0x110 [ 927.834701][T22851] sysfs_create_group+0x1b/0x20 [ 927.839549][T22851] loop_configure+0xbcd/0xeb0 [ 927.844278][T22851] lo_ioctl+0x618/0x13e0 [ 927.848522][T22851] ? path_openat+0x18d4/0x1ec0 [ 927.853357][T22851] ? blkdev_common_ioctl+0x438/0x1110 [ 927.858730][T22851] ? selinux_file_ioctl+0x981/0xa10 [ 927.863969][T22851] ? lo_release+0x120/0x120 [ 927.868470][T22851] blkdev_ioctl+0x1d0/0x3f0 [ 927.872971][T22851] block_ioctl+0x6e/0x80 [ 927.877231][T22851] ? blkdev_iopoll+0x80/0x80 [ 927.881828][T22851] __se_sys_ioctl+0xcb/0x140 [ 927.886415][T22851] __x64_sys_ioctl+0x3f/0x50 [ 927.891045][T22851] do_syscall_64+0x44/0xa0 [ 927.895465][T22851] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 927.901380][T22851] RIP: 0033:0x7fc7f63f27f7 [ 927.905910][T22851] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 10:14:48 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff05ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 927.925747][T22851] RSP: 002b:00007fc7f4147f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 927.934166][T22851] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 927.942302][T22851] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 927.950287][T22851] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 927.958255][T22851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 927.966217][T22851] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 10:14:48 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 24) [ 927.981187][ T380] loop2: p1 p2 p3 p4 [ 927.990806][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 927.996890][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:14:48 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac020000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:48 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000040000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 928.036890][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 928.043111][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 928.064901][T22839] loop2: p1 p2 p3 p4 [ 928.069059][T22839] loop2: p1 start 10 is beyond EOD, truncated [ 928.075202][T22839] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:14:48 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac030000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 928.092844][T22863] loop5: detected capacity change from 0 to 16949 [ 928.114567][T22839] loop2: p3 start 225 is beyond EOD, truncated [ 928.120795][T22839] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 928.128114][T22863] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 928.138369][T22863] EXT4-fs (loop5): group descriptors corrupted! [ 928.146292][T22859] FAULT_INJECTION: forcing a failure. [ 928.146292][T22859] name failslab, interval 1, probability 0, space 0, times 0 [ 928.149956][ T380] loop2: p1 p2 p3 p4 [ 928.159004][T22859] CPU: 1 PID: 22859 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 928.163164][ T380] loop2: p1 start 10 is beyond EOD, [ 928.171714][T22859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 928.171727][T22859] Call Trace: [ 928.171734][T22859] dump_stack_lvl+0xd6/0x122 [ 928.176998][ T380] truncated [ 928.177005][ T380] loop2: p2 size 1073872896 extends beyond EOD, [ 928.187134][T22859] dump_stack+0x11/0x1b [ 928.190412][ T380] truncated [ 928.191667][ T380] loop2: p3 start 225 is beyond EOD, [ 928.194982][T22859] should_fail+0x23c/0x250 [ 928.198086][ T380] truncated [ 928.198091][ T380] loop2: p4 size 3657465856 extends beyond EOD, [ 928.204382][T22859] ? __kernfs_new_node+0x6a/0x330 [ 928.204413][T22859] __should_failslab+0x81/0x90 [ 928.208534][ T380] truncated [ 928.243647][T22859] should_failslab+0x5/0x20 [ 928.248158][T22859] kmem_cache_alloc+0x4f/0x300 [ 928.252921][T22859] __kernfs_new_node+0x6a/0x330 [ 928.257911][T22859] ? __down_write_common+0x42/0x830 [ 928.263146][T22859] ? idr_alloc_cyclic+0x26b/0x2f0 [ 928.268170][T22859] ? __down_write_common+0x42/0x830 [ 928.273362][T22859] ? rb_insert_color+0x7e/0x310 [ 928.278277][T22859] kernfs_new_node+0x5b/0xd0 [ 928.282871][T22859] __kernfs_create_file+0x45/0x1a0 [ 928.288046][T22859] sysfs_add_file_mode_ns+0x1c1/0x250 [ 928.293464][T22859] internal_create_group+0x2f4/0x860 [ 928.298753][T22859] ? set_disk_ro+0x73/0x110 [ 928.303256][T22859] sysfs_create_group+0x1b/0x20 [ 928.308152][T22859] loop_configure+0xbcd/0xeb0 [ 928.312875][T22859] lo_ioctl+0x618/0x13e0 [ 928.317118][T22859] ? path_openat+0x18d4/0x1ec0 [ 928.321898][T22859] ? blkdev_common_ioctl+0x438/0x1110 [ 928.327300][T22859] ? selinux_file_ioctl+0x981/0xa10 [ 928.332500][T22859] ? lo_release+0x120/0x120 [ 928.337037][T22859] blkdev_ioctl+0x1d0/0x3f0 [ 928.341625][T22859] block_ioctl+0x6e/0x80 [ 928.345875][T22859] ? blkdev_iopoll+0x80/0x80 [ 928.350446][T22859] __se_sys_ioctl+0xcb/0x140 [ 928.355038][T22859] __x64_sys_ioctl+0x3f/0x50 [ 928.359719][T22859] do_syscall_64+0x44/0xa0 [ 928.364123][T22859] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 928.370005][T22859] RIP: 0033:0x7fc7f63f27f7 [ 928.374427][T22859] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 928.394214][T22859] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 928.402643][T22859] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 928.410598][T22859] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 928.418619][T22859] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 928.426573][T22859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 928.434537][T22859] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 10:14:49 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac4c0000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:49 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac040000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:49 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700400000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:14:49 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 25) 10:14:49 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000050000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:49 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x700, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:49 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac050000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 928.545646][T22874] loop2: detected capacity change from 0 to 1 [ 928.561463][T22878] loop5: detected capacity change from 0 to 16949 [ 928.575784][T22878] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 928.580362][T22873] FAULT_INJECTION: forcing a failure. [ 928.580362][T22873] name failslab, interval 1, probability 0, space 0, times 0 [ 928.585913][T22878] EXT4-fs (loop5): group descriptors corrupted! [ 928.598482][T22873] CPU: 1 PID: 22873 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 928.613479][T22873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 928.623645][T22873] Call Trace: [ 928.626921][T22873] dump_stack_lvl+0xd6/0x122 [ 928.631520][T22873] dump_stack+0x11/0x1b [ 928.635671][T22873] should_fail+0x23c/0x250 [ 928.640084][T22873] ? __kernfs_new_node+0x6a/0x330 [ 928.645234][T22873] __should_failslab+0x81/0x90 [ 928.650039][T22873] should_failslab+0x5/0x20 [ 928.654561][T22873] kmem_cache_alloc+0x4f/0x300 [ 928.659337][T22873] ? __down_write_common+0x42/0x830 [ 928.664589][T22873] __kernfs_new_node+0x6a/0x330 [ 928.669446][T22873] ? up_write+0x25/0xc0 [ 928.673598][T22873] kernfs_new_node+0x5b/0xd0 [ 928.678189][T22873] __kernfs_create_file+0x45/0x1a0 [ 928.683299][T22873] sysfs_add_file_mode_ns+0x1c1/0x250 [ 928.688792][T22873] internal_create_group+0x2f4/0x860 [ 928.694104][T22873] ? set_disk_ro+0x73/0x110 [ 928.698649][T22873] sysfs_create_group+0x1b/0x20 [ 928.703498][T22873] loop_configure+0xbcd/0xeb0 [ 928.708244][T22873] lo_ioctl+0x618/0x13e0 [ 928.712490][T22873] ? path_openat+0x18d4/0x1ec0 [ 928.717262][T22873] ? blkdev_common_ioctl+0x438/0x1110 [ 928.722852][T22873] ? selinux_file_ioctl+0x981/0xa10 [ 928.728111][T22873] ? lo_release+0x120/0x120 [ 928.732631][T22873] blkdev_ioctl+0x1d0/0x3f0 [ 928.737133][T22873] block_ioctl+0x6e/0x80 [ 928.741440][T22873] ? blkdev_iopoll+0x80/0x80 [ 928.746044][T22873] __se_sys_ioctl+0xcb/0x140 [ 928.750699][T22873] __x64_sys_ioctl+0x3f/0x50 [ 928.755287][T22873] do_syscall_64+0x44/0xa0 [ 928.759794][T22873] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 928.765704][T22873] RIP: 0033:0x7fc7f63f27f7 [ 928.770150][T22873] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 10:14:49 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac080000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 928.789796][T22873] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 928.798253][T22873] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 928.806220][T22873] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 928.814190][T22873] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 928.822174][T22873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 928.830145][T22873] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 10:14:49 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac180000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:49 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000060000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 928.853065][T22874] loop2: p1 p2 p3 p4 [ 928.869450][T22874] loop2: p1 start 10 is beyond EOD, truncated [ 928.875564][T22874] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:14:49 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 26) 10:14:49 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac260000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 928.910324][T22874] loop2: p3 start 225 is beyond EOD, truncated [ 928.916562][T22874] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 928.933024][T22889] loop5: detected capacity change from 0 to 16949 [ 928.965248][T22874] loop2: detected capacity change from 0 to 1 [ 928.973916][T22889] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 928.984025][T22889] EXT4-fs (loop5): group descriptors corrupted! [ 929.003429][T22894] FAULT_INJECTION: forcing a failure. [ 929.003429][T22894] name failslab, interval 1, probability 0, space 0, times 0 [ 929.016055][T22894] CPU: 1 PID: 22894 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 929.024823][T22894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 929.034878][T22894] Call Trace: [ 929.038149][T22894] dump_stack_lvl+0xd6/0x122 [ 929.042748][T22894] dump_stack+0x11/0x1b [ 929.046900][T22894] should_fail+0x23c/0x250 [ 929.051304][T22894] ? __kernfs_new_node+0x6a/0x330 [ 929.056460][T22894] __should_failslab+0x81/0x90 [ 929.061297][T22894] should_failslab+0x5/0x20 [ 929.065853][T22894] kmem_cache_alloc+0x4f/0x300 [ 929.070613][T22894] ? __down_write_common+0x42/0x830 [ 929.075910][T22894] __kernfs_new_node+0x6a/0x330 [ 929.080760][T22894] ? up_write+0x25/0xc0 [ 929.084934][T22894] kernfs_new_node+0x5b/0xd0 [ 929.089562][T22894] __kernfs_create_file+0x45/0x1a0 [ 929.094669][T22894] sysfs_add_file_mode_ns+0x1c1/0x250 [ 929.100102][T22894] internal_create_group+0x2f4/0x860 [ 929.105419][T22894] ? set_disk_ro+0x73/0x110 [ 929.109943][T22894] sysfs_create_group+0x1b/0x20 [ 929.114805][T22894] loop_configure+0xbcd/0xeb0 [ 929.119493][T22894] lo_ioctl+0x618/0x13e0 [ 929.123798][T22894] ? path_openat+0x18d4/0x1ec0 [ 929.128567][T22894] ? blkdev_common_ioctl+0x438/0x1110 [ 929.133959][T22894] ? selinux_file_ioctl+0x981/0xa10 [ 929.139222][T22894] ? lo_release+0x120/0x120 [ 929.143778][T22894] blkdev_ioctl+0x1d0/0x3f0 [ 929.148348][T22894] block_ioctl+0x6e/0x80 [ 929.152602][T22894] ? blkdev_iopoll+0x80/0x80 [ 929.157206][T22894] __se_sys_ioctl+0xcb/0x140 [ 929.161808][T22894] __x64_sys_ioctl+0x3f/0x50 [ 929.167089][T22894] do_syscall_64+0x44/0xa0 [ 929.171508][T22894] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 929.177406][T22894] RIP: 0033:0x7fc7f63f27f7 [ 929.181815][T22894] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 929.201421][T22894] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 929.209834][T22894] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 929.214550][ T380] loop2: p1 p2 p3 p4 [ 929.217808][T22894] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 929.217823][T22894] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 929.217837][T22894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 929.224204][ T380] loop2: p1 start 10 is beyond EOD, [ 929.229845][T22894] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 [ 929.237811][ T380] truncated [ 929.262090][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 929.269661][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 929.275890][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 929.290898][T22874] loop2: p1 p2 p3 p4 [ 929.296500][T22874] loop2: p1 start 10 is beyond EOD, truncated [ 929.302738][T22874] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 929.317419][T22874] loop2: p3 start 225 is beyond EOD, truncated [ 929.323626][T22874] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:49 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac600000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:49 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac730000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:49 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 27) 10:14:49 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000004060000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:49 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700710000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 929.382137][ T380] loop2: p1 p2 p3 p4 [ 929.386270][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 929.392379][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 929.416178][T22904] loop5: detected capacity change from 0 to 16949 [ 929.422870][ T380] loop2: p3 start 225 is beyond EOD, truncated 10:14:50 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0xec0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:50 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac7e0000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 929.429065][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 929.442226][T22904] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 929.452363][T22904] EXT4-fs (loop5): group descriptors corrupted! [ 929.464413][T22909] FAULT_INJECTION: forcing a failure. [ 929.464413][T22909] name failslab, interval 1, probability 0, space 0, times 0 [ 929.477040][T22909] CPU: 1 PID: 22909 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 929.485798][T22909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 929.495883][T22909] Call Trace: [ 929.499155][T22909] dump_stack_lvl+0xd6/0x122 [ 929.503741][T22909] dump_stack+0x11/0x1b [ 929.507895][T22909] should_fail+0x23c/0x250 [ 929.512327][T22909] ? __kernfs_new_node+0x6a/0x330 [ 929.517351][T22909] __should_failslab+0x81/0x90 [ 929.522118][T22909] should_failslab+0x5/0x20 [ 929.526621][T22909] kmem_cache_alloc+0x4f/0x300 [ 929.531384][T22909] ? __down_write_common+0x42/0x830 [ 929.536579][T22909] __kernfs_new_node+0x6a/0x330 [ 929.541437][T22909] ? up_write+0x25/0xc0 [ 929.545606][T22909] kernfs_new_node+0x5b/0xd0 [ 929.550261][T22909] __kernfs_create_file+0x45/0x1a0 [ 929.555373][T22909] sysfs_add_file_mode_ns+0x1c1/0x250 [ 929.560787][T22909] internal_create_group+0x2f4/0x860 [ 929.566128][T22909] ? set_disk_ro+0x73/0x110 [ 929.570633][T22909] sysfs_create_group+0x1b/0x20 [ 929.575499][T22909] loop_configure+0xbcd/0xeb0 [ 929.580216][T22909] lo_ioctl+0x618/0x13e0 [ 929.584451][T22909] ? path_openat+0x18d4/0x1ec0 [ 929.590097][T22909] ? blkdev_common_ioctl+0x438/0x1110 [ 929.595469][T22909] ? selinux_file_ioctl+0x981/0xa10 [ 929.600683][T22909] ? lo_release+0x120/0x120 [ 929.605245][T22909] blkdev_ioctl+0x1d0/0x3f0 [ 929.609785][T22909] block_ioctl+0x6e/0x80 [ 929.614019][T22909] ? blkdev_iopoll+0x80/0x80 [ 929.618609][T22909] __se_sys_ioctl+0xcb/0x140 [ 929.623205][T22909] __x64_sys_ioctl+0x3f/0x50 [ 929.627793][T22909] do_syscall_64+0x44/0xa0 [ 929.632218][T22909] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 929.638116][T22909] RIP: 0033:0x7fc7f63f27f7 [ 929.642587][T22909] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 929.662194][T22909] RSP: 002b:00007fc7f4147f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 929.670666][T22909] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 10:14:50 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45acfe0000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:50 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac040200000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:50 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000300000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:50 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac800300000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:50 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac020400000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 929.678698][T22909] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 929.686667][T22909] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 929.694646][T22909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 929.702618][T22909] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 [ 929.869076][T22925] loop2: detected capacity change from 0 to 1 [ 929.910875][T22925] loop2: p1 p2 p3 p4 [ 929.914978][T22925] loop2: p1 start 10 is beyond EOD, truncated [ 929.921134][T22925] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 929.938556][T22925] loop2: p3 start 225 is beyond EOD, truncated [ 929.944796][T22925] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 930.002870][T22925] loop2: detected capacity change from 0 to 1 [ 930.031303][T22925] loop2: p1 p2 p3 p4 [ 930.035430][T22925] loop2: p1 start 10 is beyond EOD, truncated [ 930.041526][T22925] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 930.049376][T22925] loop2: p3 start 225 is beyond EOD, truncated [ 930.055624][T22925] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:50 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac680000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:50 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac060400000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:50 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000070000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:50 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 28) 10:14:50 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff07007e0000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 930.136601][ T380] loop2: p1 p2 p3 p4 [ 930.142934][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 930.149009][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 930.157674][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 930.163935][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 930.181064][T22931] loop5: detected capacity change from 0 to 16949 [ 930.193162][T22931] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 930.203556][T22931] EXT4-fs (loop5): group descriptors corrupted! [ 930.223806][T22936] FAULT_INJECTION: forcing a failure. [ 930.223806][T22936] name failslab, interval 1, probability 0, space 0, times 0 [ 930.236556][T22936] CPU: 0 PID: 22936 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 930.245353][T22936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 930.255546][T22936] Call Trace: [ 930.258822][T22936] dump_stack_lvl+0xd6/0x122 [ 930.263507][T22936] dump_stack+0x11/0x1b [ 930.267949][T22936] should_fail+0x23c/0x250 [ 930.272360][T22936] ? __kernfs_new_node+0x6a/0x330 [ 930.277528][T22936] __should_failslab+0x81/0x90 [ 930.282411][T22936] should_failslab+0x5/0x20 [ 930.286926][T22936] kmem_cache_alloc+0x4f/0x300 [ 930.291688][T22936] ? __down_write_common+0x7bd/0x830 [ 930.296977][T22936] __kernfs_new_node+0x6a/0x330 [ 930.301827][T22936] ? up_write+0x25/0xc0 [ 930.306033][T22936] kernfs_new_node+0x5b/0xd0 [ 930.310636][T22936] __kernfs_create_file+0x45/0x1a0 [ 930.315732][T22936] sysfs_add_file_mode_ns+0x1c1/0x250 [ 930.321133][T22936] internal_create_group+0x2f4/0x860 [ 930.326441][T22936] ? set_disk_ro+0x73/0x110 [ 930.330943][T22936] sysfs_create_group+0x1b/0x20 [ 930.335827][T22936] loop_configure+0xbcd/0xeb0 [ 930.340510][T22936] lo_ioctl+0x618/0x13e0 [ 930.344801][T22936] ? path_openat+0x18d4/0x1ec0 [ 930.349674][T22936] ? blkdev_common_ioctl+0x438/0x1110 [ 930.355049][T22936] ? selinux_file_ioctl+0x981/0xa10 [ 930.360242][T22936] ? lo_release+0x120/0x120 [ 930.364782][T22936] blkdev_ioctl+0x1d0/0x3f0 [ 930.369402][T22936] block_ioctl+0x6e/0x80 [ 930.373677][T22936] ? blkdev_iopoll+0x80/0x80 [ 930.378264][T22936] __se_sys_ioctl+0xcb/0x140 [ 930.382861][T22936] __x64_sys_ioctl+0x3f/0x50 [ 930.387575][T22936] do_syscall_64+0x44/0xa0 [ 930.392004][T22936] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 930.397993][T22936] RIP: 0033:0x7fc7f63f27f7 [ 930.402399][T22936] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 930.422021][T22936] RSP: 002b:00007fc7f4147f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 10:14:51 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x2000, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:51 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000500000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 930.430467][T22936] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 930.438437][T22936] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 930.446405][T22936] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 930.454524][T22936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 930.462604][T22936] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 10:14:51 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac040600000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:51 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000080000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 930.497743][T22942] loop2: detected capacity change from 0 to 1 10:14:51 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac001800000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 930.539996][T22946] loop5: detected capacity change from 0 to 16949 [ 930.561553][T22942] loop2: p1 p2 p3 p4 [ 930.561704][T22946] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 930.566742][T22942] loop2: p1 start 10 is beyond EOD, truncated [ 930.575638][T22946] EXT4-fs (loop5): group descriptors corrupted! [ 930.587938][T22942] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:14:51 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac002000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:51 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac002600000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 930.668074][T22942] loop2: p3 start 225 is beyond EOD, truncated [ 930.674285][T22942] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 930.764700][T22942] loop2: detected capacity change from 0 to 1 [ 930.810813][T22942] loop2: p1 p2 p3 p4 [ 930.814916][T22942] loop2: p1 start 10 is beyond EOD, truncated [ 930.821056][T22942] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 930.836180][T22942] loop2: p3 start 225 is beyond EOD, truncated [ 930.842414][T22942] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:51 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000090000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:51 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac6c0000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:51 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac003f00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:51 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 29) [ 930.925593][ T380] loop2: p1 p2 p3 p4 [ 930.929890][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 930.936022][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 930.943910][T22961] FAULT_INJECTION: forcing a failure. [ 930.943910][T22961] name failslab, interval 1, probability 0, space 0, times 0 [ 930.944094][T22957] loop5: detected capacity change from 0 to 16949 [ 930.957011][T22961] CPU: 0 PID: 22961 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 930.972175][T22961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 930.982222][T22961] Call Trace: [ 930.985496][T22961] dump_stack_lvl+0xd6/0x122 [ 930.990085][T22961] dump_stack+0x11/0x1b [ 930.994361][T22961] should_fail+0x23c/0x250 [ 930.998780][T22961] ? __kernfs_new_node+0x6a/0x330 [ 931.003953][T22961] __should_failslab+0x81/0x90 [ 931.008777][T22961] should_failslab+0x5/0x20 [ 931.013295][T22961] kmem_cache_alloc+0x4f/0x300 [ 931.018046][T22961] ? __down_write_common+0x42/0x830 [ 931.023231][T22961] __kernfs_new_node+0x6a/0x330 [ 931.028073][T22961] ? up_write+0x25/0xc0 [ 931.032296][T22961] kernfs_new_node+0x5b/0xd0 [ 931.036935][T22961] __kernfs_create_file+0x45/0x1a0 [ 931.042047][T22961] sysfs_add_file_mode_ns+0x1c1/0x250 [ 931.047418][T22961] internal_create_group+0x2f4/0x860 [ 931.052718][T22961] ? set_disk_ro+0x73/0x110 [ 931.057259][T22961] sysfs_create_group+0x1b/0x20 [ 931.062099][T22961] loop_configure+0xbcd/0xeb0 [ 931.066796][T22961] lo_ioctl+0x618/0x13e0 [ 931.071032][T22961] ? path_openat+0x18d4/0x1ec0 [ 931.075803][T22961] ? blkdev_common_ioctl+0x438/0x1110 [ 931.081177][T22961] ? selinux_file_ioctl+0x981/0xa10 [ 931.086366][T22961] ? lo_release+0x120/0x120 [ 931.090856][T22961] blkdev_ioctl+0x1d0/0x3f0 [ 931.095366][T22961] block_ioctl+0x6e/0x80 [ 931.099597][T22961] ? blkdev_iopoll+0x80/0x80 [ 931.104220][T22961] __se_sys_ioctl+0xcb/0x140 [ 931.108874][T22961] __x64_sys_ioctl+0x3f/0x50 [ 931.113467][T22961] do_syscall_64+0x44/0xa0 [ 931.117921][T22961] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 931.123822][T22961] RIP: 0033:0x7fc7f63f27f7 [ 931.128219][T22961] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 931.147842][T22961] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 931.156297][T22961] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 931.164264][T22961] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 931.172297][T22961] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 931.180312][T22961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 931.188301][T22961] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 [ 931.200839][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 931.201434][T22957] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 931.207022][ T380] loop2: p4 size 3657465856 extends beyond EOD, [ 931.217073][T22957] EXT4-fs (loop5): group descriptors corrupted! [ 931.217081][ T380] truncated 10:14:51 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0708800000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:14:51 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x4000, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:51 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac004000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:51 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 30) 10:14:51 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000000a0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 931.327141][T22968] loop2: detected capacity change from 0 to 1 [ 931.366665][T22973] loop5: detected capacity change from 0 to 16949 [ 931.380203][T22974] FAULT_INJECTION: forcing a failure. [ 931.380203][T22974] name failslab, interval 1, probability 0, space 0, times 0 [ 931.392868][T22974] CPU: 1 PID: 22974 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 931.401690][T22974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 931.410921][T22968] loop2: p1 p2 p3 p4 [ 931.411762][T22974] Call Trace: [ 931.411771][T22974] dump_stack_lvl+0xd6/0x122 [ 931.411794][T22974] dump_stack+0x11/0x1b [ 931.415846][T22968] loop2: p1 start 10 is beyond EOD, [ 931.419023][T22974] should_fail+0x23c/0x250 [ 931.423621][T22968] truncated [ 931.427757][T22974] __should_failslab+0x81/0x90 [ 931.433033][T22968] loop2: p2 size 1073872896 extends beyond EOD, [ 931.437404][T22974] ? kobject_uevent_env+0x1a7/0xc40 [ 931.440505][T22968] truncated [ 931.445228][T22974] should_failslab+0x5/0x20 [ 931.464495][T22974] kmem_cache_alloc_trace+0x52/0x320 [ 931.469841][T22974] ? dev_uevent_filter+0x70/0x70 [ 931.474797][T22974] kobject_uevent_env+0x1a7/0xc40 [ 931.479818][T22974] ? internal_create_group+0x7d9/0x860 [ 931.485306][T22974] ? set_capacity_and_notify+0xeb/0x200 [ 931.490839][T22974] kobject_uevent+0x18/0x20 [ 931.495335][T22974] loop_configure+0xce1/0xeb0 [ 931.500026][T22974] lo_ioctl+0x618/0x13e0 [ 931.504259][T22974] ? path_openat+0x18d4/0x1ec0 [ 931.509030][T22974] ? blkdev_common_ioctl+0x438/0x1110 [ 931.514561][T22974] ? selinux_file_ioctl+0x981/0xa10 [ 931.519830][T22974] ? lo_release+0x120/0x120 [ 931.524329][T22974] blkdev_ioctl+0x1d0/0x3f0 [ 931.528846][T22974] block_ioctl+0x6e/0x80 [ 931.533076][T22974] ? blkdev_iopoll+0x80/0x80 [ 931.537657][T22974] __se_sys_ioctl+0xcb/0x140 [ 931.542233][T22974] __x64_sys_ioctl+0x3f/0x50 [ 931.546823][T22974] do_syscall_64+0x44/0xa0 [ 931.551235][T22974] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 931.557120][T22974] RIP: 0033:0x7fc7f63f27f7 [ 931.561559][T22974] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 10:14:51 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac007300000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:52 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac007e00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 931.581149][T22974] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 931.589695][T22974] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 931.597652][T22974] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 931.605612][T22974] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 931.613569][T22974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 931.621527][T22974] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 10:14:52 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac038000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:52 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 31) [ 931.649082][T22973] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 931.659224][T22973] EXT4-fs (loop5): group descriptors corrupted! [ 931.677272][T22968] loop2: p3 start 225 is beyond EOD, truncated [ 931.683478][T22968] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 931.779093][T22987] FAULT_INJECTION: forcing a failure. [ 931.779093][T22987] name failslab, interval 1, probability 0, space 0, times 0 [ 931.791845][T22987] CPU: 1 PID: 22987 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 931.800618][T22987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 931.810690][T22987] Call Trace: [ 931.813964][T22987] dump_stack_lvl+0xd6/0x122 [ 931.818690][T22987] dump_stack+0x11/0x1b [ 931.822852][T22987] should_fail+0x23c/0x250 [ 931.827284][T22987] ? kzalloc+0x1d/0x30 [ 931.831349][T22987] __should_failslab+0x81/0x90 [ 931.836168][T22987] should_failslab+0x5/0x20 [ 931.840695][T22987] __kmalloc+0x6f/0x350 [ 931.844882][T22987] ? kobject_uevent_env+0x1a7/0xc40 [ 931.850122][T22987] kzalloc+0x1d/0x30 [ 931.854015][T22987] kobject_get_path+0x7c/0x110 [ 931.858799][T22987] kobject_uevent_env+0x1be/0xc40 [ 931.863905][T22987] ? internal_create_group+0x7d9/0x860 [ 931.869435][T22987] ? set_capacity_and_notify+0xeb/0x200 [ 931.874982][T22987] kobject_uevent+0x18/0x20 [ 931.879489][T22987] loop_configure+0xce1/0xeb0 [ 931.884299][T22987] lo_ioctl+0x618/0x13e0 [ 931.888554][T22987] ? path_openat+0x18d4/0x1ec0 [ 931.893348][T22987] ? blkdev_common_ioctl+0x438/0x1110 [ 931.898718][T22987] ? selinux_file_ioctl+0x981/0xa10 [ 931.903916][T22987] ? lo_release+0x120/0x120 [ 931.908457][T22987] blkdev_ioctl+0x1d0/0x3f0 [ 931.913051][T22987] block_ioctl+0x6e/0x80 [ 931.917362][T22987] ? blkdev_iopoll+0x80/0x80 [ 931.921944][T22987] __se_sys_ioctl+0xcb/0x140 [ 931.926533][T22987] __x64_sys_ioctl+0x3f/0x50 [ 931.931159][T22987] do_syscall_64+0x44/0xa0 [ 931.935611][T22987] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 931.941538][T22987] RIP: 0033:0x7fc7f63f27f7 [ 931.945989][T22987] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 931.965688][T22987] RSP: 002b:00007fc7f4168f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 931.974103][T22987] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 931.982088][T22987] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 931.990065][T22987] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 931.998046][T22987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 932.006052][T22987] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 [ 932.026692][T22968] loop2: detected capacity change from 0 to 1 [ 932.061242][T22968] loop2: p1 p2 p3 p4 [ 932.070560][T22968] loop2: p1 start 10 is beyond EOD, truncated [ 932.076696][T22968] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 932.093411][T22968] loop2: p3 start 225 is beyond EOD, truncated [ 932.099593][T22968] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:52 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac740000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:52 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45acfffe00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:52 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000000b0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 932.184245][ T380] loop2: p1 p2 p3 p4 [ 932.190696][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 932.196783][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 932.220627][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 932.226867][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:52 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 32) 10:14:52 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x8ec0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:52 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff07fdef0000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:14:52 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45acfeff00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 932.251067][T22993] loop5: detected capacity change from 0 to 16949 [ 932.260141][T22993] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 932.270309][T22993] EXT4-fs (loop5): group descriptors corrupted! [ 932.286593][T22997] loop2: detected capacity change from 0 to 1 10:14:52 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000000c0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 932.320971][T22997] loop2: p1 p2 p3 p4 [ 932.330451][T22997] loop2: p1 start 10 is beyond EOD, truncated [ 932.336561][T22997] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 932.351927][T23008] loop5: detected capacity change from 0 to 16949 [ 932.362005][T23010] FAULT_INJECTION: forcing a failure. [ 932.362005][T23010] name failslab, interval 1, probability 0, space 0, times 0 [ 932.374645][T23010] CPU: 1 PID: 23010 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 932.383406][T23010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 932.393536][T23010] Call Trace: [ 932.396813][T23010] dump_stack_lvl+0xd6/0x122 [ 932.401404][T23010] dump_stack+0x11/0x1b [ 932.405562][T23010] should_fail+0x23c/0x250 [ 932.409976][T23010] __should_failslab+0x81/0x90 [ 932.414742][T23010] should_failslab+0x5/0x20 [ 932.419272][T23010] kmem_cache_alloc_node+0x61/0x2c0 [ 932.424467][T23010] ? __alloc_skb+0xed/0x420 [ 932.428972][T23010] __alloc_skb+0xed/0x420 [ 932.433380][T23010] alloc_uevent_skb+0x5b/0x120 [ 932.438848][T23010] kobject_uevent_env+0x863/0xc40 [ 932.443945][T23010] ? internal_create_group+0x7d9/0x860 [ 932.449468][T23010] ? set_capacity_and_notify+0xeb/0x200 [ 932.455094][T23010] kobject_uevent+0x18/0x20 [ 932.459653][T23010] loop_configure+0xce1/0xeb0 [ 932.464398][T23010] lo_ioctl+0x618/0x13e0 [ 932.468676][T23010] ? path_openat+0x18d4/0x1ec0 [ 932.473511][T23010] ? blkdev_common_ioctl+0x438/0x1110 [ 932.478887][T23010] ? selinux_file_ioctl+0x981/0xa10 [ 932.484139][T23010] ? lo_release+0x120/0x120 [ 932.488721][T23010] blkdev_ioctl+0x1d0/0x3f0 [ 932.493221][T23010] block_ioctl+0x6e/0x80 [ 932.497659][T23010] ? blkdev_iopoll+0x80/0x80 [ 932.502244][T23010] __se_sys_ioctl+0xcb/0x140 [ 932.506836][T23010] __x64_sys_ioctl+0x3f/0x50 [ 932.511506][T23010] do_syscall_64+0x44/0xa0 [ 932.516009][T23010] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 932.521901][T23010] RIP: 0033:0x7fc7f63f27f7 [ 932.526311][T23010] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 932.546560][T23010] RSP: 002b:00007fc7f4147f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 932.554984][T23010] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 932.563007][T23010] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 10:14:52 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000008000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:53 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac400008000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 932.571044][T23010] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 932.579053][T23010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 932.587124][T23010] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 [ 932.602170][T22997] loop2: p3 start 225 is beyond EOD, truncated [ 932.608350][T22997] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:53 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 33) [ 932.625443][T23008] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 932.635553][T23008] EXT4-fs (loop5): group descriptors corrupted! 10:14:53 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000020000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 932.704333][T22997] loop2: detected capacity change from 0 to 1 [ 932.751204][T23022] FAULT_INJECTION: forcing a failure. [ 932.751204][T23022] name failslab, interval 1, probability 0, space 0, times 0 [ 932.763868][T23022] CPU: 0 PID: 23022 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 932.772633][T23022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 932.782767][T23022] Call Trace: [ 932.786041][T23022] dump_stack_lvl+0xd6/0x122 [ 932.790641][T23022] dump_stack+0x11/0x1b [ 932.794787][T23022] should_fail+0x23c/0x250 [ 932.799263][T23022] __should_failslab+0x81/0x90 [ 932.804023][T23022] should_failslab+0x5/0x20 [ 932.808608][T23022] kmem_cache_alloc_node_trace+0x61/0x2e0 [ 932.814345][T23022] ? __kmalloc_node_track_caller+0x30/0x40 [ 932.820202][T23022] __kmalloc_node_track_caller+0x30/0x40 [ 932.825870][T23022] ? alloc_uevent_skb+0x5b/0x120 [ 932.830873][T23022] __alloc_skb+0x187/0x420 [ 932.835292][T23022] alloc_uevent_skb+0x5b/0x120 [ 932.840102][T23022] kobject_uevent_env+0x863/0xc40 [ 932.845143][T23022] ? internal_create_group+0x7d9/0x860 [ 932.850603][T23022] ? set_capacity_and_notify+0xeb/0x200 [ 932.856152][T23022] kobject_uevent+0x18/0x20 [ 932.860639][T22997] loop2: p1 p2 p3 p4 [ 932.860729][T23022] loop_configure+0xce1/0xeb0 [ 932.869364][T23022] lo_ioctl+0x618/0x13e0 [ 932.873606][T23022] ? path_openat+0x18d4/0x1ec0 [ 932.878426][T23022] ? blkdev_common_ioctl+0x438/0x1110 [ 932.883793][T23022] ? selinux_file_ioctl+0x981/0xa10 [ 932.889123][T23022] ? lo_release+0x120/0x120 [ 932.893623][T23022] blkdev_ioctl+0x1d0/0x3f0 [ 932.898169][T23022] block_ioctl+0x6e/0x80 [ 932.902403][T23022] ? blkdev_iopoll+0x80/0x80 [ 932.906992][T23022] __se_sys_ioctl+0xcb/0x140 [ 932.911584][T23022] __x64_sys_ioctl+0x3f/0x50 [ 932.916264][T23022] do_syscall_64+0x44/0xa0 [ 932.920693][T23022] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 932.926634][T23022] RIP: 0033:0x7fc7f63f27f7 [ 932.931042][T23022] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 932.950662][T23022] RSP: 002b:00007fc7f4147f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 932.959228][T23022] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 932.967195][T23022] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 932.975179][T23022] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 932.983150][T23022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 932.991118][T23022] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 [ 933.101847][T22997] loop2: p1 start 10 is beyond EOD, truncated [ 933.108020][T22997] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 933.123147][T22997] loop2: p3 start 225 is beyond EOD, truncated [ 933.129458][T22997] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:53 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac7a0000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:53 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000010063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:53 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000000d0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:53 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0xc00e, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:53 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 34) 10:14:53 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff07effd0000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:14:53 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000020063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 933.194090][ T380] loop2: p1 p2 p3 p4 [ 933.198177][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 933.204316][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 933.212036][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 933.218236][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 933.235801][T23029] loop5: detected capacity change from 0 to 16949 [ 933.260250][T23029] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 933.270385][T23029] EXT4-fs (loop5): group descriptors corrupted! [ 933.288448][T23037] loop2: detected capacity change from 0 to 1 [ 933.297512][T23040] FAULT_INJECTION: forcing a failure. [ 933.297512][T23040] name failslab, interval 1, probability 0, space 0, times 0 [ 933.310153][T23040] CPU: 1 PID: 23040 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 933.318934][T23040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 933.329051][T23040] Call Trace: [ 933.332326][T23040] dump_stack_lvl+0xd6/0x122 [ 933.336922][T23040] dump_stack+0x11/0x1b [ 933.341227][T23040] should_fail+0x23c/0x250 [ 933.345811][T23040] ? skb_clone+0x12c/0x1f0 [ 933.350267][T23040] __should_failslab+0x81/0x90 [ 933.355028][T23040] should_failslab+0x5/0x20 [ 933.359533][T23040] kmem_cache_alloc+0x4f/0x300 [ 933.364320][T23040] skb_clone+0x12c/0x1f0 [ 933.368620][T23040] netlink_broadcast_filtered+0x4fd/0xb60 [ 933.374334][T23040] ? skb_put+0xb9/0xf0 [ 933.378440][T23040] netlink_broadcast+0x35/0x50 [ 933.383222][T23040] kobject_uevent_env+0x8c9/0xc40 [ 933.388283][T23040] ? internal_create_group+0x7d9/0x860 [ 933.393743][T23040] ? set_capacity_and_notify+0xeb/0x200 [ 933.399317][T23040] kobject_uevent+0x18/0x20 [ 933.403839][T23040] loop_configure+0xce1/0xeb0 [ 933.408567][T23040] lo_ioctl+0x618/0x13e0 [ 933.412828][T23040] ? path_openat+0x18d4/0x1ec0 [ 933.417655][T23040] ? blkdev_common_ioctl+0x438/0x1110 [ 933.423038][T23040] ? selinux_file_ioctl+0x981/0xa10 [ 933.428231][T23040] ? lo_release+0x120/0x120 [ 933.432763][T23040] blkdev_ioctl+0x1d0/0x3f0 [ 933.437323][T23040] block_ioctl+0x6e/0x80 [ 933.441565][T23040] ? blkdev_iopoll+0x80/0x80 [ 933.446189][T23040] __se_sys_ioctl+0xcb/0x140 [ 933.450794][T23040] __x64_sys_ioctl+0x3f/0x50 [ 933.455384][T23040] do_syscall_64+0x44/0xa0 [ 933.459836][T23040] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 933.465831][T23040] RIP: 0033:0x7fc7f63f27f7 [ 933.470254][T23040] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 933.489897][T23040] RSP: 002b:00007fc7f4147f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 933.498431][T23040] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 10:14:54 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000004020063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 933.506458][T23040] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 933.514430][T23040] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 933.522818][T23040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 933.530788][T23040] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 10:14:54 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000030063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 933.582706][T23037] loop2: p1 p2 p3 p4 [ 933.600996][T23037] loop2: p1 start 10 is beyond EOD, truncated [ 933.607151][T23037] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:14:54 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000000e0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:54 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 35) [ 933.629558][T23037] loop2: p3 start 225 is beyond EOD, truncated [ 933.635836][T23037] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 933.661843][T23050] loop5: detected capacity change from 0 to 16949 10:14:54 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000040063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 933.681519][T23050] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 933.691621][T23050] EXT4-fs (loop5): group descriptors corrupted! [ 933.703231][T23037] loop2: detected capacity change from 0 to 1 [ 933.709966][T23053] FAULT_INJECTION: forcing a failure. [ 933.709966][T23053] name failslab, interval 1, probability 0, space 0, times 0 [ 933.722694][T23053] CPU: 1 PID: 23053 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 933.731452][T23053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 933.741561][T23053] Call Trace: [ 933.744830][T23053] dump_stack_lvl+0xd6/0x122 [ 933.749419][T23053] dump_stack+0x11/0x1b [ 933.753576][T23053] should_fail+0x23c/0x250 [ 933.758064][T23053] ? skb_clone+0x12c/0x1f0 [ 933.762482][T23053] __should_failslab+0x81/0x90 [ 933.767320][T23053] should_failslab+0x5/0x20 [ 933.771823][T23053] kmem_cache_alloc+0x4f/0x300 [ 933.776587][T23053] skb_clone+0x12c/0x1f0 [ 933.780882][T23053] netlink_broadcast_filtered+0x4fd/0xb60 [ 933.786677][T23053] ? skb_put+0xb9/0xf0 [ 933.790796][T23053] netlink_broadcast+0x35/0x50 [ 933.795555][T23053] kobject_uevent_env+0x8c9/0xc40 [ 933.800586][T23053] ? internal_create_group+0x7d9/0x860 [ 933.806087][T23053] ? set_capacity_and_notify+0xeb/0x200 [ 933.811633][T23053] kobject_uevent+0x18/0x20 [ 933.816144][T23053] loop_configure+0xce1/0xeb0 [ 933.820818][T23053] lo_ioctl+0x618/0x13e0 [ 933.825091][T23053] ? path_openat+0x18d4/0x1ec0 [ 933.829872][T23053] ? blkdev_common_ioctl+0x438/0x1110 [ 933.835284][T23053] ? selinux_file_ioctl+0x981/0xa10 [ 933.840479][T23053] ? lo_release+0x120/0x120 [ 933.845012][T23053] blkdev_ioctl+0x1d0/0x3f0 [ 933.849576][T23053] block_ioctl+0x6e/0x80 [ 933.853816][T23053] ? blkdev_iopoll+0x80/0x80 [ 933.858393][T23053] __se_sys_ioctl+0xcb/0x140 [ 933.863040][T23053] __x64_sys_ioctl+0x3f/0x50 [ 933.867624][T23053] do_syscall_64+0x44/0xa0 [ 933.872070][T23053] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 933.877963][T23053] RIP: 0033:0x7fc7f63f27f7 [ 933.882413][T23053] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 933.902021][T23053] RSP: 002b:00007fc7f4147f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 933.910544][T23053] RAX: ffffffffffffffda RBX: 00007fc7f643c970 RCX: 00007fc7f63f27f7 [ 933.918532][T23053] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 933.926517][T23053] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 933.934480][T23053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 933.942442][T23053] R13: 0000000000000005 R14: 0000000020000300 R15: 0000000000000000 [ 933.996376][T23037] loop2: p1 p2 p3 p4 [ 934.000451][T23037] loop2: p1 start 10 is beyond EOD, truncated [ 934.006541][T23037] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 934.040239][T23037] loop2: p3 start 225 is beyond EOD, truncated [ 934.046589][T23037] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:54 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac890000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:54 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000050063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:54 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000000f0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 934.121426][ T380] loop2: p1 p2 p3 p4 [ 934.125487][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 934.131577][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 934.151328][T23061] loop5: detected capacity change from 0 to 16949 [ 934.162694][ T380] loop2: p3 start 225 is beyond EOD, truncated 10:14:54 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0xc08e, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:54 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 36) 10:14:54 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000004060063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:54 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700002000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 934.168857][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 934.176344][T23061] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 934.186447][T23061] EXT4-fs (loop5): group descriptors corrupted! [ 934.228924][T23063] FAULT_INJECTION: forcing a failure. [ 934.228924][T23063] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 934.242025][T23063] CPU: 0 PID: 23063 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 934.250856][T23063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 934.260914][T23063] Call Trace: [ 934.264191][T23063] dump_stack_lvl+0xd6/0x122 [ 934.268783][T23063] dump_stack+0x11/0x1b [ 934.272965][T23063] should_fail+0x23c/0x250 [ 934.277396][T23063] should_fail_usercopy+0x16/0x20 [ 934.282486][T23063] strncpy_from_user+0x21/0x250 [ 934.287361][T23063] getname_flags+0xb8/0x3f0 [ 934.291860][T23063] __x64_sys_mkdir+0x31/0x50 [ 934.296632][T23063] do_syscall_64+0x44/0xa0 [ 934.301128][T23063] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 934.307023][T23063] RIP: 0033:0x7fc7f63f1b47 10:14:54 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000080063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 934.311438][T23063] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 934.331131][T23063] RSP: 002b:00007fc7f4168fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 934.339682][T23063] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f1b47 [ 934.347659][T23063] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000000000000 [ 934.355622][T23063] RBP: 00007fc7f4169040 R08: 0000000000000000 R09: ffffffffffffffff [ 934.363585][T23063] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000080 [ 934.371555][T23063] R13: 0000000000000000 R14: 00007fc7f4169000 R15: 0000000020000340 10:14:55 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000100000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:55 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000180063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 934.408307][T23077] loop2: detected capacity change from 0 to 1 10:14:55 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000260063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 934.464351][T23079] loop5: detected capacity change from 0 to 16949 [ 934.502834][T23079] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! 10:14:55 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 37) [ 934.512957][T23079] EXT4-fs (loop5): group descriptors corrupted! [ 934.521599][T23077] loop2: p1 p2 p3 p4 [ 934.525696][T23077] loop2: p1 start 10 is beyond EOD, truncated [ 934.531805][T23077] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 934.555063][T23077] loop2: p3 start 225 is beyond EOD, truncated [ 934.561299][T23077] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 934.592195][T23085] FAULT_INJECTION: forcing a failure. [ 934.592195][T23085] name failslab, interval 1, probability 0, space 0, times 0 [ 934.604863][T23085] CPU: 0 PID: 23085 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 934.613647][T23085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 934.623694][T23085] Call Trace: [ 934.626989][T23085] dump_stack_lvl+0xd6/0x122 [ 934.631585][T23085] dump_stack+0x11/0x1b [ 934.635737][T23085] should_fail+0x23c/0x250 [ 934.640141][T23085] ? __se_sys_mount+0x4e/0x2f0 [ 934.641888][T23077] loop2: detected capacity change from 0 to 1 [ 934.644972][T23085] __should_failslab+0x81/0x90 [ 934.655784][T23085] should_failslab+0x5/0x20 [ 934.660339][T23085] __kmalloc_track_caller+0x6d/0x350 [ 934.665617][T23085] ? strnlen_user+0x137/0x1c0 [ 934.670320][T23085] strndup_user+0x73/0x120 [ 934.674802][T23085] __se_sys_mount+0x4e/0x2f0 [ 934.679408][T23085] ? perf_trace_sys_exit+0x6e/0x180 [ 934.684755][T23085] __x64_sys_mount+0x63/0x70 [ 934.689343][T23085] do_syscall_64+0x44/0xa0 [ 934.693764][T23085] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 934.699787][T23085] RIP: 0033:0x7fc7f63f3f6a [ 934.704215][T23085] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 934.724076][T23085] RSP: 002b:00007fc7f4168fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 934.732483][T23085] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f3f6a [ 934.740450][T23085] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 00007fc7f4169000 [ 934.748514][T23085] RBP: 00007fc7f4169040 R08: 00007fc7f4169040 R09: 0000000020000080 [ 934.756650][T23085] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000080 [ 934.764678][T23085] R13: 0000000000000000 R14: 00007fc7f4169000 R15: 0000000020000340 [ 934.813032][T23077] loop2: p1 p2 p3 p4 [ 934.817271][T23077] loop2: p1 start 10 is beyond EOD, truncated [ 934.823423][T23077] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 934.841117][T23077] loop2: p3 start 225 is beyond EOD, truncated [ 934.847295][T23077] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:55 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac900000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:55 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000003f0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:55 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000004100000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 934.921538][ T380] loop2: p1 p2 p3 p4 [ 934.925699][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 934.931799][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 934.945874][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 934.952127][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 934.960317][T23088] loop5: detected capacity change from 0 to 16949 [ 934.990573][T23088] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 934.995576][T23092] loop2: detected capacity change from 0 to 1 [ 935.000718][T23088] EXT4-fs (loop5): group descriptors corrupted! 10:14:55 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x40000, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:55 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000400063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:55 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 38) [ 935.051602][T23092] loop2: p1 p2 p3 p4 [ 935.061897][T23092] loop2: p1 start 10 is beyond EOD, truncated [ 935.067993][T23092] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 935.090945][T23092] loop2: p3 start 225 is beyond EOD, truncated [ 935.097186][T23092] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 935.141627][T23099] FAULT_INJECTION: forcing a failure. [ 935.141627][T23099] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 935.154840][T23099] CPU: 1 PID: 23099 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 935.163731][T23099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 935.173852][T23099] Call Trace: [ 935.177126][T23099] dump_stack_lvl+0xd6/0x122 [ 935.181841][T23099] dump_stack+0x11/0x1b [ 935.186212][T23099] should_fail+0x23c/0x250 [ 935.190618][T23099] should_fail_usercopy+0x16/0x20 [ 935.195637][T23099] _copy_from_user+0x1c/0xd0 [ 935.200231][T23099] strndup_user+0xb0/0x120 [ 935.204648][T23099] __se_sys_mount+0x4e/0x2f0 [ 935.209249][T23099] ? perf_trace_sys_exit+0x6e/0x180 [ 935.214523][T23099] __x64_sys_mount+0x63/0x70 [ 935.219109][T23099] do_syscall_64+0x44/0xa0 [ 935.223549][T23099] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 935.229483][T23099] RIP: 0033:0x7fc7f63f3f6a [ 935.233890][T23099] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 935.253556][T23099] RSP: 002b:00007fc7f4168fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 935.261970][T23099] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f3f6a [ 935.269950][T23099] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 00007fc7f4169000 [ 935.277918][T23099] RBP: 00007fc7f4169040 R08: 00007fc7f4169040 R09: 0000000020000080 10:14:55 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff077ffff000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:14:55 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000110000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:55 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000800400063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 935.285893][T23099] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000080 [ 935.293862][T23099] R13: 0000000000000000 R14: 00007fc7f4169000 R15: 0000000020000340 [ 935.316106][T23104] loop5: detected capacity change from 0 to 16949 [ 935.331724][T23104] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! 10:14:55 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000730063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 935.335862][T23092] loop2: detected capacity change from 0 to 1 [ 935.341980][T23104] EXT4-fs (loop5): group descriptors corrupted! 10:14:56 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000007e0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:56 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000120000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 935.390949][T23092] loop2: p1 p2 p3 p4 [ 935.408202][T23092] loop2: p1 start 10 is beyond EOD, truncated [ 935.414314][T23092] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 935.454211][T23113] loop5: detected capacity change from 0 to 16949 [ 935.469097][T23113] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 935.479435][T23113] EXT4-fs (loop5): group descriptors corrupted! [ 935.488555][T23092] loop2: p3 start 225 is beyond EOD, truncated [ 935.494781][T23092] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:56 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acc00000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:56 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 39) 10:14:56 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000003800063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 935.591444][ T380] loop2: p1 p2 p3 p4 [ 935.595645][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 935.601814][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 935.606312][T23117] FAULT_INJECTION: forcing a failure. [ 935.606312][T23117] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 935.621955][T23117] CPU: 1 PID: 23117 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 935.630757][T23117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 935.640830][T23117] Call Trace: [ 935.644101][T23117] dump_stack_lvl+0xd6/0x122 [ 935.648734][T23117] dump_stack+0x11/0x1b [ 935.653039][T23117] should_fail+0x23c/0x250 [ 935.657467][T23117] should_fail_usercopy+0x16/0x20 [ 935.662489][T23117] _copy_from_user+0x1c/0xd0 [ 935.667079][T23117] strndup_user+0xb0/0x120 [ 935.671566][T23117] __se_sys_mount+0x4e/0x2f0 [ 935.676156][T23117] ? perf_trace_sys_exit+0x6e/0x180 [ 935.681399][T23117] __x64_sys_mount+0x63/0x70 [ 935.685990][T23117] do_syscall_64+0x44/0xa0 [ 935.690455][T23117] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 935.696455][T23117] RIP: 0033:0x7fc7f63f3f6a [ 935.700935][T23117] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 935.720686][T23117] RSP: 002b:00007fc7f4168fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 935.729098][T23117] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f3f6a [ 935.737067][T23117] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 00007fc7f4169000 [ 935.745063][T23117] RBP: 00007fc7f4169040 R08: 00007fc7f4169040 R09: 0000000020000080 [ 935.753193][T23117] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000080 [ 935.761189][T23117] R13: 0000000000000000 R14: 00007fc7f4169000 R15: 0000000020000340 [ 935.769982][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 935.776171][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 935.830603][T23122] loop2: detected capacity change from 0 to 1 [ 935.862604][T23122] loop2: p1 p2 p3 p4 [ 935.866786][T23122] loop2: p1 start 10 is beyond EOD, truncated [ 935.872879][T23122] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 935.890835][T23122] loop2: p3 start 225 is beyond EOD, truncated [ 935.897068][T23122] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:56 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x200000, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:56 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000130000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:56 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45acfffffff60063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:56 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 40) 10:14:56 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000001000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 935.946440][T23122] loop2: detected capacity change from 0 to 1 [ 935.964854][T23126] loop5: detected capacity change from 0 to 16949 [ 935.980807][T23122] loop2: p1 p2 p3 p4 [ 935.984888][T23122] loop2: p1 start 10 is beyond EOD, truncated 10:14:56 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45acfffffffe0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 935.990973][T23122] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 935.991367][T23126] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 936.008226][T23126] EXT4-fs (loop5): group descriptors corrupted! [ 936.014818][T23122] loop2: p3 start 225 is beyond EOD, truncated [ 936.021014][T23122] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 936.046229][T23128] FAULT_INJECTION: forcing a failure. [ 936.046229][T23128] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 936.059475][T23128] CPU: 0 PID: 23128 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 936.068239][T23128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 936.078292][T23128] Call Trace: [ 936.081750][T23128] dump_stack_lvl+0xd6/0x122 [ 936.086355][T23128] dump_stack+0x11/0x1b [ 936.090512][T23128] should_fail+0x23c/0x250 [ 936.095450][T23128] should_fail_usercopy+0x16/0x20 [ 936.100572][T23128] _copy_from_user+0x1c/0xd0 [ 936.105164][T23128] strndup_user+0xb0/0x120 [ 936.109592][T23128] __se_sys_mount+0x91/0x2f0 [ 936.114241][T23128] ? perf_trace_sys_exit+0x6e/0x180 [ 936.119448][T23128] __x64_sys_mount+0x63/0x70 [ 936.124080][T23128] do_syscall_64+0x44/0xa0 [ 936.128496][T23128] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 936.134433][T23128] RIP: 0033:0x7fc7f63f3f6a [ 936.138870][T23128] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 936.158630][T23128] RSP: 002b:00007fc7f4168fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 936.167052][T23128] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f3f6a [ 936.175025][T23128] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 00007fc7f4169000 [ 936.183006][T23128] RBP: 00007fc7f4169040 R08: 00007fc7f4169040 R09: 0000000020000080 10:14:56 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45acf6ffffff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 936.190978][T23128] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000080 [ 936.198971][T23128] R13: 0000000000000000 R14: 00007fc7f4169000 R15: 0000000020000340 [ 936.237067][ T380] loop2: p1 p2 p3 p4 10:14:56 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000180000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:56 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45acfeffffff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:56 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acec0000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 936.242254][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 936.248364][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 936.271840][T23144] loop5: detected capacity change from 0 to 16949 [ 936.281826][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 936.288006][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:56 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000200000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:56 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000300000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 936.300871][T23144] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 936.310994][T23144] EXT4-fs (loop5): group descriptors corrupted! [ 936.370824][T23148] loop2: detected capacity change from 0 to 1 [ 936.440754][T23148] loop2: p1 p2 p3 p4 [ 936.444914][T23148] loop2: p1 start 10 is beyond EOD, truncated [ 936.451167][T23148] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 936.467301][T23148] loop2: p3 start 225 is beyond EOD, truncated [ 936.473585][T23148] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 936.513282][T23148] loop2: detected capacity change from 0 to 1 [ 936.550928][T23148] loop2: p1 p2 p3 p4 [ 936.555003][T23148] loop2: p1 start 10 is beyond EOD, truncated [ 936.561161][T23148] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 936.585687][T23148] loop2: p3 start 225 is beyond EOD, truncated [ 936.591895][T23148] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 936.655806][ T380] loop2: p1 p2 p3 p4 [ 936.664292][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 936.670404][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 936.682340][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 936.688574][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:14:57 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x1000000, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:57 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000400000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:57 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000211a0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:57 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 41) 10:14:57 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac7b0100000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:57 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000002000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:14:57 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000500000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 936.849904][T23163] loop2: detected capacity change from 0 to 1 [ 936.866340][T23166] loop5: detected capacity change from 0 to 16949 [ 936.891406][T23166] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 936.901539][T23166] EXT4-fs (loop5): group descriptors corrupted! [ 936.919854][T23170] FAULT_INJECTION: forcing a failure. [ 936.919854][T23170] name failslab, interval 1, probability 0, space 0, times 0 [ 936.932524][T23170] CPU: 1 PID: 23170 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 936.941334][T23170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 936.951447][T23170] Call Trace: [ 936.954735][T23170] dump_stack_lvl+0xd6/0x122 [ 936.959364][T23170] dump_stack+0x11/0x1b [ 936.963508][T23170] should_fail+0x23c/0x250 [ 936.967912][T23170] __should_failslab+0x81/0x90 [ 936.972721][T23170] ? __se_sys_mount+0xf7/0x2f0 [ 936.977473][T23170] should_failslab+0x5/0x20 [ 936.982035][T23170] kmem_cache_alloc_trace+0x52/0x320 [ 936.987307][T23170] ? _copy_from_user+0x94/0xd0 [ 936.992070][T23170] __se_sys_mount+0xf7/0x2f0 [ 936.996650][T23170] ? perf_trace_sys_exit+0x6e/0x180 [ 937.001850][T23170] __x64_sys_mount+0x63/0x70 [ 937.006442][T23170] do_syscall_64+0x44/0xa0 [ 937.010921][T23170] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 937.016820][T23170] RIP: 0033:0x7fc7f63f3f6a [ 937.021224][T23170] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 10:14:57 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000800000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:57 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac001800000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 937.040929][T23170] RSP: 002b:00007fc7f4147fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 937.049332][T23170] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f3f6a [ 937.057372][T23170] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 00007fc7f4148000 [ 937.065331][T23170] RBP: 00007fc7f4148040 R08: 00007fc7f4148040 R09: 0000000020000080 [ 937.073289][T23170] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000080 [ 937.081276][T23170] R13: 0000000000000000 R14: 00007fc7f4148000 R15: 0000000020000340 10:14:57 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac002600000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:57 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000200000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:57 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac007300000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 937.199255][T23181] loop5: detected capacity change from 0 to 16949 [ 937.223898][T23181] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 937.234030][T23181] EXT4-fs (loop5): group descriptors corrupted! [ 937.318025][T23163] loop2: detected capacity change from 0 to 1 10:14:58 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x2000000, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:58 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac007e00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:58 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000010200000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:58 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 42) 10:14:58 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45aca10100000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:58 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000402000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:14:58 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00fe00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 937.706552][T23186] loop2: detected capacity change from 0 to 1 [ 937.713328][T23189] loop5: detected capacity change from 0 to 16949 [ 937.734430][T23189] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 937.744601][T23189] EXT4-fs (loop5): group descriptors corrupted! [ 937.778150][T23190] FAULT_INJECTION: forcing a failure. [ 937.778150][T23190] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 937.791228][T23190] CPU: 1 PID: 23190 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 937.800010][T23190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 937.810182][T23190] Call Trace: [ 937.813459][T23190] dump_stack_lvl+0xd6/0x122 [ 937.818061][T23190] dump_stack+0x11/0x1b [ 937.822276][T23190] should_fail+0x23c/0x250 [ 937.826725][T23190] should_fail_usercopy+0x16/0x20 [ 937.831803][T23190] _copy_from_user+0x1c/0xd0 [ 937.836449][T23190] __se_sys_mount+0x119/0x2f0 [ 937.841127][T23190] __x64_sys_mount+0x63/0x70 [ 937.845781][T23190] do_syscall_64+0x44/0xa0 [ 937.850197][T23190] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 937.856099][T23190] RIP: 0033:0x7fc7f63f3f6a [ 937.860504][T23190] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 937.880107][T23190] RSP: 002b:00007fc7f4168fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 937.888520][T23190] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f3f6a [ 937.896573][T23190] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 00007fc7f4169000 [ 937.904549][T23190] RBP: 00007fc7f4169040 R08: 00007fc7f4169040 R09: 0000000020000080 [ 937.912566][T23190] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000080 [ 937.920888][T23190] R13: 0000000000000000 R14: 00007fc7f4169000 R15: 0000000020000340 10:14:58 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000402000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:58 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000220000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:58 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000003000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:58 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 43) [ 937.972507][T23186] loop2: detected capacity change from 0 to 1 [ 937.997627][T23205] loop5: detected capacity change from 0 to 16949 10:14:58 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac008003000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 938.032678][T23205] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 938.042972][T23205] EXT4-fs (loop5): group descriptors corrupted! [ 938.121785][T23213] FAULT_INJECTION: forcing a failure. [ 938.121785][T23213] name failslab, interval 1, probability 0, space 0, times 0 [ 938.134475][T23213] CPU: 0 PID: 23213 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 938.143292][T23213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 938.153344][T23213] Call Trace: [ 938.156617][T23213] dump_stack_lvl+0xd6/0x122 [ 938.161233][T23213] dump_stack+0x11/0x1b [ 938.165407][T23213] should_fail+0x23c/0x250 [ 938.169850][T23213] ? getname_flags+0x84/0x3f0 [ 938.174527][T23213] __should_failslab+0x81/0x90 [ 938.179330][T23213] should_failslab+0x5/0x20 [ 938.183831][T23213] kmem_cache_alloc+0x4f/0x300 [ 938.188597][T23213] getname_flags+0x84/0x3f0 [ 938.193101][T23213] user_path_at_empty+0x28/0x110 [ 938.198064][T23213] __se_sys_mount+0x217/0x2f0 [ 938.202817][T23213] __x64_sys_mount+0x63/0x70 [ 938.207458][T23213] do_syscall_64+0x44/0xa0 [ 938.211993][T23213] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 938.217923][T23213] RIP: 0033:0x7fc7f63f3f6a [ 938.222335][T23213] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 938.242035][T23213] RSP: 002b:00007fc7f4147fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 938.250536][T23213] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f3f6a [ 938.258505][T23213] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 00007fc7f4148000 [ 938.266489][T23213] RBP: 00007fc7f4148040 R08: 00007fc7f4148040 R09: 0000000020000080 [ 938.274465][T23213] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000080 [ 938.282459][T23213] R13: 0000000000000000 R14: 00007fc7f4148000 R15: 0000000020000340 10:14:59 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x3000000, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:14:59 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acf80100000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:59 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000204000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:59 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000250000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:14:59 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 44) 10:14:59 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000003000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:14:59 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000604000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:59 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000005000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 938.596024][T23218] loop2: detected capacity change from 0 to 1 [ 938.606601][T23223] loop5: detected capacity change from 0 to 16949 [ 938.626042][T23223] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 938.636154][T23223] EXT4-fs (loop5): group descriptors corrupted! [ 938.682349][T23226] FAULT_INJECTION: forcing a failure. [ 938.682349][T23226] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 938.695454][T23226] CPU: 1 PID: 23226 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 938.704224][T23226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 938.714272][T23226] Call Trace: [ 938.717595][T23226] dump_stack_lvl+0xd6/0x122 [ 938.722376][T23226] dump_stack+0x11/0x1b [ 938.726579][T23226] should_fail+0x23c/0x250 [ 938.731024][T23226] should_fail_usercopy+0x16/0x20 [ 938.736063][T23226] strncpy_from_user+0x21/0x250 [ 938.740918][T23226] getname_flags+0xb8/0x3f0 [ 938.745473][T23226] ? should_fail+0xd6/0x250 [ 938.750050][T23226] user_path_at_empty+0x28/0x110 [ 938.755063][T23226] __se_sys_mount+0x217/0x2f0 [ 938.759743][T23226] __x64_sys_mount+0x63/0x70 [ 938.764405][T23226] do_syscall_64+0x44/0xa0 [ 938.768822][T23226] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 938.774759][T23226] RIP: 0033:0x7fc7f63f3f6a [ 938.779167][T23226] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 938.798940][T23226] RSP: 002b:00007fc7f4168fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 938.807470][T23226] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f3f6a [ 938.815465][T23226] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 00007fc7f4169000 [ 938.823445][T23226] RBP: 00007fc7f4169040 R08: 00007fc7f4169040 R09: 0000000020000080 10:14:59 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000406000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:59 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000018000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:59 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000020000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:14:59 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000026000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 938.831485][T23226] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000080 [ 938.839454][T23226] R13: 0000000000000000 R14: 00007fc7f4169000 R15: 0000000020000340 [ 938.861721][T23218] loop2: detected capacity change from 0 to 1 10:15:00 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000422d0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:00 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00003f000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:00 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 45) 10:15:00 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x4000000, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:00 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000004000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:00 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac040200000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:00 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000040000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 939.491242][T23250] loop2: detected capacity change from 0 to 1 [ 939.499161][T23245] loop5: detected capacity change from 0 to 16949 [ 939.519840][T23245] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 939.529967][T23245] EXT4-fs (loop5): group descriptors corrupted! 10:15:00 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000073000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:00 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00007e000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 939.552285][T23250] loop2: detected capacity change from 0 to 1 10:15:00 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000380000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 939.620626][T23260] FAULT_INJECTION: forcing a failure. [ 939.620626][T23260] name failslab, interval 1, probability 0, space 0, times 0 [ 939.633275][T23260] CPU: 0 PID: 23260 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 939.642038][T23260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 939.652194][T23260] Call Trace: [ 939.655468][T23260] dump_stack_lvl+0xd6/0x122 [ 939.660123][T23260] dump_stack+0x11/0x1b [ 939.664275][T23260] should_fail+0x23c/0x250 [ 939.668684][T23260] __should_failslab+0x81/0x90 [ 939.673443][T23260] ? kobject_uevent_env+0x1a7/0xc40 [ 939.678669][T23260] should_failslab+0x5/0x20 [ 939.683189][T23260] kmem_cache_alloc_trace+0x52/0x320 [ 939.688519][T23260] ? kernfs_put+0x22a/0x300 [ 939.693064][T23260] ? dev_uevent_filter+0x70/0x70 [ 939.698088][T23260] kobject_uevent_env+0x1a7/0xc40 [ 939.703165][T23260] ? kernfs_put+0x2e2/0x300 [ 939.707695][T23260] kobject_uevent+0x18/0x20 [ 939.712264][T23260] __loop_clr_fd+0x601/0x850 [ 939.716861][T23260] lo_ioctl+0xac5/0x13e0 [ 939.721163][T23260] ? search_extable+0x50/0x80 [ 939.725878][T23260] ? strncpy_from_user+0x1b4/0x250 [ 939.731066][T23260] ? strncpy_from_user+0x1b4/0x250 [ 939.736179][T23260] ? ex_handler_uaccess+0x30/0x70 [ 939.741209][T23260] ? fixup_exception+0x4c/0x70 [ 939.746045][T23260] ? kernelmode_fixup_or_oops+0x187/0x1d0 [ 939.751765][T23260] ? avc_has_extended_perms+0x67d/0x8a0 [ 939.758364][T23260] ? blkdev_common_ioctl+0x438/0x1110 [ 939.763807][T23260] ? selinux_file_ioctl+0x981/0xa10 [ 939.769013][T23260] ? lo_release+0x120/0x120 [ 939.773532][T23260] blkdev_ioctl+0x1d0/0x3f0 [ 939.778036][T23260] block_ioctl+0x6e/0x80 [ 939.782269][T23260] ? blkdev_iopoll+0x80/0x80 [ 939.786849][T23260] __se_sys_ioctl+0xcb/0x140 [ 939.791440][T23260] __x64_sys_ioctl+0x3f/0x50 [ 939.796032][T23260] do_syscall_64+0x44/0xa0 [ 939.800447][T23260] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 939.806345][T23260] RIP: 0033:0x7fc7f63f27f7 10:15:00 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00fffe000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 939.810759][T23260] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 939.830467][T23260] RSP: 002b:00007fc7f4147fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 939.838942][T23260] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f27f7 [ 939.846911][T23260] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 939.854880][T23260] RBP: 00007fc7f41486bc R08: 00007fc7f4148040 R09: 0000000020000080 [ 939.862875][T23260] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff 10:15:00 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac940200000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:00 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000002e0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 939.870954][T23260] R13: 000000000000000e R14: 00007fc7f4148000 R15: 0000000020000340 10:15:00 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00feff000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 939.938157][T23271] loop5: detected capacity change from 0 to 16949 [ 939.953784][T23273] loop2: detected capacity change from 0 to 1 [ 939.988868][T23271] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 939.998990][T23271] EXT4-fs (loop5): group descriptors corrupted! [ 940.082122][T23273] loop2: detected capacity change from 0 to 1 10:15:00 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x7000000, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:00 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000080063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:00 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000320000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:00 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 46) 10:15:00 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000300000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:00 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000005000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:00 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac004000080063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:01 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000200063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:01 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000163000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 940.367506][T23281] loop5: detected capacity change from 0 to 16949 [ 940.373507][T23279] loop2: detected capacity change from 0 to 1 [ 940.393872][T23281] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 940.403999][T23281] EXT4-fs (loop5): group descriptors corrupted! 10:15:01 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000042350000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:01 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000263000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 940.461518][T23279] loop2: detected capacity change from 0 to 1 [ 940.490524][T23294] FAULT_INJECTION: forcing a failure. [ 940.490524][T23294] name failslab, interval 1, probability 0, space 0, times 0 [ 940.503255][T23294] CPU: 0 PID: 23294 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 940.512063][T23294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 940.522118][T23294] Call Trace: [ 940.524357][T23301] loop5: detected capacity change from 0 to 16949 [ 940.525395][T23294] dump_stack_lvl+0xd6/0x122 [ 940.536468][T23294] dump_stack+0x11/0x1b [ 940.540693][T23294] should_fail+0x23c/0x250 [ 940.545105][T23294] ? kzalloc+0x1d/0x30 [ 940.549216][T23294] __should_failslab+0x81/0x90 [ 940.554028][T23294] should_failslab+0x5/0x20 [ 940.558529][T23294] __kmalloc+0x6f/0x350 [ 940.562679][T23294] ? kobject_uevent_env+0x1a7/0xc40 [ 940.567999][T23294] kzalloc+0x1d/0x30 [ 940.571931][T23294] kobject_get_path+0x7c/0x110 [ 940.576710][T23294] kobject_uevent_env+0x1be/0xc40 [ 940.581785][T23294] ? kernfs_put+0x2e2/0x300 [ 940.586296][T23294] kobject_uevent+0x18/0x20 [ 940.590797][T23294] __loop_clr_fd+0x601/0x850 [ 940.595377][T23294] lo_ioctl+0xac5/0x13e0 [ 940.599700][T23294] ? search_extable+0x50/0x80 [ 940.604417][T23294] ? strncpy_from_user+0x1b4/0x250 [ 940.609551][T23294] ? strncpy_from_user+0x1b4/0x250 [ 940.614655][T23294] ? ex_handler_uaccess+0x30/0x70 [ 940.619682][T23294] ? fixup_exception+0x4c/0x70 [ 940.624516][T23294] ? kernelmode_fixup_or_oops+0x187/0x1d0 [ 940.630341][T23294] ? avc_has_extended_perms+0x67d/0x8a0 [ 940.635950][T23294] ? blkdev_common_ioctl+0x438/0x1110 [ 940.641313][T23294] ? selinux_file_ioctl+0x981/0xa10 [ 940.646511][T23294] ? lo_release+0x120/0x120 [ 940.651024][T23294] blkdev_ioctl+0x1d0/0x3f0 [ 940.655542][T23294] block_ioctl+0x6e/0x80 [ 940.659776][T23294] ? blkdev_iopoll+0x80/0x80 [ 940.664349][T23294] __se_sys_ioctl+0xcb/0x140 [ 940.668942][T23294] __x64_sys_ioctl+0x3f/0x50 [ 940.673563][T23294] do_syscall_64+0x44/0xa0 [ 940.677985][T23294] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 940.683883][T23294] RIP: 0033:0x7fc7f63f27f7 [ 940.688295][T23294] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 10:15:01 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000040263000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 940.707966][T23294] RSP: 002b:00007fc7f4147fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 940.716361][T23294] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f27f7 [ 940.724396][T23294] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 940.732353][T23294] RBP: 00007fc7f41486bc R08: 00007fc7f4148040 R09: 0000000020000080 [ 940.740389][T23294] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 940.748346][T23294] R13: 000000000000000e R14: 00007fc7f4148000 R15: 0000000020000340 [ 940.811733][T23301] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 940.821880][T23301] EXT4-fs (loop5): group descriptors corrupted! 10:15:01 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x8000000, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:01 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000363000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:01 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac900300000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:01 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000003f0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:01 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 47) 10:15:01 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000006000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:01 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000463000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 941.266209][T23309] loop5: detected capacity change from 0 to 16949 [ 941.280799][T23314] loop2: detected capacity change from 0 to 1 [ 941.302992][T23309] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! 10:15:01 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000563000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 941.313118][T23309] EXT4-fs (loop5): group descriptors corrupted! [ 941.374025][T23314] loop2: detected capacity change from 0 to 1 [ 941.380748][T23322] FAULT_INJECTION: forcing a failure. [ 941.380748][T23322] name failslab, interval 1, probability 0, space 0, times 0 [ 941.393462][T23322] CPU: 1 PID: 23322 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 941.402230][T23322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 941.412285][T23322] Call Trace: [ 941.415586][T23322] dump_stack_lvl+0xd6/0x122 [ 941.420249][T23322] dump_stack+0x11/0x1b [ 941.424405][T23322] should_fail+0x23c/0x250 [ 941.428821][T23322] __should_failslab+0x81/0x90 [ 941.433620][T23322] should_failslab+0x5/0x20 [ 941.438127][T23322] kmem_cache_alloc_node+0x61/0x2c0 [ 941.443484][T23322] ? __alloc_skb+0xed/0x420 [ 941.448116][T23322] __alloc_skb+0xed/0x420 [ 941.452469][T23322] alloc_uevent_skb+0x5b/0x120 [ 941.457310][T23322] kobject_uevent_env+0x863/0xc40 [ 941.462400][T23322] ? kernfs_put+0x2e2/0x300 [ 941.466898][T23322] kobject_uevent+0x18/0x20 [ 941.471498][T23322] __loop_clr_fd+0x601/0x850 [ 941.476095][T23322] lo_ioctl+0xac5/0x13e0 [ 941.480360][T23322] ? search_extable+0x50/0x80 [ 941.485071][T23322] ? strncpy_from_user+0x1b4/0x250 [ 941.490185][T23322] ? strncpy_from_user+0x1b4/0x250 [ 941.495343][T23322] ? ex_handler_uaccess+0x30/0x70 [ 941.500364][T23322] ? fixup_exception+0x4c/0x70 [ 941.505125][T23322] ? kernelmode_fixup_or_oops+0x187/0x1d0 [ 941.510844][T23322] ? avc_has_extended_perms+0x67d/0x8a0 [ 941.516490][T23322] ? blkdev_common_ioctl+0x438/0x1110 [ 941.521880][T23322] ? selinux_file_ioctl+0x981/0xa10 [ 941.527078][T23322] ? lo_release+0x120/0x120 [ 941.531591][T23322] blkdev_ioctl+0x1d0/0x3f0 [ 941.536145][T23322] block_ioctl+0x6e/0x80 [ 941.540488][T23322] ? blkdev_iopoll+0x80/0x80 [ 941.545075][T23322] __se_sys_ioctl+0xcb/0x140 [ 941.549724][T23322] __x64_sys_ioctl+0x3f/0x50 [ 941.554316][T23322] do_syscall_64+0x44/0xa0 [ 941.558764][T23322] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 941.564764][T23322] RIP: 0033:0x7fc7f63f27f7 [ 941.569201][T23322] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 941.588823][T23322] RSP: 002b:00007fc7f4147fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 941.597240][T23322] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f27f7 [ 941.605205][T23322] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 941.613173][T23322] RBP: 00007fc7f41486bc R08: 00007fc7f4148040 R09: 0000000020000080 10:15:02 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000023f0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:02 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000040663000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:02 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac020400000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:02 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 48) [ 941.621138][T23322] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 941.629105][T23322] R13: 000000000000000e R14: 00007fc7f4148000 R15: 0000000020000340 [ 941.648302][T23330] loop5: detected capacity change from 0 to 16949 [ 941.656287][T23330] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 941.666403][T23330] EXT4-fs (loop5): group descriptors corrupted! 10:15:02 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x10000000, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:02 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000863000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:02 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000001863000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:02 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000400000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 941.755185][T23332] FAULT_INJECTION: forcing a failure. [ 941.755185][T23332] name failslab, interval 1, probability 0, space 0, times 0 [ 941.767831][T23332] CPU: 0 PID: 23332 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 941.776605][T23332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 941.785093][T23342] loop5: detected capacity change from 0 to 16949 [ 941.786661][T23332] Call Trace: [ 941.786671][T23332] dump_stack_lvl+0xd6/0x122 [ 941.800921][T23332] dump_stack+0x11/0x1b [ 941.805128][T23332] should_fail+0x23c/0x250 [ 941.809545][T23332] ? kzalloc+0x1d/0x30 [ 941.813616][T23332] __should_failslab+0x81/0x90 [ 941.818379][T23332] should_failslab+0x5/0x20 [ 941.822881][T23332] __kmalloc+0x6f/0x350 [ 941.827062][T23332] ? kobject_uevent_env+0x1a7/0xc40 [ 941.831970][T23342] EXT4-fs (loop5): bad geometry: first data block 64 is beyond end of filesystem (64) [ 941.832259][T23332] kzalloc+0x1d/0x30 [ 941.845678][T23332] kobject_get_path+0x7c/0x110 [ 941.850452][T23332] kobject_uevent_env+0x1be/0xc40 10:15:02 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000002663000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 941.855527][T23332] ? kernfs_put+0x2e2/0x300 [ 941.860107][T23332] kobject_uevent+0x18/0x20 [ 941.864690][T23332] __loop_clr_fd+0x601/0x850 [ 941.866950][T23345] loop2: detected capacity change from 0 to 1 [ 941.869305][T23332] lo_ioctl+0xac5/0x13e0 [ 941.879618][T23332] ? search_extable+0x50/0x80 [ 941.884367][T23332] ? strncpy_from_user+0x1b4/0x250 [ 941.889521][T23332] ? strncpy_from_user+0x1b4/0x250 [ 941.894666][T23332] ? ex_handler_uaccess+0x30/0x70 [ 941.899763][T23332] ? fixup_exception+0x4c/0x70 [ 941.904557][T23332] ? kernelmode_fixup_or_oops+0x187/0x1d0 [ 941.910294][T23332] ? avc_has_extended_perms+0x67d/0x8a0 [ 941.915845][T23332] ? blkdev_common_ioctl+0x438/0x1110 [ 941.921358][T23332] ? selinux_file_ioctl+0x981/0xa10 [ 941.926572][T23332] ? lo_release+0x120/0x120 [ 941.931116][T23332] blkdev_ioctl+0x1d0/0x3f0 [ 941.935616][T23332] block_ioctl+0x6e/0x80 [ 941.939861][T23332] ? blkdev_iopoll+0x80/0x80 [ 941.944444][T23332] __se_sys_ioctl+0xcb/0x140 [ 941.949036][T23332] __x64_sys_ioctl+0x3f/0x50 10:15:02 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000406000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 941.953670][T23332] do_syscall_64+0x44/0xa0 [ 941.958081][T23332] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 941.964177][T23332] RIP: 0033:0x7fc7f63f27f7 [ 941.968585][T23332] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 941.988191][T23332] RSP: 002b:00007fc7f4168fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 941.996626][T23332] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f27f7 10:15:02 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000003f63000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:02 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000008460000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 942.005490][T23332] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 942.013465][T23332] RBP: 00007fc7f41696bc R08: 00007fc7f4169040 R09: 0000000020000080 [ 942.021434][T23332] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 942.029397][T23332] R13: 000000000000000e R14: 00007fc7f4169000 R15: 0000000020000340 10:15:02 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 49) 10:15:02 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000004063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 942.091066][T23353] loop5: detected capacity change from 0 to 16949 [ 942.109191][T23353] EXT4-fs (loop5): bad geometry: first data block 70 is beyond end of filesystem (64) [ 942.120506][T23345] loop2: detected capacity change from 0 to 1 10:15:02 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac060400000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:02 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000008004063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 942.200829][T23356] FAULT_INJECTION: forcing a failure. [ 942.200829][T23356] name failslab, interval 1, probability 0, space 0, times 0 [ 942.213555][T23356] CPU: 0 PID: 23356 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 942.222341][T23356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 942.232393][T23356] Call Trace: [ 942.235710][T23356] dump_stack_lvl+0xd6/0x122 [ 942.240361][T23356] dump_stack+0x11/0x1b [ 942.244512][T23356] should_fail+0x23c/0x250 [ 942.249005][T23356] ? skb_clone+0x12c/0x1f0 [ 942.253424][T23356] __should_failslab+0x81/0x90 [ 942.258231][T23356] should_failslab+0x5/0x20 [ 942.262799][T23356] kmem_cache_alloc+0x4f/0x300 [ 942.267600][T23356] skb_clone+0x12c/0x1f0 [ 942.271847][T23356] netlink_broadcast_filtered+0x4fd/0xb60 [ 942.277562][T23356] ? skb_put+0xb9/0xf0 [ 942.281630][T23356] netlink_broadcast+0x35/0x50 [ 942.286400][T23356] kobject_uevent_env+0x8c9/0xc40 [ 942.291453][T23356] ? kernfs_put+0x2e2/0x300 [ 942.295961][T23356] kobject_uevent+0x18/0x20 [ 942.300463][T23356] __loop_clr_fd+0x601/0x850 [ 942.305055][T23356] lo_ioctl+0xac5/0x13e0 [ 942.309305][T23356] ? search_extable+0x50/0x80 [ 942.314012][T23356] ? strncpy_from_user+0x1b4/0x250 [ 942.319152][T23356] ? strncpy_from_user+0x1b4/0x250 [ 942.324389][T23356] ? ex_handler_uaccess+0x30/0x70 [ 942.329412][T23356] ? fixup_exception+0x4c/0x70 [ 942.334284][T23356] ? kernelmode_fixup_or_oops+0x187/0x1d0 [ 942.340016][T23356] ? avc_has_extended_perms+0x67d/0x8a0 [ 942.345649][T23356] ? blkdev_common_ioctl+0x438/0x1110 [ 942.351086][T23356] ? selinux_file_ioctl+0x981/0xa10 [ 942.356288][T23356] ? lo_release+0x120/0x120 [ 942.360829][T23356] blkdev_ioctl+0x1d0/0x3f0 [ 942.365400][T23356] block_ioctl+0x6e/0x80 [ 942.369640][T23356] ? blkdev_iopoll+0x80/0x80 [ 942.374231][T23356] __se_sys_ioctl+0xcb/0x140 [ 942.378874][T23356] __x64_sys_ioctl+0x3f/0x50 [ 942.383534][T23356] do_syscall_64+0x44/0xa0 [ 942.388117][T23356] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 942.394016][T23356] RIP: 0033:0x7fc7f63f27f7 [ 942.398451][T23356] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 942.418197][T23356] RSP: 002b:00007fc7f4168fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 942.426611][T23356] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f27f7 [ 942.434580][T23356] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 942.442551][T23356] RBP: 00007fc7f41696bc R08: 00007fc7f4169040 R09: 0000000020000080 [ 942.450546][T23356] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 942.458521][T23356] R13: 000000000000000e R14: 00007fc7f4169000 R15: 0000000020000340 [ 942.468093][T23363] loop2: detected capacity change from 0 to 1 10:15:03 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x40000000, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:03 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000480000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:03 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000007363000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:03 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 50) 10:15:03 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000007e63000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 942.584046][T23363] loop2: detected capacity change from 0 to 1 [ 942.601335][T23371] loop5: detected capacity change from 0 to 16949 [ 942.619893][T23371] EXT4-fs (loop5): bad geometry: first data block 72 is beyond end of filesystem (64) [ 942.650910][T23367] FAULT_INJECTION: forcing a failure. [ 942.650910][T23367] name failslab, interval 1, probability 0, space 0, times 0 [ 942.663542][T23367] CPU: 1 PID: 23367 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 942.672325][T23367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 942.682414][T23367] Call Trace: [ 942.685694][T23367] dump_stack_lvl+0xd6/0x122 [ 942.690308][T23367] dump_stack+0x11/0x1b [ 942.694514][T23367] should_fail+0x23c/0x250 [ 942.698935][T23367] ? skb_clone+0x12c/0x1f0 [ 942.703871][T23367] __should_failslab+0x81/0x90 [ 942.708677][T23367] should_failslab+0x5/0x20 [ 942.713179][T23367] kmem_cache_alloc+0x4f/0x300 [ 942.717942][T23367] skb_clone+0x12c/0x1f0 [ 942.722183][T23367] netlink_broadcast_filtered+0x4fd/0xb60 [ 942.727987][T23367] ? skb_put+0xb9/0xf0 [ 942.732086][T23367] netlink_broadcast+0x35/0x50 [ 942.736853][T23367] kobject_uevent_env+0x8c9/0xc40 [ 942.741884][T23367] ? kernfs_put+0x2e2/0x300 [ 942.746434][T23367] kobject_uevent+0x18/0x20 10:15:03 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000008000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:03 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000500000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:03 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000038063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:03 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00fffffff663000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:03 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00fffffffe63000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 942.750939][T23367] __loop_clr_fd+0x601/0x850 [ 942.755526][T23367] lo_ioctl+0xac5/0x13e0 [ 942.759777][T23367] ? search_extable+0x50/0x80 [ 942.764493][T23367] ? strncpy_from_user+0x1b4/0x250 [ 942.769844][T23367] ? strncpy_from_user+0x1b4/0x250 [ 942.774969][T23367] ? ex_handler_uaccess+0x30/0x70 [ 942.780129][T23367] ? fixup_exception+0x4c/0x70 [ 942.784891][T23367] ? kernelmode_fixup_or_oops+0x187/0x1d0 [ 942.790608][T23367] ? avc_has_extended_perms+0x67d/0x8a0 [ 942.796238][T23367] ? blkdev_common_ioctl+0x438/0x1110 10:15:03 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00f6ffffff63000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 942.801620][T23367] ? selinux_file_ioctl+0x981/0xa10 [ 942.806847][T23367] ? lo_release+0x120/0x120 [ 942.811354][T23367] blkdev_ioctl+0x1d0/0x3f0 [ 942.815910][T23367] block_ioctl+0x6e/0x80 [ 942.820194][T23367] ? blkdev_iopoll+0x80/0x80 [ 942.824784][T23367] __se_sys_ioctl+0xcb/0x140 [ 942.829451][T23367] __x64_sys_ioctl+0x3f/0x50 [ 942.834043][T23367] do_syscall_64+0x44/0xa0 [ 942.838511][T23367] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 942.844419][T23367] RIP: 0033:0x7fc7f63f27f7 [ 942.848859][T23367] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 942.868494][T23367] RSP: 002b:00007fc7f4168fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 942.876914][T23367] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f27f7 [ 942.884885][T23367] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 942.892871][T23367] RBP: 00007fc7f41696bc R08: 00007fc7f4169040 R09: 0000000020000080 10:15:03 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00feffffff63000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 942.901021][T23367] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 942.908992][T23367] R13: 000000000000000e R14: 00007fc7f4169000 R15: 0000000020000340 [ 942.918529][T23382] loop2: detected capacity change from 0 to 1 [ 942.942041][T23371] loop5: detected capacity change from 0 to 16949 [ 942.951916][T23371] EXT4-fs (loop5): bad geometry: first data block 72 is beyond end of filesystem (64) [ 943.021648][T23382] loop2: detected capacity change from 0 to 1 10:15:04 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0xc00e0000, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:04 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000002000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:04 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 51) 10:15:04 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000004c0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:04 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000600000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:04 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700001008000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:04 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000003000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 943.455618][T23395] loop5: detected capacity change from 0 to 16949 [ 943.463598][T23400] loop2: detected capacity change from 0 to 1 [ 943.481772][T23395] EXT4-fs (loop5): bad geometry: first data block 76 is beyond end of filesystem (64) 10:15:04 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000004000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 943.511424][T23400] loop2: detected capacity change from 0 to 1 [ 943.551014][T23408] FAULT_INJECTION: forcing a failure. 10:15:04 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000005000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:04 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000008000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:04 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000018000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 943.551014][T23408] name failslab, interval 1, probability 0, space 0, times 0 [ 943.563757][T23408] CPU: 1 PID: 23408 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 943.572542][T23408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 943.582624][T23408] Call Trace: [ 943.585896][T23408] dump_stack_lvl+0xd6/0x122 [ 943.590526][T23408] dump_stack+0x11/0x1b [ 943.594740][T23408] should_fail+0x23c/0x250 [ 943.599176][T23408] ? kzalloc+0x1d/0x30 [ 943.603321][T23408] __should_failslab+0x81/0x90 10:15:04 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000026000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 943.608078][T23408] should_failslab+0x5/0x20 [ 943.612625][T23408] __kmalloc+0x6f/0x350 [ 943.616786][T23408] ? kobject_uevent_env+0x1a7/0xc40 [ 943.621989][T23408] kzalloc+0x1d/0x30 [ 943.625889][T23408] kobject_get_path+0x7c/0x110 [ 943.630683][T23408] kobject_uevent_env+0x1be/0xc40 [ 943.635712][T23408] ? _raw_spin_unlock_irqrestore+0x27/0x40 [ 943.641568][T23408] ? __wake_up+0x8d/0xc0 [ 943.645845][T23408] disk_force_media_change+0xe3/0x170 [ 943.651222][T23408] __loop_clr_fd+0x68f/0x850 [ 943.655813][T23408] lo_ioctl+0xac5/0x13e0 [ 943.660050][T23408] ? search_extable+0x50/0x80 [ 943.664710][T23408] ? strncpy_from_user+0x1b4/0x250 [ 943.669836][T23408] ? strncpy_from_user+0x1b4/0x250 [ 943.674945][T23408] ? ex_handler_uaccess+0x30/0x70 [ 943.679970][T23408] ? fixup_exception+0x4c/0x70 [ 943.684738][T23408] ? kernelmode_fixup_or_oops+0x187/0x1d0 [ 943.690454][T23408] ? avc_has_extended_perms+0x67d/0x8a0 [ 943.696006][T23408] ? blkdev_common_ioctl+0x438/0x1110 [ 943.701379][T23408] ? selinux_file_ioctl+0x981/0xa10 [ 943.706581][T23408] ? lo_release+0x120/0x120 [ 943.711083][T23408] blkdev_ioctl+0x1d0/0x3f0 [ 943.715629][T23408] block_ioctl+0x6e/0x80 [ 943.719912][T23408] ? blkdev_iopoll+0x80/0x80 [ 943.724598][T23408] __se_sys_ioctl+0xcb/0x140 [ 943.729193][T23408] __x64_sys_ioctl+0x3f/0x50 [ 943.733847][T23408] do_syscall_64+0x44/0xa0 [ 943.738267][T23408] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 943.744218][T23408] RIP: 0033:0x7fc7f63f27f7 [ 943.748648][T23408] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 943.768323][T23408] RSP: 002b:00007fc7f4147fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 943.777018][T23408] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f27f7 [ 943.785039][T23408] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 943.793003][T23408] RBP: 00007fc7f41486bc R08: 00007fc7f4148040 R09: 0000000020000080 [ 943.800997][T23408] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 943.808966][T23408] R13: 000000000000000e R14: 00007fc7f4148000 R15: 0000000020000340 10:15:04 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0xc08e0000, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:04 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000073000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:04 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000024d0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:04 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 52) 10:15:04 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac040600000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:04 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700008008000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:04 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00007e000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:05 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000fe000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 944.355739][T23428] loop5: detected capacity change from 0 to 16949 [ 944.365896][T23429] loop2: detected capacity change from 0 to 1 [ 944.389889][T23428] EXT4-fs (loop5): bad geometry: first data block 77 is beyond end of filesystem (64) [ 944.451163][T23439] FAULT_INJECTION: forcing a failure. [ 944.451163][T23439] name failslab, interval 1, probability 0, space 0, times 0 [ 944.463922][T23439] CPU: 0 PID: 23439 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 944.472679][T23439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 944.482762][T23439] Call Trace: [ 944.486032][T23439] dump_stack_lvl+0xd6/0x122 [ 944.490626][T23439] dump_stack+0x11/0x1b [ 944.494845][T23439] should_fail+0x23c/0x250 [ 944.499259][T23439] __should_failslab+0x81/0x90 [ 944.504153][T23439] should_failslab+0x5/0x20 [ 944.508667][T23439] kmem_cache_alloc_node+0x61/0x2c0 [ 944.513912][T23439] ? __alloc_skb+0xed/0x420 [ 944.518436][T23439] __alloc_skb+0xed/0x420 [ 944.522765][T23439] alloc_uevent_skb+0x5b/0x120 [ 944.527545][T23439] kobject_uevent_env+0x863/0xc40 [ 944.532573][T23439] ? _raw_spin_unlock_irqrestore+0x27/0x40 [ 944.538455][T23439] ? __wake_up+0x8d/0xc0 [ 944.542717][T23439] disk_force_media_change+0xe3/0x170 [ 944.548159][T23439] __loop_clr_fd+0x68f/0x850 [ 944.552758][T23439] lo_ioctl+0xac5/0x13e0 [ 944.557078][T23439] ? search_extable+0x50/0x80 [ 944.561753][T23439] ? strncpy_from_user+0x1b4/0x250 [ 944.567047][T23439] ? strncpy_from_user+0x1b4/0x250 [ 944.572323][T23439] ? ex_handler_uaccess+0x30/0x70 [ 944.577433][T23439] ? fixup_exception+0x4c/0x70 [ 944.582217][T23439] ? kernelmode_fixup_or_oops+0x187/0x1d0 [ 944.587969][T23439] ? avc_has_extended_perms+0x67d/0x8a0 [ 944.593513][T23439] ? blkdev_common_ioctl+0x438/0x1110 [ 944.598953][T23439] ? selinux_file_ioctl+0x981/0xa10 [ 944.604203][T23439] ? lo_release+0x120/0x120 [ 944.608785][T23439] blkdev_ioctl+0x1d0/0x3f0 [ 944.613315][T23439] block_ioctl+0x6e/0x80 [ 944.617595][T23439] ? blkdev_iopoll+0x80/0x80 [ 944.622179][T23439] __se_sys_ioctl+0xcb/0x140 [ 944.626789][T23439] __x64_sys_ioctl+0x3f/0x50 [ 944.631409][T23439] do_syscall_64+0x44/0xa0 [ 944.635828][T23439] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 944.641754][T23439] RIP: 0033:0x7fc7f63f27f7 [ 944.646165][T23439] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 944.665770][T23439] RSP: 002b:00007fc7f4147fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 944.674282][T23439] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f27f7 [ 944.682347][T23439] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 944.690345][T23439] RBP: 00007fc7f41486bc R08: 00007fc7f4148040 R09: 0000000020000080 10:15:05 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000002520000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:05 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000004020063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 944.698316][T23439] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 944.706354][T23439] R13: 000000000000000e R14: 00007fc7f4148000 R15: 0000000020000340 [ 944.732984][T23445] loop5: detected capacity change from 0 to 16949 [ 944.741293][T23445] EXT4-fs (loop5): bad geometry: first data block 82 is beyond end of filesystem (64) 10:15:05 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 53) 10:15:05 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000030063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 944.755793][T23429] loop2: detected capacity change from 0 to 1 [ 944.840633][T23450] FAULT_INJECTION: forcing a failure. [ 944.840633][T23450] name failslab, interval 1, probability 0, space 0, times 0 [ 944.853370][T23450] CPU: 0 PID: 23450 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 944.862196][T23450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 944.872760][T23450] Call Trace: [ 944.876109][T23450] dump_stack_lvl+0xd6/0x122 [ 944.880693][T23450] dump_stack+0x11/0x1b [ 944.884856][T23450] should_fail+0x23c/0x250 [ 944.889261][T23450] __should_failslab+0x81/0x90 [ 944.894023][T23450] should_failslab+0x5/0x20 [ 944.898531][T23450] kmem_cache_alloc_node_trace+0x61/0x2e0 [ 944.904619][T23450] ? __kmalloc_node_track_caller+0x30/0x40 [ 944.910425][T23450] __kmalloc_node_track_caller+0x30/0x40 [ 944.916116][T23450] ? alloc_uevent_skb+0x5b/0x120 [ 944.921123][T23450] __alloc_skb+0x187/0x420 [ 944.925544][T23450] alloc_uevent_skb+0x5b/0x120 [ 944.930312][T23450] kobject_uevent_env+0x863/0xc40 [ 944.935340][T23450] ? _raw_spin_unlock_irqrestore+0x27/0x40 [ 944.941150][T23450] ? __wake_up+0x8d/0xc0 [ 944.945450][T23450] disk_force_media_change+0xe3/0x170 [ 944.950877][T23450] __loop_clr_fd+0x68f/0x850 [ 944.955469][T23450] lo_ioctl+0xac5/0x13e0 [ 944.959715][T23450] ? search_extable+0x50/0x80 [ 944.964384][T23450] ? strncpy_from_user+0x1b4/0x250 [ 944.969560][T23450] ? strncpy_from_user+0x1b4/0x250 [ 944.974704][T23450] ? ex_handler_uaccess+0x30/0x70 [ 944.979725][T23450] ? fixup_exception+0x4c/0x70 [ 944.984576][T23450] ? kernelmode_fixup_or_oops+0x187/0x1d0 [ 944.990291][T23450] ? avc_has_extended_perms+0x67d/0x8a0 [ 944.995885][T23450] ? blkdev_common_ioctl+0x438/0x1110 [ 945.001326][T23450] ? selinux_file_ioctl+0x981/0xa10 [ 945.006528][T23450] ? lo_release+0x120/0x120 [ 945.011111][T23450] blkdev_ioctl+0x1d0/0x3f0 [ 945.015633][T23450] block_ioctl+0x6e/0x80 [ 945.019867][T23450] ? blkdev_iopoll+0x80/0x80 [ 945.024470][T23450] __se_sys_ioctl+0xcb/0x140 [ 945.029061][T23450] __x64_sys_ioctl+0x3f/0x50 [ 945.033706][T23450] do_syscall_64+0x44/0xa0 [ 945.038194][T23450] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 945.044126][T23450] RIP: 0033:0x7fc7f63f27f7 [ 945.048550][T23450] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 945.068220][T23450] RSP: 002b:00007fc7f4168fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 945.076631][T23450] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f27f7 [ 945.084644][T23450] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 945.092652][T23450] RBP: 00007fc7f41696bc R08: 00007fc7f4169040 R09: 0000000020000080 [ 945.100694][T23450] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 945.108735][T23450] R13: 000000000000000e R14: 00007fc7f4169000 R15: 0000000020000340 10:15:05 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0xffffff7f, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:05 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000002530000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:05 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000080030063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:05 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000700000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:05 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 54) 10:15:05 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff070000000c000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:05 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000002040063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 945.234437][T23458] loop5: detected capacity change from 0 to 16949 [ 945.242315][T23457] loop2: detected capacity change from 0 to 1 10:15:05 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000006040063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 945.281581][T23458] EXT4-fs (loop5): bad geometry: first data block 83 is beyond end of filesystem (64) [ 945.300730][T23462] FAULT_INJECTION: forcing a failure. [ 945.300730][T23462] name failslab, interval 1, probability 0, space 0, times 0 [ 945.313387][T23462] CPU: 1 PID: 23462 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 945.322176][T23462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 945.332234][T23462] Call Trace: [ 945.335538][T23462] dump_stack_lvl+0xd6/0x122 [ 945.340271][T23462] dump_stack+0x11/0x1b [ 945.344433][T23462] should_fail+0x23c/0x250 [ 945.348855][T23462] ? skb_clone+0x12c/0x1f0 [ 945.353272][T23462] __should_failslab+0x81/0x90 [ 945.358031][T23462] should_failslab+0x5/0x20 [ 945.362550][T23462] kmem_cache_alloc+0x4f/0x300 [ 945.367306][T23462] skb_clone+0x12c/0x1f0 [ 945.371582][T23462] netlink_broadcast_filtered+0x4fd/0xb60 [ 945.377305][T23462] ? skb_put+0xb9/0xf0 [ 945.381372][T23462] netlink_broadcast+0x35/0x50 [ 945.386217][T23462] kobject_uevent_env+0x8c9/0xc40 [ 945.391331][T23462] ? _raw_spin_unlock_irqrestore+0x27/0x40 [ 945.397207][T23462] ? __wake_up+0x8d/0xc0 [ 945.401511][T23462] disk_force_media_change+0xe3/0x170 [ 945.406965][T23462] __loop_clr_fd+0x68f/0x850 [ 945.411768][T23462] lo_ioctl+0xac5/0x13e0 [ 945.416013][T23462] ? search_extable+0x50/0x80 [ 945.420770][T23462] ? strncpy_from_user+0x1b4/0x250 [ 945.425906][T23462] ? strncpy_from_user+0x1b4/0x250 [ 945.431110][T23462] ? ex_handler_uaccess+0x30/0x70 [ 945.436136][T23462] ? fixup_exception+0x4c/0x70 [ 945.440891][T23462] ? kernelmode_fixup_or_oops+0x187/0x1d0 [ 945.446673][T23462] ? avc_has_extended_perms+0x67d/0x8a0 [ 945.452246][T23462] ? blkdev_common_ioctl+0x438/0x1110 [ 945.457619][T23462] ? selinux_file_ioctl+0x981/0xa10 [ 945.462889][T23462] ? lo_release+0x120/0x120 [ 945.467591][T23462] blkdev_ioctl+0x1d0/0x3f0 [ 945.472090][T23462] block_ioctl+0x6e/0x80 [ 945.476322][T23462] ? blkdev_iopoll+0x80/0x80 [ 945.480967][T23462] __se_sys_ioctl+0xcb/0x140 [ 945.485561][T23462] __x64_sys_ioctl+0x3f/0x50 [ 945.490151][T23462] do_syscall_64+0x44/0xa0 [ 945.494614][T23462] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 945.500527][T23462] RIP: 0033:0x7fc7f63f27f7 [ 945.504934][T23462] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 10:15:06 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000050063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:06 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000004060063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 945.525043][T23462] RSP: 002b:00007fc7f4168fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 945.533485][T23462] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00007fc7f63f27f7 [ 945.541455][T23462] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 945.549429][T23462] RBP: 00007fc7f41696bc R08: 00007fc7f4169040 R09: 0000000020000080 [ 945.557399][T23462] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 945.565389][T23462] R13: 000000000000000e R14: 00007fc7f4169000 R15: 0000000020000340 10:15:06 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000180063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:06 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000600000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 945.626336][T23457] loop2: detected capacity change from 0 to 1 [ 945.656585][T23480] loop5: detected capacity change from 0 to 16949 [ 945.673995][T23480] EXT4-fs (loop5): bad geometry: first data block 96 is beyond end of filesystem (64) 10:15:06 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 55) 10:15:06 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000200063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:06 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000900000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:06 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00001b600000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:06 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x2, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:06 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000010000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:06 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000260063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:06 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000003f0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 946.122457][T23491] loop5: detected capacity change from 0 to 16949 [ 946.131145][T23492] loop2: detected capacity change from 0 to 1 [ 946.147439][T23491] EXT4-fs (loop5): bad geometry: first data block 96 is beyond end of filesystem (64) [ 946.210751][T23494] FAULT_INJECTION: forcing a failure. [ 946.210751][T23494] name failslab, interval 1, probability 0, space 0, times 0 [ 946.223399][T23494] CPU: 0 PID: 23494 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 946.232218][T23494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 946.242521][T23494] Call Trace: [ 946.245797][T23494] dump_stack_lvl+0xd6/0x122 [ 946.250389][T23494] dump_stack+0x11/0x1b [ 946.254699][T23494] should_fail+0x23c/0x250 [ 946.259135][T23494] ? inotify_handle_inode_event+0x10b/0x2e0 [ 946.265137][T23494] __should_failslab+0x81/0x90 [ 946.269973][T23494] should_failslab+0x5/0x20 [ 946.274547][T23494] __kmalloc+0x6f/0x350 [ 946.278749][T23494] inotify_handle_inode_event+0x10b/0x2e0 [ 946.284548][T23494] ? tsan.module_ctor+0x10/0x10 [ 946.289403][T23494] fsnotify+0x1050/0x11a0 [ 946.293722][T23494] __fsnotify_parent+0x304/0x440 [ 946.298659][T23494] __fput+0x1d7/0x520 [ 946.302644][T23494] ____fput+0x11/0x20 [ 946.306713][T23494] task_work_run+0xae/0x130 10:15:06 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000400063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:06 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000730063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 946.311218][T23494] exit_to_user_mode_prepare+0x156/0x190 [ 946.316902][T23494] syscall_exit_to_user_mode+0x20/0x40 [ 946.322368][T23494] do_syscall_64+0x50/0xa0 [ 946.326793][T23494] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 946.332797][T23494] RIP: 0033:0x7fc7f63a567b [ 946.337283][T23494] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44 [ 946.356975][T23494] RSP: 002b:00007fc7f4168f90 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 946.365707][T23494] RAX: 0000000000000000 RBX: 0000000020000300 RCX: 00007fc7f63a567b [ 946.373687][T23494] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 946.381670][T23494] RBP: 00007fc7f41696bc R08: 0000000000000000 R09: 0000000020000080 [ 946.389653][T23494] R10: 0000000000000000 R11: 0000000000000293 R12: ffffffffffffffff [ 946.397715][T23494] R13: 000000000000000e R14: 00007fc7f4169000 R15: 0000000020000340 10:15:07 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000001610000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:07 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000007e0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 946.410232][T23492] loop2: detected capacity change from 0 to 1 10:15:07 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) (fail_nth: 56) [ 946.450896][T23506] loop5: detected capacity change from 0 to 16949 10:15:07 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000003800063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:07 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000a00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 946.496701][T23506] EXT4-fs (loop5): bad geometry: first data block 97 is beyond end of filesystem (64) [ 946.580758][T23510] FAULT_INJECTION: forcing a failure. [ 946.580758][T23510] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 946.594020][T23510] CPU: 0 PID: 23510 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 946.602852][T23510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 946.612906][T23510] Call Trace: [ 946.616177][T23510] dump_stack_lvl+0xd6/0x122 [ 946.620773][T23510] dump_stack+0x11/0x1b [ 946.624931][T23510] should_fail+0x23c/0x250 [ 946.629434][T23510] should_fail_usercopy+0x16/0x20 [ 946.634463][T23510] _copy_to_user+0x1c/0x90 [ 946.638882][T23510] simple_read_from_buffer+0xab/0x120 [ 946.644351][T23510] proc_fail_nth_read+0x10d/0x150 [ 946.649376][T23510] ? proc_fault_inject_write+0x230/0x230 [ 946.655018][T23510] vfs_read+0x1e6/0x750 [ 946.659201][T23510] ? __fput+0x47a/0x520 [ 946.663365][T23510] ? __fget_light+0x21b/0x260 [ 946.668036][T23510] ? __cond_resched+0x11/0x40 [ 946.672903][T23510] ksys_read+0xd9/0x190 [ 946.677086][T23510] __x64_sys_read+0x3e/0x50 [ 946.681584][T23510] do_syscall_64+0x44/0xa0 [ 946.686008][T23510] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 946.692069][T23510] RIP: 0033:0x7fc7f63a55ec [ 946.696487][T23510] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 946.716149][T23510] RSP: 002b:00007fc7f4169170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 946.724562][T23510] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007fc7f63a55ec [ 946.732560][T23510] RDX: 000000000000000f RSI: 00007fc7f41691e0 RDI: 0000000000000004 [ 946.740562][T23510] RBP: 00007fc7f41691d0 R08: 0000000000000000 R09: 0000000020000080 [ 946.748532][T23510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 946.756582][T23510] R13: 00007ffda184ca7f R14: 00007fc7f4169300 R15: 0000000000022000 [ 946.767043][T23506] loop5: detected capacity change from 0 to 16949 [ 946.787243][T23515] loop2: detected capacity change from 0 to 1 [ 946.873805][T23515] loop2: detected capacity change from 0 to 1 10:15:07 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x3, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:07 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000fffe0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:07 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:07 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000680000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:07 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000026000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:07 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000b00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:07 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000feff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 946.980244][T23523] loop5: detected capacity change from 0 to 16949 [ 946.997376][T23523] EXT4-fs (loop5): bad geometry: first data block 104 is beyond end of filesystem (64) 10:15:07 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000020063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:07 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000016a0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 947.026226][T23529] loop2: detected capacity change from 0 to 1 10:15:07 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x2, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:07 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000030063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:07 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000040063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 947.089978][T23536] loop5: detected capacity change from 0 to 16949 [ 947.103307][T23529] loop2: detected capacity change from 0 to 1 [ 947.112643][T23536] EXT4-fs (loop5): bad geometry: first data block 106 is beyond end of filesystem (64) 10:15:08 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x4, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:08 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000c00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:08 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000050063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:08 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000026a0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:08 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x3, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:08 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff070000003f000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:08 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000080063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:08 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000180063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 947.841760][T23550] loop2: detected capacity change from 0 to 1 [ 947.855806][T23555] loop5: detected capacity change from 0 to 16949 [ 947.871708][T23555] EXT4-fs (loop5): bad geometry: first data block 106 is beyond end of filesystem (64) 10:15:08 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000260063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:08 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000016b0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:08 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000730063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:08 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000d00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 947.941956][T23550] loop2: detected capacity change from 0 to 1 [ 947.966030][T23567] loop5: detected capacity change from 0 to 16949 [ 947.979700][T23567] EXT4-fs (loop5): bad geometry: first data block 107 is beyond end of filesystem (64) [ 948.041143][T23574] loop2: detected capacity change from 0 to 1 [ 948.113237][T23574] loop2: detected capacity change from 0 to 1 10:15:09 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x7, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:09 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000007e0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:09 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000026b0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:09 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x4, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:09 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000e00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:09 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000040000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:09 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000fe0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 948.724631][T23578] loop5: detected capacity change from 0 to 16949 [ 948.732978][T23582] loop2: detected capacity change from 0 to 1 [ 948.746828][T23578] EXT4-fs (loop5): bad geometry: first data block 107 is beyond end of filesystem (64) 10:15:09 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000040263000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:09 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000363000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:09 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000006c0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 948.828790][T23582] loop2: detected capacity change from 0 to 1 [ 948.862273][T23600] loop5: detected capacity change from 0 to 16949 10:15:09 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000800363000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:09 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000020463000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 948.869944][T23600] EXT4-fs (loop5): bad geometry: first data block 108 is beyond end of filesystem (64) 10:15:10 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x8, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:10 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x5, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:10 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac930e00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:10 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000060463000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:10 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000026c0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:10 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000071000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:10 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000563000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 949.623370][T23614] loop5: detected capacity change from 0 to 16949 [ 949.630302][T23615] loop2: detected capacity change from 0 to 1 [ 949.642107][T23614] EXT4-fs (loop5): bad geometry: first data block 108 is beyond end of filesystem (64) 10:15:10 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000040663000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:10 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000026d0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:10 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000001863000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:10 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000002063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 949.760040][T23625] loop5: detected capacity change from 0 to 16949 [ 949.773161][T23615] loop2: detected capacity change from 0 to 1 [ 949.786846][T23625] EXT4-fs (loop5): bad geometry: first data block 109 is beyond end of filesystem (64) 10:15:10 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x6, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:11 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x10, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:11 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000002663000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:11 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000740000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:11 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac940e00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:11 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x7, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:11 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff070000007e000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:11 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000003f63000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:11 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000004063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 950.498399][T23646] loop2: detected capacity change from 0 to 1 [ 950.505136][T23638] loop5: detected capacity change from 0 to 16949 [ 950.529605][T23638] EXT4-fs (loop5): bad geometry: first data block 116 is beyond end of filesystem (64) 10:15:11 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000007363000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:11 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000007a0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 950.571764][T23646] loop2: detected capacity change from 0 to 1 10:15:11 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000007e63000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:11 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x8, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 950.649989][T23660] loop5: detected capacity change from 0 to 16949 [ 950.667168][T23660] EXT4-fs (loop5): bad geometry: first data block 122 is beyond end of filesystem (64) 10:15:11 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x300, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:11 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac950e00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:11 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000038063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:11 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000fffffff850000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:11 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x9, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:11 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700f0ff7f000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:11 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000fffe63000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:12 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000feff63000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 951.383050][T23678] loop2: detected capacity change from 0 to 1 [ 951.390876][T23671] loop5: detected capacity change from 0 to 16949 [ 951.412198][T23671] EXT4-fs (loop5): bad geometry: first data block 133 is beyond end of filesystem (64) 10:15:12 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000263000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:12 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000fffffff8c0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 951.481392][T23678] loop2: detected capacity change from 0 to 1 10:15:12 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000363000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:12 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000463000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 951.545961][T23690] loop5: detected capacity change from 0 to 16949 [ 951.577638][T23690] EXT4-fs (loop5): bad geometry: first data block 140 is beyond end of filesystem (64) 10:15:12 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac960e00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:12 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xa, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:12 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x700, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:12 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000563000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:12 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000001920000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:12 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff07fffffdef000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:12 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000863000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:12 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000001863000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 952.266663][T23703] loop5: detected capacity change from 0 to 16949 [ 952.274717][T23705] loop2: detected capacity change from 0 to 1 [ 952.299783][T23703] EXT4-fs (loop5): bad geometry: first data block 146 is beyond end of filesystem (64) 10:15:12 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000002663000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:12 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000007363000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:13 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000001930000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 952.382551][T23705] loop2: detected capacity change from 0 to 1 10:15:13 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000007e63000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:13 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac970e00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:13 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xb, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 952.450172][T23720] loop5: detected capacity change from 0 to 16949 [ 952.463076][T23720] EXT4-fs (loop5): bad geometry: first data block 147 is beyond end of filesystem (64) [ 952.512498][T23727] loop2: detected capacity change from 0 to 1 [ 952.602824][T23727] loop2: detected capacity change from 0 to 1 10:15:13 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0xec0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:13 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000fe63000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:13 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000001940000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:13 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xc, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:13 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac980e00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:13 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff07fffffffe000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:13 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000600000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:13 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000700000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 953.144864][T23732] loop5: detected capacity change from 0 to 16949 [ 953.154518][T23737] loop2: detected capacity change from 0 to 1 [ 953.184258][T23732] EXT4-fs (loop5): bad geometry: first data block 148 is beyond end of filesystem (64) 10:15:13 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063020800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:13 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000002940000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 953.242427][T23737] loop2: detected capacity change from 0 to 1 [ 953.279419][T23752] loop5: detected capacity change from 0 to 16949 10:15:13 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063030800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:13 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000f00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 953.311330][T23752] EXT4-fs (loop5): bad geometry: first data block 148 is beyond end of filesystem (64) [ 953.427130][T23756] loop2: detected capacity change from 0 to 1 [ 953.522439][T23756] loop2: detected capacity change from 0 to 1 10:15:14 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xd, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:14 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063040800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:14 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x2000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:14 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac001100000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:14 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000001950000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:14 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff07effdffff000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:14 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063050800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 954.036162][T23762] loop5: detected capacity change from 0 to 16949 [ 954.044471][T23767] loop2: detected capacity change from 0 to 1 [ 954.071536][T23762] EXT4-fs (loop5): bad geometry: first data block 149 is beyond end of filesystem (64) 10:15:14 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063080800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:14 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063180800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:14 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000002950000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 954.140996][T23767] loop2: detected capacity change from 0 to 1 10:15:14 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063260800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:14 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acd21100000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:14 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xe, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 954.201564][T23782] loop5: detected capacity change from 0 to 16949 [ 954.237530][T23782] EXT4-fs (loop5): bad geometry: first data block 149 is beyond end of filesystem (64) 10:15:14 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063730800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 954.307095][T23790] loop2: detected capacity change from 0 to 1 [ 954.422846][T23790] loop2: detected capacity change from 0 to 1 10:15:15 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x4000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:15 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000029e0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:15 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000637e0800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:15 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x10, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:15 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac001200000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:15 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff07feffffff000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:15 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063fe0800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:15 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063002000000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 954.934854][T23799] loop2: detected capacity change from 0 to 1 [ 954.952176][T23806] loop5: detected capacity change from 0 to 16949 [ 954.964532][T23806] EXT4-fs (loop5): bad geometry: first data block 158 is beyond end of filesystem (64) 10:15:15 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000001ac0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:15 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000600000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:15 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000700000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 955.052191][T23799] loop2: detected capacity change from 0 to 1 [ 955.067785][T23816] loop5: detected capacity change from 0 to 16949 [ 955.085641][T23816] EXT4-fs (loop5): bad geometry: first data block 172 is beyond end of filesystem (64) 10:15:15 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac001c00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 955.165302][T23822] loop2: detected capacity change from 0 to 1 [ 955.262397][T23822] loop2: detected capacity change from 0 to 1 10:15:16 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x8ec0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:16 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x11, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:16 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000804000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:16 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000001ad0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:16 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac002000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:16 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700020000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:16 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000014000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:16 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000802000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 955.801416][T23830] loop2: detected capacity change from 0 to 1 [ 955.817990][T23828] loop5: detected capacity change from 0 to 16949 [ 955.833462][T23828] EXT4-fs (loop5): bad geometry: first data block 173 is beyond end of filesystem (64) 10:15:16 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000001b20000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:16 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000803000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 955.872349][T23830] loop2: detected capacity change from 0 to 1 10:15:16 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000804000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:16 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x12, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 955.926972][T23844] loop5: detected capacity change from 0 to 16949 [ 955.935226][T23844] EXT4-fs (loop5): bad geometry: first data block 178 is beyond end of filesystem (64) 10:15:17 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0xc00e, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:17 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000805000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:17 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac002200000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:17 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000001c00000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:17 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x48, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:17 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700030000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:17 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000808000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:17 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000818000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 956.678082][T23864] loop5: detected capacity change from 0 to 16949 [ 956.687469][T23867] loop2: detected capacity change from 0 to 1 [ 956.694144][T23864] EXT4-fs (loop5): bad geometry: first data block 192 is beyond end of filesystem (64) 10:15:17 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000edc00000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:17 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000826000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:17 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000873000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 956.781766][T23867] loop2: detected capacity change from 0 to 1 [ 956.793196][T23876] loop5: detected capacity change from 0 to 16949 [ 956.814417][T23876] EXT4-fs (loop5): bad geometry: first data block 192 is beyond end of filesystem (64) 10:15:17 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x4c, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:18 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0xc08e, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:18 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300087e000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:18 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac002500000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:18 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000003ce0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:18 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x68, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:18 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700040000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:18 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008fe000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 957.537677][T23890] loop2: detected capacity change from 0 to 1 [ 957.549003][T23896] loop5: detected capacity change from 0 to 16949 [ 957.576669][T23896] EXT4-fs (loop5): bad geometry: first data block 206 is beyond end of filesystem (64) 10:15:18 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000804020000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:18 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000fffffffda0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:18 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x6c, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:18 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800030000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 957.634710][T23890] loop2: detected capacity change from 0 to 1 [ 957.671271][T23908] loop5: detected capacity change from 0 to 16949 10:15:18 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac002600000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 957.692998][T23908] EXT4-fs (loop5): bad geometry: first data block 218 is beyond end of filesystem (64) [ 957.792710][T23916] loop2: detected capacity change from 0 to 1 [ 957.891185][T23916] loop2: detected capacity change from 0 to 1 10:15:19 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x40000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:19 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000880030000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:19 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000fffffffe20000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:19 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x74, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:19 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac002e00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:19 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700050000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:19 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000802040000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:19 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000806040000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 958.430830][T23921] loop2: detected capacity change from 0 to 1 [ 958.440179][T23923] loop5: detected capacity change from 0 to 16949 [ 958.467023][T23923] EXT4-fs (loop5): bad geometry: first data block 226 is beyond end of filesystem (64) 10:15:19 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800050000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:19 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ffffffff00000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 958.522499][T23921] loop2: detected capacity change from 0 to 1 10:15:19 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000804060000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:19 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac003f00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 958.570726][T23942] loop5: detected capacity change from 0 to 16949 [ 958.591658][T23942] EXT4-fs (loop5): bad geometry: first data block 240 is beyond end of filesystem (64) [ 958.679097][T23946] loop2: detected capacity change from 0 to 1 [ 958.772876][T23946] loop2: detected capacity change from 0 to 1 10:15:19 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x7a, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:19 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800180000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:19 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ffffffff60000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:19 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x200000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:19 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac004000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:19 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700060000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:19 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800200000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:19 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800260000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 959.313261][T23949] loop2: detected capacity change from 0 to 1 [ 959.325478][T23957] loop5: detected capacity change from 0 to 16949 [ 959.351616][T23957] EXT4-fs (loop5): bad geometry: first data block 246 is beyond end of filesystem (64) 10:15:20 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000001f80000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:20 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008003f0000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:20 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800400000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 959.422461][T23949] loop2: detected capacity change from 0 to 1 [ 959.454347][T23970] loop5: detected capacity change from 0 to 16949 10:15:20 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xfe, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:20 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800730000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:20 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac004800000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 959.487394][T23970] EXT4-fs (loop5): bad geometry: first data block 248 is beyond end of filesystem (64) [ 959.606243][T23980] loop2: detected capacity change from 0 to 1 [ 959.702495][T23980] loop2: detected capacity change from 0 to 1 10:15:20 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x1000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:20 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ffffffdf90000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:20 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008007e0000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:20 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x17b, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:20 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac004a00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:20 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700080000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:20 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000803800000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:20 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008fffe0000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 960.208769][T23987] loop2: detected capacity change from 0 to 1 [ 960.214637][T23991] loop5: detected capacity change from 0 to 16949 [ 960.235989][T23991] EXT4-fs (loop5): bad geometry: first data block 249 is beyond end of filesystem (64) 10:15:20 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ffffffffb0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:20 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008feff0000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 960.322004][T23987] loop2: detected capacity change from 0 to 1 [ 960.329128][T24002] loop5: detected capacity change from 0 to 16949 10:15:20 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac004c00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 960.371635][T24002] EXT4-fs (loop5): bad geometry: first data block 251 is beyond end of filesystem (64) 10:15:21 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x1a1, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 960.415369][T24006] loop2: detected capacity change from 0 to 1 [ 960.491746][T24006] loop2: detected capacity change from 0 to 1 10:15:21 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x2000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:21 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000800000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:21 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ffffffdfd0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:21 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x204, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:21 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac006000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:21 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff07000c0000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:21 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000840000800000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 961.094218][T24020] loop5: detected capacity change from 0 to 16949 [ 961.096801][T24021] loop2: detected capacity change from 0 to 1 [ 961.126886][T24020] EXT4-fs (loop5): bad geometry: first data block 253 is beyond end of filesystem (64) 10:15:21 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800002000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:21 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ffffffffe0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 961.160507][T24027] loop3: detected capacity change from 0 to 1 [ 961.192183][T24021] loop2: detected capacity change from 0 to 1 10:15:21 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000001000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:21 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac006800000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 961.213340][T24032] loop5: detected capacity change from 0 to 16949 [ 961.213559][T24027] loop3: detected capacity change from 0 to 1 [ 961.226089][T24032] EXT4-fs (loop5): bad geometry: first data block 254 is beyond end of filesystem (64) 10:15:21 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000002000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 961.297061][T24038] loop2: detected capacity change from 0 to 1 [ 961.431951][T24038] loop2: detected capacity change from 0 to 1 10:15:22 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x3000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:22 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x300, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:22 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000402000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:22 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00000fff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:22 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac006c00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:22 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700100000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:22 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000003000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 961.973184][T24045] loop2: detected capacity change from 0 to 1 [ 961.981097][T24043] loop5: detected capacity change from 0 to 16949 [ 962.002015][T24043] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) 10:15:22 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000004000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:22 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000fffffefff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 962.038293][T24055] loop3: detected capacity change from 0 to 1 10:15:22 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000005000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 962.085032][T24045] loop2: detected capacity change from 0 to 1 [ 962.097391][T24060] loop5: detected capacity change from 0 to 16949 [ 962.110073][T24061] loop3: detected capacity change from 0 to 1 10:15:22 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000406000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 962.129668][T24060] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) 10:15:22 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000008000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:23 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x4000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:23 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ffffffbff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:23 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac007400000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:23 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x402, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:23 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000018000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:23 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700260000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:23 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000026000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:23 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000003f000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 962.870911][T24072] loop2: detected capacity change from 0 to 1 [ 962.871167][T24073] loop5: detected capacity change from 0 to 16949 [ 962.886524][T24075] loop3: detected capacity change from 0 to 2 [ 962.903889][T24073] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) 10:15:23 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0003ffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:23 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000040000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:23 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800080040000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 962.982702][T24089] loop3: detected capacity change from 0 to 2 [ 962.989536][T24072] loop2: detected capacity change from 0 to 1 [ 963.002859][T24092] loop5: detected capacity change from 0 to 16949 [ 963.018952][T24092] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) 10:15:23 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000073000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:24 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x7000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:24 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac007a00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:24 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x406, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:24 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f001fffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:24 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000007e000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:24 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700710000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:24 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000380000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:24 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008fffffff6000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 963.732222][T24110] loop2: detected capacity change from 0 to 1 [ 963.749223][T24106] loop5: detected capacity change from 0 to 16949 [ 963.763176][T24106] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) 10:15:24 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008fffffffe000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:24 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00e0ffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 963.798774][T24117] loop3: detected capacity change from 0 to 2 [ 963.811749][T24110] loop2: detected capacity change from 0 to 1 10:15:24 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008f6ffffff000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:24 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac017b00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 963.875584][T24123] loop5: detected capacity change from 0 to 16949 [ 963.876598][T24117] loop3: detected capacity change from 0 to 2 [ 963.889882][T24123] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) [ 963.979440][T24127] loop2: detected capacity change from 0 to 1 [ 964.119535][T24127] loop2: detected capacity change from 0 to 1 10:15:25 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x8000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:25 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008feffffff000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:25 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000fffefffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:25 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x500, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:25 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac008900000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:25 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff07007e0000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:25 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000034000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 964.589617][T24132] loop5: detected capacity change from 0 to 16949 [ 964.602600][T24136] loop2: detected capacity change from 0 to 1 10:15:25 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000044000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:25 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ffffbffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:25 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000064000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 964.632303][T24132] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) [ 964.665664][T24144] loop3: detected capacity change from 0 to 2 [ 964.675678][T24136] loop2: detected capacity change from 0 to 1 10:15:25 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac009000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:25 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000074000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 964.709353][T24144] loop3: detected capacity change from 0 to 2 [ 964.724583][T24149] loop5: detected capacity change from 0 to 16949 [ 964.747559][T24149] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) [ 964.769512][T24153] loop2: detected capacity change from 0 to 1 10:15:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800020000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:26 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x600, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:26 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ff9fdffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:26 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac039000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:26 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x10000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:26 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700040200000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800030000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800040000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 965.486987][T24166] loop5: detected capacity change from 0 to 16949 [ 965.497652][T24168] loop2: detected capacity change from 0 to 1 [ 965.510131][T24167] loop3: detected capacity change from 0 to 3 [ 965.517156][T24166] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) 10:15:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800050000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:26 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ffdfdffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 965.577272][T24173] loop3: detected capacity change from 0 to 3 [ 965.585126][T24168] loop2: detected capacity change from 0 to 1 10:15:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800080000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800180000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:26 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0e9300000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:26 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x604, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 965.619656][T24179] loop5: detected capacity change from 0 to 16949 [ 965.659161][T24179] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) 10:15:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800260000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 965.706446][T24184] loop2: detected capacity change from 0 to 1 [ 965.728286][T24187] loop3: detected capacity change from 0 to 3 [ 965.776549][T24191] loop3: detected capacity change from 0 to 3 [ 965.813017][T24184] loop2: detected capacity change from 0 to 1 10:15:26 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x40000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:26 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f7fffffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800730000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:26 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x700, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:26 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac029400000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:26 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000300000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008007e0000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800fe0000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 966.351076][T24202] loop2: detected capacity change from 0 to 1 [ 966.355161][T24204] loop5: detected capacity change from 0 to 16949 10:15:27 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800040200000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 966.408805][T24204] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) [ 966.421889][T24202] loop2: detected capacity change from 0 to 1 [ 966.426556][T24198] loop3: detected capacity change from 0 to 3 10:15:27 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000300000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:27 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f85ffffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:27 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0e9400000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 966.490082][T24214] loop3: detected capacity change from 0 to 3 [ 966.534663][T24219] loop5: detected capacity change from 0 to 16949 [ 966.535508][T24220] loop2: detected capacity change from 0 to 1 [ 966.547302][T24219] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) [ 966.641599][T24220] loop2: detected capacity change from 0 to 1 10:15:27 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0xc00e0000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:27 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x900, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:27 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800800300000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:27 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f8cffffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:27 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0e9500000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:27 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700020400000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:27 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800020400000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 967.224805][T24227] loop5: detected capacity change from 0 to 16949 [ 967.240838][T24232] loop2: detected capacity change from 0 to 1 [ 967.248070][T24227] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) 10:15:27 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800060400000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:27 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000fdaffffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 967.277689][T24235] loop3: detected capacity change from 0 to 4 10:15:27 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000500000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 967.338277][T24235] loop3: detected capacity change from 0 to 4 [ 967.346970][T24242] loop5: detected capacity change from 0 to 16949 [ 967.355123][T24232] loop2: detected capacity change from 0 to 1 [ 967.368841][T24242] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) 10:15:28 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000fe2ffffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:28 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800040600000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 967.438488][T24246] loop5: detected capacity change from 0 to 16949 [ 967.456791][T24246] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) 10:15:28 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0xc08e0000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:28 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xa00, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:28 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0e9600000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:28 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800001800000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:28 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ff0ffffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:28 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700060400000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:28 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800002000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:28 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800002600000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 968.118485][T24255] loop2: detected capacity change from 0 to 1 [ 968.127071][T24258] loop5: detected capacity change from 0 to 16949 [ 968.144836][T24259] loop3: detected capacity change from 0 to 5 [ 968.155812][T24258] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) 10:15:28 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800003f00000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:28 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ff6ffffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:28 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800004000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:28 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800007300000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 968.237071][T24271] loop5: detected capacity change from 0 to 16949 [ 968.246286][T24255] loop2: detected capacity change from 0 to 1 [ 968.255986][T24271] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) [ 968.265912][T24273] loop3: detected capacity change from 0 to 5 10:15:29 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0xffffff7f, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:29 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800007e00000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:29 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ffbffffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:29 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xb00, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:29 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0e9700000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:29 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000500000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:29 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800038000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 969.008796][T24282] loop2: detected capacity change from 0 to 1 [ 969.012218][T24284] loop5: detected capacity change from 0 to 16949 [ 969.038825][T24279] loop3: detected capacity change from 0 to 5 [ 969.045235][T24284] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) 10:15:29 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800fffe00000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:29 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800feff00000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 969.091661][T24282] loop2: detected capacity change from 0 to 1 10:15:29 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000ffeffffff0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:29 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0e9800000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 969.140826][T24296] loop3: detected capacity change from 0 to 5 [ 969.156041][T24298] loop5: detected capacity change from 0 to 16949 [ 969.177060][T24298] EXT4-fs (loop5): bad geometry: first data block 255 is beyond end of filesystem (64) 10:15:29 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000008000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 969.196875][T24302] loop2: detected capacity change from 0 to 1 10:15:30 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x4000000000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:30 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800400008000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:30 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xc00, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:30 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000300000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:30 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac01a100000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:30 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000600000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:30 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000020000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 969.895447][T24312] loop2: detected capacity change from 0 to 1 [ 969.903357][T24316] loop5: detected capacity change from 0 to 16949 [ 969.916005][T24316] EXT4-fs (loop5): bad block size 8192 10:15:30 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000010000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:30 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000400000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 969.947047][T24307] loop3: detected capacity change from 0 to 6 [ 969.983142][T24312] loop2: detected capacity change from 0 to 1 10:15:30 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000020000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:30 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac00c000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:30 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000004020000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 970.010279][T24324] loop5: detected capacity change from 0 to 16949 [ 970.021543][T24326] loop3: detected capacity change from 0 to 6 [ 970.027819][T24324] EXT4-fs (loop5): bad block size 16384 [ 970.138323][T24332] loop2: detected capacity change from 0 to 1 [ 970.241903][T24332] loop2: detected capacity change from 0 to 1 10:15:31 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x20000000000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:31 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xd00, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:31 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000030000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:31 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000500000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:31 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac11d200000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:31 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700040600000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:31 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000040000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 970.782962][T24339] loop2: detected capacity change from 0 to 1 [ 970.806771][T24342] loop5: detected capacity change from 0 to 16949 10:15:31 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000050000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 970.837617][T24342] EXT4-fs (loop5): bad block size 32768 [ 970.844298][T24350] loop3: detected capacity change from 0 to 6 10:15:31 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000600000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:31 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000004060000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 970.885346][T24339] loop2: detected capacity change from 0 to 1 [ 970.894008][T24354] loop3: detected capacity change from 0 to 6 10:15:31 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000080000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:31 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac00ec00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 970.928796][T24359] loop5: detected capacity change from 0 to 16949 [ 970.959535][T24359] EXT4-fs (loop5): bad block size 65536 [ 971.038778][T24363] loop2: detected capacity change from 0 to 1 [ 971.152105][T24363] loop2: detected capacity change from 0 to 1 10:15:32 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000180000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:32 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xe00, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:32 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000700000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:32 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x100000000000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:32 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac01f800000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:32 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000c00000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:32 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000260000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 971.688516][T24373] loop5: detected capacity change from 0 to 16949 [ 971.695474][T24374] loop2: detected capacity change from 0 to 1 [ 971.714935][T24373] EXT4-fs (loop5): Invalid log block size: 7 [ 971.727660][T24366] loop3: detected capacity change from 0 to 7 10:15:32 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000800000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:32 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008000000003f0000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:32 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000400000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 971.796105][T24381] loop3: detected capacity change from 0 to 7 [ 971.807836][T24383] loop5: detected capacity change from 0 to 16949 [ 971.818103][T24374] loop2: detected capacity change from 0 to 1 [ 971.830820][T24383] EXT4-fs (loop5): Invalid log block size: 8 10:15:32 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000800400000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:32 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x1100, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:32 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000900000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:32 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0fff00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 971.913447][T24392] loop5: detected capacity change from 0 to 16949 [ 971.931274][T24392] EXT4-fs (loop5): Invalid log block size: 9 [ 971.941840][T24393] loop3: detected capacity change from 0 to 8 [ 972.004506][T24395] loop3: detected capacity change from 0 to 8 [ 972.036513][T24397] loop2: detected capacity change from 0 to 1 [ 972.091997][T24397] loop2: detected capacity change from 0 to 1 10:15:33 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x200000000000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:33 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000730000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:33 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000a00000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:33 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x1200, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:33 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000004000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:33 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700081000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:33 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008000000007e0000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:33 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000003800000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 972.573733][T24404] loop2: detected capacity change from 0 to 1 [ 972.589218][T24408] loop5: detected capacity change from 0 to 16949 10:15:33 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800fffffff60000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 972.624756][T24401] loop3: detected capacity change from 0 to 9 [ 972.632024][T24408] EXT4-fs (loop5): Invalid log block size: 10 [ 972.641546][T24404] loop2: p1 p2 p3 p4 [ 972.645722][T24404] loop2: p1 start 10 is beyond EOD, truncated [ 972.651820][T24404] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 972.668476][T24404] loop2: p3 start 225 is beyond EOD, truncated [ 972.674690][T24404] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 972.685686][T24419] loop3: detected capacity change from 0 to 9 10:15:33 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000b00000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:33 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800fffffffe0000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 972.724879][T24404] loop2: detected capacity change from 0 to 1 [ 972.741895][T24421] loop5: detected capacity change from 0 to 16949 [ 972.760931][ T380] loop2: p1 p2 p3 p4 [ 972.765136][ T380] loop2: p1 start 10 is beyond EOD, truncated 10:15:33 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800f6ffffff0000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 972.766199][T24421] EXT4-fs (loop5): Invalid log block size: 11 [ 972.771297][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 972.830330][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 972.836539][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 972.861414][T24404] loop2: p1 p2 p3 p4 [ 972.868136][T24404] loop2: p1 start 10 is beyond EOD, truncated [ 972.874268][T24404] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 972.881880][T24404] loop2: p3 start 225 is beyond EOD, truncated [ 972.888047][T24404] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:34 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x2000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:34 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000c00000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:34 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800feffffff0000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:34 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x300000000000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:34 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000008000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:34 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700002000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:34 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000200000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 973.460956][T24434] loop2: detected capacity change from 0 to 1 [ 973.467603][T24435] loop5: detected capacity change from 0 to 16949 [ 973.487619][T24436] loop3: detected capacity change from 0 to 16 10:15:34 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000300000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 973.510769][T24434] loop2: p1 p2 p3 p4 [ 973.511622][T24435] EXT4-fs (loop5): Invalid log block size: 12 [ 973.514989][T24434] loop2: p1 start 10 is beyond EOD, truncated [ 973.527025][T24434] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 973.540773][T24434] loop2: p3 start 225 is beyond EOD, truncated [ 973.546972][T24434] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:34 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000400000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 973.577433][T24445] loop3: detected capacity change from 0 to 16 [ 973.602650][T24434] loop2: detected capacity change from 0 to 1 10:15:34 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000d00000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:34 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000500000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:34 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x3f00, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 973.630770][ T380] loop2: p1 p2 p3 p4 [ 973.635715][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 973.641877][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 973.655890][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 973.662105][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 973.674081][T24449] loop5: detected capacity change from 0 to 16949 [ 973.691937][T24434] loop2: p1 p2 p3 p4 [ 973.695062][T24449] EXT4-fs (loop5): Invalid log block size: 13 [ 973.696069][T24434] loop2: p1 start 10 is beyond EOD, truncated [ 973.708245][T24434] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 973.722570][T24451] loop3: detected capacity change from 0 to 31 [ 973.731068][T24434] loop2: p3 start 225 is beyond EOD, truncated 10:15:34 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000800000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:34 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac400008000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 973.737333][T24434] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 973.800824][T24457] loop3: detected capacity change from 0 to 31 [ 973.826765][T24459] loop2: detected capacity change from 0 to 1 [ 973.871073][ T380] loop2: p1 p2 p3 p4 [ 973.875261][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 973.881342][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 973.891507][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 973.897672][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 973.911596][T24459] loop2: p1 p2 p3 p4 [ 973.915716][T24459] loop2: p1 start 10 is beyond EOD, truncated [ 973.921988][T24459] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 973.929740][T24459] loop2: p3 start 225 is beyond EOD, truncated [ 973.936037][T24459] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 974.001992][T24459] loop2: detected capacity change from 0 to 1 [ 974.050928][T24459] loop2: p1 p2 p3 p4 [ 974.055012][T24459] loop2: p1 start 10 is beyond EOD, truncated [ 974.061107][T24459] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 974.081128][T24459] loop2: p3 start 225 is beyond EOD, truncated [ 974.087336][T24459] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 974.161524][ T380] loop2: p1 p2 p3 p4 [ 974.165654][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 974.171787][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 974.179229][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 974.185455][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:34 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x400000000000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:34 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800001800000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:34 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000e00000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:34 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x4000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:34 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700002600000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:34 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000010000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:34 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800002600000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 974.342742][T24468] loop2: detected capacity change from 0 to 1 [ 974.346603][T24463] loop3: detected capacity change from 0 to 32 [ 974.357832][T24470] loop5: detected capacity change from 0 to 16949 [ 974.380162][T24470] EXT4-fs (loop5): Invalid log block size: 14 10:15:35 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000f00000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 974.410882][T24468] loop2: p1 p2 p3 p4 [ 974.417370][T24468] loop2: p1 start 10 is beyond EOD, truncated [ 974.423662][T24468] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:35 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800007300000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:35 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800007e00000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 974.463894][T24468] loop2: p3 start 225 is beyond EOD, truncated [ 974.466082][T24477] loop3: detected capacity change from 0 to 32 [ 974.470128][T24468] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 974.489600][T24479] loop5: detected capacity change from 0 to 16949 [ 974.505608][T24479] EXT4-fs (loop5): Invalid log block size: 15 10:15:35 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000fe00000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:35 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x4800, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 974.584199][T24468] loop2: detected capacity change from 0 to 1 [ 974.617570][T24487] loop3: detected capacity change from 0 to 36 [ 974.645191][ T380] loop2: p1 p2 p3 p4 [ 974.649307][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 974.655596][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 974.663349][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 974.669595][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 974.674850][T24489] loop3: detected capacity change from 0 to 36 [ 974.687045][T24468] loop2: p1 p2 p3 p4 [ 974.691477][T24468] loop2: p1 start 10 is beyond EOD, truncated [ 974.697608][T24468] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 974.705293][T24468] loop2: p3 start 225 is beyond EOD, truncated [ 974.711506][T24468] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 974.771406][ T380] loop2: p1 p2 p3 p4 [ 974.775814][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 974.781928][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 974.795308][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 974.801593][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:35 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x700000000000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:35 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000402000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:35 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000001000000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:35 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x4c00, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:35 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000020000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:35 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700003f00000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:35 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000003000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 975.226786][T24494] loop5: detected capacity change from 0 to 16949 [ 975.235102][T24498] loop2: detected capacity change from 0 to 1 [ 975.263192][T24494] EXT4-fs (loop5): Invalid log block size: 16 10:15:35 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800008003000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 975.286673][T24493] loop3: detected capacity change from 0 to 38 [ 975.310821][T24498] loop2: p1 p2 p3 p4 [ 975.314975][T24498] loop2: p1 start 10 is beyond EOD, truncated [ 975.321060][T24498] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:35 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000001100000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:35 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000204000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 975.350815][T24507] loop3: detected capacity change from 0 to 38 [ 975.351196][T24498] loop2: p3 start 225 is beyond EOD, truncated [ 975.363448][T24498] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 975.387568][T24511] loop5: detected capacity change from 0 to 16949 10:15:36 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000604000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:36 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x60ff, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 975.424581][T24511] EXT4-fs (loop5): Invalid log block size: 17 [ 975.445355][T24498] loop2: detected capacity change from 0 to 1 [ 975.501097][T24498] loop2: p1 p2 p3 p4 [ 975.505200][T24498] loop2: p1 start 10 is beyond EOD, truncated [ 975.511666][T24498] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 975.532510][T24498] loop2: p3 start 225 is beyond EOD, truncated [ 975.538714][T24498] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 975.538971][T24517] loop3: detected capacity change from 0 to 48 [ 975.601415][ T380] loop2: p1 p2 p3 p4 [ 975.605500][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 975.611598][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 975.619924][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 975.626145][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 975.645401][T24519] loop3: detected capacity change from 0 to 48 10:15:36 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x800000000000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:36 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000005000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:36 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000001200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:36 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000090000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:36 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x6800, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:36 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700004000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 976.098836][T24523] loop2: detected capacity change from 0 to 1 [ 976.111210][T24530] loop5: detected capacity change from 0 to 16949 [ 976.130571][T24530] EXT4-fs (loop5): Invalid log block size: 18 10:15:36 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000406000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 976.144946][T24529] loop3: detected capacity change from 0 to 52 10:15:36 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000018000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:36 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000001300000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 976.171321][T24523] loop2: p1 p2 p3 p4 [ 976.175474][T24523] loop2: p1 start 10 is beyond EOD, truncated [ 976.181632][T24523] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 976.200592][T24523] loop2: p3 start 225 is beyond EOD, truncated [ 976.206789][T24523] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:36 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000020000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:36 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000026000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 976.224207][T24540] loop5: detected capacity change from 0 to 16949 [ 976.234834][T24540] EXT4-fs (loop5): Invalid log block size: 19 [ 976.245901][T24541] loop3: detected capacity change from 0 to 52 [ 976.262806][T24523] loop2: detected capacity change from 0 to 1 10:15:36 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000001400000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 976.311304][ T380] loop2: p1 p2 p3 p4 [ 976.316688][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 976.322800][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 976.337401][T24547] loop5: detected capacity change from 0 to 16949 [ 976.338164][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 976.350028][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 976.353471][T24547] EXT4-fs (loop5): Invalid log block size: 20 [ 976.364900][ T380] loop2: p1 p2 p3 p4 [ 976.369012][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 976.375124][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 976.396484][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 976.402715][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 976.415030][T24523] loop2: p1 p2 p3 p4 [ 976.419097][T24523] loop2: p1 start 10 is beyond EOD, truncated [ 976.425186][T24523] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 976.433505][T24523] loop2: p3 start 225 is beyond EOD, truncated [ 976.439676][T24523] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 976.511449][ T380] loop2: p1 p2 p3 p4 [ 976.516253][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 976.522394][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 976.530214][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 976.536434][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:37 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x1000000000000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:37 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000003f000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:37 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x6c00, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:37 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000211a00000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:37 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0000c0000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:37 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700007100000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:37 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000040000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 977.006800][T24560] loop2: detected capacity change from 0 to 1 [ 977.006816][T24551] loop5: detected capacity change from 0 to 16949 [ 977.019626][T24551] EXT4-fs (loop5): Invalid log block size: 26 [ 977.036837][T24557] loop3: detected capacity change from 0 to 54 10:15:37 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000073000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 977.060830][T24560] loop2: p1 p2 p3 p4 [ 977.064922][T24560] loop2: p1 start 10 is beyond EOD, truncated [ 977.071018][T24560] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 977.097976][T24560] loop2: p3 start 225 is beyond EOD, truncated [ 977.104188][T24560] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:37 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000002000000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 977.115221][T24565] loop3: detected capacity change from 0 to 54 [ 977.138359][T24569] loop5: detected capacity change from 0 to 16949 10:15:37 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000007e000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 977.163469][T24560] loop2: detected capacity change from 0 to 1 [ 977.176478][T24569] EXT4-fs (loop5): Invalid log block size: 32 [ 977.200868][T24560] loop2: p1 p2 p3 p4 [ 977.206518][T24560] loop2: p1 start 10 is beyond EOD, truncated 10:15:37 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000380000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:37 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000002e00000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 977.212651][T24560] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 977.256971][T24560] loop2: p3 start 225 is beyond EOD, truncated [ 977.263177][T24560] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 977.273529][T24575] loop5: detected capacity change from 0 to 16949 [ 977.282616][T24575] EXT4-fs (loop5): Invalid log block size: 46 [ 977.320785][ T380] loop2: p1 p2 p3 p4 [ 977.324901][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 977.331008][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 977.338995][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 977.345176][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:38 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x4000000000000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:38 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x7400, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:38 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000fffe000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:38 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acffffe0000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:38 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000423300000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:38 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700007e00000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:38 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000feff000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 977.865381][T24583] loop2: detected capacity change from 0 to 1 [ 977.876676][T24585] loop5: detected capacity change from 0 to 16949 [ 977.900902][T24585] EXT4-fs (loop5): Invalid log block size: 51 10:15:38 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000080000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 977.916735][T24580] loop3: detected capacity change from 0 to 58 10:15:38 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800004000080000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:38 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000423500000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 977.979013][T24583] loop2: detected capacity change from 0 to 1 [ 977.995796][T24595] loop3: detected capacity change from 0 to 58 10:15:38 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000200000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:38 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000010063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 978.020242][T24599] loop5: detected capacity change from 0 to 16949 [ 978.062625][T24599] EXT4-fs (loop5): Invalid log block size: 53 [ 978.099110][T24603] loop2: detected capacity change from 0 to 1 [ 978.151064][T24603] loop2: p1 p2 p3 p4 [ 978.155188][T24603] loop2: p1 start 10 is beyond EOD, truncated [ 978.161291][T24603] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 978.180890][T24603] loop2: p3 start 225 is beyond EOD, truncated [ 978.187093][T24603] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 978.232959][T24603] loop2: detected capacity change from 0 to 1 [ 978.260877][T24603] loop2: p1 p2 p3 p4 [ 978.264989][T24603] loop2: p1 start 10 is beyond EOD, truncated [ 978.271076][T24603] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 978.286868][T24603] loop2: p3 start 225 is beyond EOD, truncated [ 978.293081][T24603] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 978.353146][ T380] loop2: p1 p2 p3 p4 [ 978.361726][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 978.367918][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 978.375367][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 978.381653][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:39 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x8000000000000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:39 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x7a00, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:39 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000100024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:39 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000003f00000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:39 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000020063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:39 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700088000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:39 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000200024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 978.756289][T24610] loop2: detected capacity change from 0 to 1 [ 978.777914][T24608] loop5: detected capacity change from 0 to 16949 [ 978.795301][T24608] EXT4-fs (loop5): Invalid log block size: 63 [ 978.802170][T24610] loop2: p1 p2 p3 p4 10:15:39 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000040200024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 978.809752][T24616] loop3: detected capacity change from 0 to 61 [ 978.810640][T24610] loop2: p1 start 10 is beyond EOD, truncated [ 978.822085][T24610] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:39 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00000000ffffffff00000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:39 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000300024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 978.859878][T24610] loop2: p3 start 225 is beyond EOD, truncated [ 978.866347][T24610] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 978.882659][T24623] loop3: detected capacity change from 0 to 61 [ 978.932703][T24627] loop5: detected capacity change from 0 to 16949 [ 978.941949][T24610] loop2: detected capacity change from 0 to 1 10:15:39 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000400024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 978.979596][T24627] EXT4-fs (loop5): Invalid log block size: 255 [ 978.989980][T24610] loop2: p1 p2 p3 p4 [ 978.994318][T24610] loop2: p1 start 10 is beyond EOD, truncated [ 979.000575][T24610] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 979.021206][T24610] loop2: p3 start 225 is beyond EOD, truncated 10:15:39 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x7b01, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 979.027403][T24610] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 979.079727][T24631] loop3: detected capacity change from 0 to 61 [ 979.111545][ T380] loop2: p1 p2 p3 p4 [ 979.115735][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 979.121832][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 979.130109][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 979.136310][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 979.143810][T24633] loop3: detected capacity change from 0 to 61 10:15:40 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0xc00e000000000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:40 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000500024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:40 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000200000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:40 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000004020063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:40 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xa101, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:40 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700fdef00000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:40 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000040600024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 979.625210][T24639] loop2: detected capacity change from 0 to 1 [ 979.636191][T24645] loop5: detected capacity change from 0 to 16949 [ 979.674658][T24645] EXT4-fs mount: 23 callbacks suppressed [ 979.674671][T24645] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 979.700168][T24651] loop3: detected capacity change from 0 to 80 [ 979.710749][T24639] loop2: p1 p2 p3 p4 [ 979.716127][T24639] loop2: p1 start 10 is beyond EOD, truncated [ 979.722246][T24639] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:40 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000800024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:40 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000300000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 979.755029][T24639] loop2: p3 start 225 is beyond EOD, truncated [ 979.761248][T24639] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 979.776185][T24654] loop3: detected capacity change from 0 to 80 10:15:40 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000001800024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 979.822617][T24639] loop2: detected capacity change from 0 to 1 [ 979.839565][T24659] loop5: detected capacity change from 0 to 16949 [ 979.850871][ T380] loop2: p1 p2 p3 p4 [ 979.855128][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 979.861213][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:40 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000002600024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:40 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xfeff, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 979.875867][T24659] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 979.894710][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 979.900921][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 979.923301][T24639] loop2: p1 p2 p3 p4 [ 979.927568][T24639] loop2: p1 start 10 is beyond EOD, truncated [ 979.933680][T24639] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 979.961424][T24666] loop3: detected capacity change from 0 to 127 [ 979.970423][T24639] loop2: p3 start 225 is beyond EOD, truncated [ 979.976636][T24639] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 980.044762][ T380] loop2: p1 p2 p3 p4 [ 980.053890][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 980.060058][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 980.071227][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 980.077417][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 980.087428][T24668] loop3: detected capacity change from 0 to 127 10:15:41 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0xc08e000000000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:41 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000003f00024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:41 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000400000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:41 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000030063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:41 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xfffe, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:41 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700effd00000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:41 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000004000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 980.517551][T24676] loop2: detected capacity change from 0 to 1 [ 980.537320][T24682] loop5: detected capacity change from 0 to 16949 [ 980.560956][T24676] loop2: p1 p2 p3 p4 [ 980.565126][T24676] loop2: p1 start 10 is beyond EOD, truncated [ 980.571218][T24676] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 980.586060][T24686] loop3: detected capacity change from 0 to 127 [ 980.596296][T24682] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 980.600883][T24676] loop2: p3 start 225 is beyond EOD, truncated 10:15:41 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000008004000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:41 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000500000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:41 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000007300024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 980.613001][T24676] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:41 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000007e00024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 980.665716][T24676] loop2: detected capacity change from 0 to 1 [ 980.685155][T24686] loop3: detected capacity change from 0 to 127 [ 980.693514][T24694] loop5: detected capacity change from 0 to 16949 [ 980.727293][T24694] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 980.740861][T24676] loop2: p1 p2 p3 p4 [ 980.745098][T24676] loop2: p1 start 10 is beyond EOD, truncated [ 980.751272][T24676] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:41 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000038000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 980.773158][T24676] loop2: p3 start 225 is beyond EOD, truncated [ 980.779358][T24676] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 980.892367][ T380] loop2: p1 p2 p3 p4 [ 980.900798][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 980.906885][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 980.918005][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 980.924224][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:41 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0xffffff7f00000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:41 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000600000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:41 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x80000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:41 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000fffffff600024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:41 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000040063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:41 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000020000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000fffffffe00024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 981.394952][T24707] loop2: detected capacity change from 0 to 1 [ 981.418396][T24711] loop5: detected capacity change from 0 to 16949 10:15:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000f6ffffff00024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 981.451557][T24707] loop2: p1 p2 p3 p4 [ 981.455660][T24707] loop2: p1 start 10 is beyond EOD, truncated [ 981.461881][T24707] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 981.475069][T24711] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 981.486389][T24702] loop3: detected capacity change from 0 to 1024 [ 981.493975][T24707] loop2: p3 start 225 is beyond EOD, truncated 10:15:42 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000700000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000feffffff00024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 981.500158][T24707] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000002000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 981.568643][T24723] loop5: detected capacity change from 0 to 16949 [ 981.582057][T24724] loop3: detected capacity change from 0 to 1024 [ 981.603711][T24707] loop2: detected capacity change from 0 to 1 [ 981.621705][T24723] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 981.640935][T24707] loop2: p1 p2 p3 p4 [ 981.650720][T24707] loop2: p1 start 10 is beyond EOD, truncated [ 981.656811][T24707] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000003000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 981.726403][T24707] loop2: p3 start 225 is beyond EOD, truncated [ 981.732623][T24707] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 981.842658][ T380] loop2: p1 p2 p3 p4 [ 981.846806][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 981.852913][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 981.863061][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 981.869280][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:42 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0xffffffff00000000, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:42 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000800000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:42 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x80040, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000004000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:42 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000050063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:42 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff07007ffff0000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000005000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 982.289723][T24734] loop2: detected capacity change from 0 to 1 [ 982.302753][T24742] loop5: detected capacity change from 0 to 16949 [ 982.321266][T24742] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 982.350730][T24734] loop2: p1 p2 p3 p4 [ 982.355670][T24734] loop2: p1 start 10 is beyond EOD, truncated [ 982.361765][T24734] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 982.390505][T24732] loop3: detected capacity change from 0 to 1024 10:15:43 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000900000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000008000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 982.401499][T24734] loop2: p3 start 225 is beyond EOD, truncated [ 982.407766][T24734] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000018000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000026000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 982.477690][T24751] loop5: detected capacity change from 0 to 16949 [ 982.480789][T24752] loop3: detected capacity change from 0 to 1024 [ 982.499713][T24734] loop2: detected capacity change from 0 to 1 [ 982.510431][T24751] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:15:43 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000a00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 982.550628][T24734] loop2: p1 p2 p3 p4 [ 982.554749][T24734] loop2: p1 start 10 is beyond EOD, truncated [ 982.560921][T24734] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 982.590034][T24734] loop2: p3 start 225 is beyond EOD, truncated [ 982.596288][T24734] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 982.627819][T24759] loop5: detected capacity change from 0 to 16949 [ 982.635319][ T380] loop2: p1 p2 p3 p4 [ 982.639478][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 982.645617][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 982.657525][T24759] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 982.668305][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 982.674573][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:43 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:43 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x200020, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000073000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:43 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000060063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:43 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000b00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:43 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000010063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 983.158272][T24765] loop2: detected capacity change from 0 to 1 [ 983.166336][T24769] loop5: detected capacity change from 0 to 16949 [ 983.182183][T24769] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 983.193173][T24765] loop2: p1 p2 p3 p4 [ 983.197337][T24765] loop2: p1 start 10 is beyond EOD, truncated 10:15:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000007e000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:43 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000c00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008000000fe000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 983.203500][T24765] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 983.221041][T24765] loop2: p3 start 225 is beyond EOD, truncated [ 983.227241][T24765] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 983.240998][T24776] loop3: detected capacity change from 0 to 4096 10:15:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000004020000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 983.302141][T24784] loop5: detected capacity change from 0 to 16949 [ 983.303375][T24765] loop2: detected capacity change from 0 to 1 [ 983.330753][T24784] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:15:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000030000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 983.354268][T24785] loop3: detected capacity change from 0 to 4096 10:15:44 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000004060063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 983.576253][T24794] loop2: detected capacity change from 0 to 1 [ 983.610832][T24794] loop2: p1 p2 p3 p4 [ 983.617261][T24794] loop2: p1 start 10 is beyond EOD, truncated [ 983.623381][T24794] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 983.645048][T24794] loop2: p3 start 225 is beyond EOD, truncated [ 983.651317][T24794] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 983.693181][T24794] loop2: detected capacity change from 0 to 1 [ 983.720889][T24794] loop2: p1 p2 p3 p4 [ 983.725044][T24794] loop2: p1 start 10 is beyond EOD, truncated [ 983.731149][T24794] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 983.738889][T24794] loop2: p3 start 225 is beyond EOD, truncated [ 983.745125][T24794] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 983.791348][ T380] loop2: p1 p2 p3 p4 [ 983.795462][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 983.801551][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 983.808967][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 983.815170][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:44 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x2}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:44 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000d00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000080030000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:44 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x400000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:44 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000020063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:44 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000070063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 984.037800][T24803] loop2: detected capacity change from 0 to 1 [ 984.049145][T24802] loop5: detected capacity change from 0 to 16949 10:15:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000002040000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:44 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000e00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000006040000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 984.078518][T24805] loop3: detected capacity change from 0 to 8192 [ 984.085292][T24802] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 984.121151][T24803] loop2: p1 p2 p3 p4 [ 984.140805][T24803] loop2: p1 start 10 is beyond EOD, truncated [ 984.146909][T24803] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 984.164717][T24803] loop2: p3 start 225 is beyond EOD, truncated 10:15:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000050000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 984.170968][T24803] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 984.181380][T24817] loop5: detected capacity change from 0 to 16949 [ 984.205206][T24819] loop3: detected capacity change from 0 to 8192 10:15:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000004060000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 984.220094][T24817] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 984.248250][T24803] loop2: detected capacity change from 0 to 1 10:15:44 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000f00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 984.311636][T24803] loop2: p1 p2 p3 p4 [ 984.315745][T24803] loop2: p1 start 10 is beyond EOD, truncated [ 984.321837][T24803] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 984.352378][T24803] loop2: p3 start 225 is beyond EOD, truncated [ 984.358555][T24803] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 984.389732][T24827] loop5: detected capacity change from 0 to 16949 [ 984.408601][T24827] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 984.453617][ T380] loop2: p1 p2 p3 p4 [ 984.457737][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 984.463850][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 984.471653][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 984.477816][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:45 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xd0ff20, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000180000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f001000000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:45 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000080063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:45 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x3}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:45 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000004020063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 984.905552][T24832] loop5: detected capacity change from 0 to 16949 [ 984.913604][T24837] loop2: detected capacity change from 0 to 1 [ 984.941339][T24837] loop2: p1 p2 p3 p4 [ 984.945378][T24837] loop2: p1 start 10 is beyond EOD, truncated 10:15:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000200000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000260000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 984.951515][T24837] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 984.952529][T24839] loop3: detected capacity change from 0 to 26751 [ 984.981084][T24837] loop2: p3 start 225 is beyond EOD, truncated [ 984.987281][T24837] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008000000003f0000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 984.997347][T24832] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 985.008285][T24847] loop3: detected capacity change from 0 to 26751 10:15:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f001100000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000400000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:45 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xf0ff1f, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000730000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 985.122875][T24857] loop5: detected capacity change from 0 to 16949 [ 985.131490][T24837] loop2: detected capacity change from 0 to 1 [ 985.153382][T24857] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 985.172276][T24860] loop3: detected capacity change from 0 to 30847 [ 985.180818][T24837] loop2: p1 p2 p3 p4 [ 985.184903][T24837] loop2: p1 start 10 is beyond EOD, truncated [ 985.191068][T24837] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008000000007e0000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f001200000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 985.247770][T24837] loop2: p3 start 225 is beyond EOD, truncated [ 985.254136][T24837] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 985.308000][T24867] loop5: detected capacity change from 0 to 16949 [ 985.324947][T24868] loop3: detected capacity change from 0 to 30847 [ 985.327244][ T380] loop2: p1 p2 p3 p4 [ 985.342383][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 985.348499][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 985.351673][T24867] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 985.364304][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 985.372295][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:46 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x4}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000003800000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:46 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000090063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:46 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f001300000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:46 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x1000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:46 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000030063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 985.790122][T24874] loop5: detected capacity change from 0 to 16949 [ 985.803708][T24880] loop2: detected capacity change from 0 to 1 [ 985.812230][T24874] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 985.827299][T24880] loop2: p1 p2 p3 p4 [ 985.833998][T24880] loop2: p1 start 10 is beyond EOD, truncated 10:15:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008000000fffe0000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:46 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f001800000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008000000feff0000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 985.840078][T24880] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 985.851017][T24880] loop2: p3 start 225 is beyond EOD, truncated [ 985.857222][T24880] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 985.866504][T24886] loop3: detected capacity change from 0 to 32768 [ 985.898643][T24891] loop5: detected capacity change from 0 to 16949 [ 985.913835][T24880] loop2: detected capacity change from 0 to 1 10:15:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000800024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 985.944039][T24891] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 985.954799][ T380] loop2: p1 p2 p3 p4 [ 985.958860][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 985.964947][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 985.981609][T24894] loop3: detected capacity change from 0 to 32768 10:15:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000040000800024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 986.005273][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 986.011574][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:46 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f002200000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 986.060573][ T380] loop2: p1 p2 p3 p4 [ 986.065508][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 986.071628][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 986.097467][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 986.103706][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 986.113375][T24880] loop2: p1 p2 p3 p4 [ 986.117445][T24880] loop2: p1 start 10 is beyond EOD, truncated [ 986.123551][T24880] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 986.131276][T24880] loop2: p3 start 225 is beyond EOD, truncated [ 986.137434][T24880] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 986.148352][T24903] loop5: detected capacity change from 0 to 16949 [ 986.167292][T24903] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:15:47 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x7}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:47 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000002000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:47 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x2000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:47 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f002500000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:47 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0000000a0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:47 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000040063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:47 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000001024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 986.704938][T24912] loop2: detected capacity change from 0 to 1 [ 986.715194][T24916] loop5: detected capacity change from 0 to 16949 [ 986.751110][T24916] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 986.763290][T24921] loop3: detected capacity change from 0 to 65536 [ 986.771023][T24912] loop2: p1 p2 p3 p4 [ 986.775193][T24912] loop2: p1 start 10 is beyond EOD, truncated [ 986.781359][T24912] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:47 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f002e00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:47 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000002024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 986.800867][T24912] loop2: p3 start 225 is beyond EOD, truncated [ 986.807098][T24912] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:47 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000402024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:47 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f003200000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:47 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000003024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 986.878474][T24929] loop5: detected capacity change from 0 to 16949 [ 986.892188][T24929] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 986.895772][T24921] loop3: detected capacity change from 0 to 65536 [ 986.914784][T24912] loop2: detected capacity change from 0 to 1 [ 986.979764][T24937] loop5: detected capacity change from 0 to 16949 [ 986.986649][ T380] loop2: p1 p2 p3 p4 [ 986.993495][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 986.999589][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 987.007461][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 987.010876][T24937] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 987.013668][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 987.034744][T24912] loop2: p1 p2 p3 p4 [ 987.038761][T24912] loop2: p1 start 10 is beyond EOD, truncated [ 987.044864][T24912] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 987.052797][T24912] loop2: p3 start 225 is beyond EOD, truncated [ 987.058968][T24912] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:48 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x8}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:48 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x2040000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:48 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000004024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:48 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f004800000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:48 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0000000b0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:48 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000050063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 987.591807][T24945] loop2: detected capacity change from 0 to 1 [ 987.597307][T24948] loop5: detected capacity change from 0 to 16949 [ 987.611134][T24945] loop2: p1 p2 p3 p4 [ 987.615167][T24945] loop2: p1 start 10 is beyond EOD, truncated [ 987.621278][T24945] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:48 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000005024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:48 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f004c00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 987.632472][T24948] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 987.645450][T24953] loop3: detected capacity change from 0 to 66048 [ 987.658160][T24945] loop2: p3 start 225 is beyond EOD, truncated [ 987.664388][T24945] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:48 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000406024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 987.711791][T24945] loop2: detected capacity change from 0 to 1 [ 987.730518][T24958] loop3: detected capacity change from 0 to 66048 [ 987.738850][T24963] loop5: detected capacity change from 0 to 16949 10:15:48 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000008024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 987.754113][T24963] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 987.770805][T24945] loop2: p1 p2 p3 p4 [ 987.774880][T24945] loop2: p1 start 10 is beyond EOD, truncated [ 987.780988][T24945] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:48 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f006000000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:48 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000018024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 987.806367][T24945] loop2: p3 start 225 is beyond EOD, truncated [ 987.812607][T24945] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 987.890737][T24972] loop5: detected capacity change from 0 to 16949 [ 987.911370][ T380] loop2: p1 p2 p3 p4 [ 987.915408][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 987.921578][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 987.930703][T24972] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 987.942463][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 987.948660][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:49 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x10}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:49 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x3000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:49 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000026024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:49 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0000000c0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:49 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f006800000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:49 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000060063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 988.504158][T24980] loop5: detected capacity change from 0 to 16949 [ 988.512611][T24985] loop2: detected capacity change from 0 to 1 10:15:49 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000000000003f024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 988.544740][T24976] loop3: detected capacity change from 0 to 98304 [ 988.561256][T24980] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 988.581020][T24985] loop2: p1 p2 p3 p4 [ 988.585107][T24985] loop2: p1 start 10 is beyond EOD, truncated 10:15:49 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000040024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 988.591209][T24985] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 988.602476][T24992] loop3: detected capacity change from 0 to 98304 10:15:49 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f006c00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 988.641785][T24985] loop2: p3 start 225 is beyond EOD, truncated [ 988.647977][T24985] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:49 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000080040024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:49 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x4000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 988.750725][T24998] loop5: detected capacity change from 0 to 16949 [ 988.783891][T24985] loop2: detected capacity change from 0 to 1 10:15:49 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000073024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 988.806430][T24998] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 988.819084][T25002] loop3: detected capacity change from 0 to 131072 [ 988.840709][T24985] loop2: p1 p2 p3 p4 [ 988.844896][T24985] loop2: p1 start 10 is beyond EOD, truncated [ 988.851760][T24985] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 988.874155][T24985] loop2: p3 start 225 is beyond EOD, truncated [ 988.880384][T24985] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 988.971568][ T380] loop2: p1 p2 p3 p4 [ 988.975707][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 988.981849][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 988.990156][T25008] loop3: detected capacity change from 0 to 131072 [ 989.003586][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 989.009743][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:49 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x300}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:49 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f007400000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:49 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000000000007e024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:49 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0000000d0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:49 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000004060063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:49 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x5000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:50 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000380024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 989.402450][T25012] loop2: detected capacity change from 0 to 1 [ 989.409112][T25020] loop5: detected capacity change from 0 to 16949 [ 989.436292][T25020] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:15:50 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008000000fffffff6024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 989.451038][T25025] loop3: detected capacity change from 0 to 163840 [ 989.460842][T25012] loop2: p1 p2 p3 p4 [ 989.464949][T25012] loop2: p1 start 10 is beyond EOD, truncated [ 989.471053][T25012] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 989.492856][T25012] loop2: p3 start 225 is beyond EOD, truncated 10:15:50 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008000000fffffffe024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:50 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f007a00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 989.499083][T25012] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:50 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008000000f6ffffff024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:50 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008000000feffffff024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 989.555032][T25034] loop3: detected capacity change from 0 to 163840 [ 989.555045][T25012] loop2: detected capacity change from 0 to 1 [ 989.600165][T25039] loop5: detected capacity change from 0 to 16949 [ 989.620707][T25012] loop2: p1 p2 p3 p4 [ 989.627217][T25012] loop2: p1 start 10 is beyond EOD, truncated [ 989.633321][T25012] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 989.647999][T25012] loop2: p3 start 225 is beyond EOD, truncated [ 989.654275][T25012] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 989.662382][T25039] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 989.684671][ T380] loop2: p1 p2 p3 p4 [ 989.688775][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 989.694953][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 989.702993][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 989.709170][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 989.790244][ T380] loop2: p1 p2 p3 p4 [ 989.794411][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 989.800499][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 989.808240][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 989.814499][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:50 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x700}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:50 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000014000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:50 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x6000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:50 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00fe00000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:50 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0000000e0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:50 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000080063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:50 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000020000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 990.269372][T25045] loop5: detected capacity change from 0 to 16949 [ 990.269871][T25049] loop2: detected capacity change from 0 to 1 [ 990.297017][T25045] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 990.308544][T25049] loop2: p1 p2 p3 p4 [ 990.312949][T25049] loop2: p1 start 10 is beyond EOD, truncated 10:15:50 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000030000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 990.319038][T25049] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 990.326921][T25051] loop3: detected capacity change from 0 to 196608 [ 990.340732][T25049] loop2: p3 start 225 is beyond EOD, truncated [ 990.346956][T25049] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:51 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f006101000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:51 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000040000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 990.373386][T25061] loop3: detected capacity change from 0 to 196608 [ 990.402675][T25049] loop2: detected capacity change from 0 to 1 [ 990.450665][ T380] loop2: p1 p2 p3 p4 [ 990.455110][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 990.461210][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 990.479411][T25067] loop5: detected capacity change from 0 to 16949 10:15:51 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000050000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 990.495323][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 990.501521][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 990.526708][T25067] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 990.545016][T25049] loop2: p1 p2 p3 p4 10:15:51 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f006a01000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 990.557662][T25049] loop2: p1 start 10 is beyond EOD, truncated [ 990.563856][T25049] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 990.582862][T25049] loop2: p3 start 225 is beyond EOD, truncated [ 990.589184][T25049] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 990.628777][T25072] loop5: detected capacity change from 0 to 16949 [ 990.637462][T25072] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 990.651351][ T380] loop2: p1 p2 p3 p4 [ 990.658755][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 990.664927][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 990.681246][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 990.687431][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:51 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000080000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:51 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x6040000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:51 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0000000f0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:51 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0xec0}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:51 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000010080063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:51 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f006b01000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:51 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000180000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 991.139303][T25079] loop2: detected capacity change from 0 to 1 [ 991.153197][T25082] loop5: detected capacity change from 0 to 16949 [ 991.183183][T25082] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 991.211156][T25079] loop2: p1 p2 p3 p4 [ 991.216230][T25092] loop3: detected capacity change from 0 to 197120 [ 991.218707][T25079] loop2: p1 start 10 is beyond EOD, truncated 10:15:51 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000260000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:51 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f009201000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 991.228853][T25079] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 991.241429][T25079] loop2: p3 start 225 is beyond EOD, truncated [ 991.247625][T25079] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:51 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000730000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 991.305081][T25092] loop3: detected capacity change from 0 to 197120 [ 991.314670][T25098] loop5: detected capacity change from 0 to 16949 [ 991.353707][T25098] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 991.370242][T25079] loop2: detected capacity change from 0 to 1 10:15:52 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008000000007e0000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:52 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f009301000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 991.440882][T25079] loop2: p1 p2 p3 p4 [ 991.444934][T25079] loop2: p1 start 10 is beyond EOD, truncated [ 991.451022][T25079] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:52 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x7000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:52 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000fe0000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 991.489041][T25079] loop2: p3 start 225 is beyond EOD, truncated [ 991.495259][T25079] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 991.543784][T25107] loop5: detected capacity change from 0 to 16949 [ 991.563388][T25107] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:15:52 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000100063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 991.595132][T25109] loop3: detected capacity change from 0 to 229376 [ 991.620910][ T380] loop2: p1 p2 p3 p4 [ 991.625035][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 991.631127][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 991.638936][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 991.645105][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 991.669991][T25113] loop3: detected capacity change from 0 to 229376 [ 991.757546][T25116] loop2: detected capacity change from 0 to 1 [ 991.820760][T25116] loop2: p1 p2 p3 p4 [ 991.824961][T25116] loop2: p1 start 10 is beyond EOD, truncated [ 991.831072][T25116] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 991.838771][T25116] loop2: p3 start 225 is beyond EOD, truncated [ 991.844968][T25116] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 991.893358][T25116] loop2: detected capacity change from 0 to 1 [ 991.930702][T25116] loop2: p1 p2 p3 p4 [ 991.934904][T25116] loop2: p1 start 10 is beyond EOD, truncated [ 991.941061][T25116] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 991.948791][T25116] loop2: p3 start 225 is beyond EOD, truncated [ 991.955026][T25116] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:52 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x2000}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:52 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000040200024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:52 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f009401000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:52 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x8000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:52 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000080080063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:52 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000110063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 992.001464][ T380] loop2: p1 p2 p3 p4 [ 992.005567][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 992.011658][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 992.019113][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 992.025299][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:52 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000300024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 992.051302][T25124] loop5: detected capacity change from 0 to 16949 [ 992.081835][T25124] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:15:52 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000800300024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 992.100033][T25131] loop3: detected capacity change from 0 to 262144 [ 992.115307][T25134] loop2: detected capacity change from 0 to 1 10:15:52 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f009501000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:52 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000020400024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 992.160821][ T380] loop2: p1 p2 p3 p4 [ 992.164921][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 992.171016][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 992.183229][T25137] loop3: detected capacity change from 0 to 262144 [ 992.190000][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 992.196251][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:52 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000060400024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 992.229478][ T380] loop2: p1 p2 p3 p4 [ 992.246547][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 992.252693][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 992.262346][T25144] loop5: detected capacity change from 0 to 16949 10:15:52 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x9000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 992.279901][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 992.286158][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 992.297631][T25144] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 992.353323][T25134] loop2: p1 p2 p3 p4 [ 992.357522][T25134] loop2: p1 start 10 is beyond EOD, truncated [ 992.363630][T25134] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 992.373534][T25134] loop2: p3 start 225 is beyond EOD, truncated [ 992.379737][T25134] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 992.403633][T25149] loop3: detected capacity change from 0 to 264192 [ 992.436513][T25134] loop2: detected capacity change from 0 to 1 [ 992.480943][T25151] loop3: detected capacity change from 0 to 264192 10:15:53 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x4000}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:53 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00ac01000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:53 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000500024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:53 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000120063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:53 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xa000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:53 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff07000000000c0063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:53 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000040600024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 992.918764][T25157] loop2: detected capacity change from 0 to 1 [ 992.930517][T25163] loop5: detected capacity change from 0 to 16949 10:15:53 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00ad01000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:53 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000001800024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 992.959871][T25163] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 992.977389][T25169] loop3: detected capacity change from 0 to 264192 10:15:53 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000002000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:53 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000002600024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:53 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000003f00024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 993.021085][T25157] loop2: p1 p2 p3 p4 [ 993.025262][T25157] loop2: p1 start 10 is beyond EOD, truncated [ 993.031448][T25157] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 993.040649][T25177] loop5: detected capacity change from 0 to 16949 [ 993.088926][T25175] loop3: detected capacity change from 0 to 264192 [ 993.095930][T25157] loop2: p3 start 225 is beyond EOD, truncated [ 993.102140][T25157] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 993.120774][T25177] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 993.195273][T25157] loop2: detected capacity change from 0 to 1 [ 993.241093][T25157] loop2: p1 p2 p3 p4 [ 993.245237][T25157] loop2: p1 start 10 is beyond EOD, truncated [ 993.251330][T25157] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 993.267739][T25157] loop2: p3 start 225 is beyond EOD, truncated [ 993.273958][T25157] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 993.331348][ T380] loop2: p1 p2 p3 p4 [ 993.335523][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 993.341628][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 993.360879][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 993.367031][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:54 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x8ec0}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:54 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000004000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:54 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00b201000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:54 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xb000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:54 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0000001c0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:54 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000100063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 993.809823][T25188] loop5: detected capacity change from 0 to 16949 [ 993.818189][T25191] loop2: detected capacity change from 0 to 1 [ 993.841400][T25191] loop2: p1 p2 p3 p4 [ 993.845439][T25191] loop2: p1 start 10 is beyond EOD, truncated [ 993.851532][T25191] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:54 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000007300024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 993.851981][T25195] loop3: detected capacity change from 0 to 264192 [ 993.859614][T25188] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 993.883028][T25191] loop2: p3 start 225 is beyond EOD, truncated [ 993.889215][T25191] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:54 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00c001000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:54 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000007e00024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 993.959978][T25204] loop3: detected capacity change from 0 to 264192 [ 993.995181][T25191] loop2: detected capacity change from 0 to 1 [ 994.004863][T25206] loop5: detected capacity change from 0 to 16949 10:15:54 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000038000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 994.036451][T25206] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 994.070714][T25191] loop2: p1 p2 p3 p4 [ 994.074888][T25191] loop2: p1 start 10 is beyond EOD, truncated 10:15:54 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000fffe00024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:54 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xc000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 994.081017][T25191] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 994.105827][T25191] loop2: p3 start 225 is beyond EOD, truncated [ 994.112057][T25191] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 994.145063][T25215] loop3: detected capacity change from 0 to 264192 [ 994.155850][ T380] loop2: p1 p2 p3 p4 [ 994.159886][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 994.166065][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 994.187813][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 994.194084][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 994.232756][T25217] loop3: detected capacity change from 0 to 264192 10:15:55 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000feff00024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:55 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00f801000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:55 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000200063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:55 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xd000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:55 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0xc00e}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:55 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000260063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:55 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000034000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 994.709331][T25226] loop2: detected capacity change from 0 to 1 [ 994.717911][T25222] loop5: detected capacity change from 0 to 16949 [ 994.752017][T25229] loop3: detected capacity change from 0 to 264192 [ 994.761582][T25222] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 994.772680][T25226] loop2: p1 p2 p3 p4 [ 994.776841][T25226] loop2: p1 start 10 is beyond EOD, truncated [ 994.782937][T25226] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:55 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000044000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 994.799182][T25237] loop3: detected capacity change from 0 to 264192 [ 994.811046][T25226] loop2: p3 start 225 is beyond EOD, truncated [ 994.817230][T25226] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:55 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000402000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:55 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000064000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 994.910057][T25242] loop5: detected capacity change from 0 to 16949 [ 994.917651][T25226] loop2: detected capacity change from 0 to 1 [ 994.970775][ T380] loop2: p1 p2 p3 p4 [ 994.974970][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 994.981068][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 994.995564][T25242] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 995.008658][ T380] loop2: p3 start 225 is beyond EOD, truncated 10:15:55 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xe000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:55 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000074000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:55 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f003f02000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 995.015069][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 995.034906][T25226] loop2: p1 p2 p3 p4 [ 995.048394][T25226] loop2: p1 start 10 is beyond EOD, truncated [ 995.054514][T25226] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:55 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000200024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 995.080205][T25248] loop3: detected capacity change from 0 to 264192 [ 995.097983][T25226] loop2: p3 start 225 is beyond EOD, truncated [ 995.104208][T25226] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 995.119007][T25253] loop5: detected capacity change from 0 to 16949 [ 995.147582][T25253] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 995.165365][ T380] loop2: p1 p2 p3 p4 [ 995.169421][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 995.175561][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 995.183156][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 995.189403][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:55 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000220063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:55 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000300024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 995.310279][T25258] loop3: detected capacity change from 0 to 264192 [ 995.312016][ T380] loop2: p1 p2 p3 p4 [ 995.321912][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 995.327989][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 995.343356][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 995.349576][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 995.457285][T25262] loop2: detected capacity change from 0 to 1 [ 995.490737][T25262] loop2: p1 p2 p3 p4 [ 995.494993][T25262] loop2: p1 start 10 is beyond EOD, truncated [ 995.501085][T25262] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 995.508932][T25262] loop2: p3 start 225 is beyond EOD, truncated [ 995.515122][T25262] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:56 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0xc08e}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:56 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f004d02000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:56 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff07000000003f0063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:56 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000400024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:56 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x10000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 995.553424][T25262] loop2: detected capacity change from 0 to 1 10:15:56 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000500024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 995.595679][T25272] loop5: detected capacity change from 0 to 16949 [ 995.610723][T25262] loop2: p1 p2 p3 p4 [ 995.620222][T25262] loop2: p1 start 10 is beyond EOD, truncated [ 995.626324][T25262] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:56 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000800024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 995.652574][T25262] loop2: p3 start 225 is beyond EOD, truncated [ 995.658813][T25262] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 995.666598][T25278] loop3: detected capacity change from 0 to 264192 [ 995.673952][T25272] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:15:56 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f005202000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:56 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000001800024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:56 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000250063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:56 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000002600024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:56 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000007300024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 995.756937][T25282] loop3: detected capacity change from 0 to 264192 [ 995.764274][ T380] loop2: p1 p2 p3 p4 [ 995.768387][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 995.774624][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 995.785878][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 995.792089][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 995.799048][T25287] loop5: detected capacity change from 0 to 16949 [ 995.836910][T25287] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 995.883533][T25294] loop2: detected capacity change from 0 to 1 [ 995.923453][ T380] loop2: p1 p2 p3 p4 [ 995.927654][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 995.933956][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 995.941838][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 995.948108][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 995.956925][T25294] loop2: p1 p2 p3 p4 [ 995.961107][T25294] loop2: p1 start 10 is beyond EOD, truncated [ 995.967182][T25294] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 995.974949][T25294] loop2: p3 start 225 is beyond EOD, truncated [ 995.981136][T25294] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 996.043374][T25294] loop2: detected capacity change from 0 to 1 [ 996.090771][ T380] loop2: p1 p2 p3 p4 [ 996.095138][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 996.101226][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 996.109069][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 996.115248][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 996.123891][T25294] loop2: p1 p2 p3 p4 [ 996.129721][T25294] loop2: p1 start 10 is beyond EOD, truncated [ 996.135842][T25294] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 996.143769][T25294] loop2: p3 start 225 is beyond EOD, truncated [ 996.149939][T25294] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 996.158928][ T380] loop2: p1 p2 p3 p4 [ 996.163047][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 996.169102][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 996.176966][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 996.183160][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:57 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x40000}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:57 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f005302000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:57 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000007e00024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:57 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x11000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:57 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000260063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:57 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000400063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:57 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000000000fe00024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 996.454145][T25301] loop2: detected capacity change from 0 to 1 [ 996.463021][T25306] loop5: detected capacity change from 0 to 16949 [ 996.484395][T25301] loop2: p1 p2 p3 p4 [ 996.488479][T25301] loop2: p1 start 10 is beyond EOD, truncated [ 996.494553][T25301] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:57 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000402024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:57 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000003024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 996.514314][T25299] loop3: detected capacity change from 0 to 264192 [ 996.524017][T25301] loop2: p3 start 225 is beyond EOD, truncated [ 996.530202][T25301] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 996.531141][T25306] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 996.572425][T25315] loop3: detected capacity change from 0 to 264192 [ 996.593007][T25301] loop2: detected capacity change from 0 to 1 10:15:57 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000008003024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:57 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f006a02000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 996.650868][T25301] loop2: p1 p2 p3 p4 [ 996.655000][T25301] loop2: p1 start 10 is beyond EOD, truncated [ 996.661082][T25301] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:15:57 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000204024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 996.699110][T25301] loop2: p3 start 225 is beyond EOD, truncated [ 996.705310][T25301] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 996.760050][T25325] loop5: detected capacity change from 0 to 16949 [ 996.771590][ T380] loop2: p1 p2 p3 p4 [ 996.775788][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 996.781904][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 996.794208][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 996.800386][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 996.808374][T25325] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:15:57 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x200000}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:57 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x12000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:57 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000604024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:57 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0000002e0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:57 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f006b02000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:57 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000710063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:57 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000005024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 997.344102][T25336] loop2: detected capacity change from 0 to 1 [ 997.351908][T25333] loop5: detected capacity change from 0 to 16949 [ 997.377803][T25333] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:15:58 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000406024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 997.406066][T25337] loop3: detected capacity change from 0 to 264192 [ 997.412825][T25336] loop2: p1 p2 p3 p4 [ 997.416961][T25336] loop2: p1 start 10 is beyond EOD, truncated [ 997.423244][T25336] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 997.431465][T25336] loop2: p3 start 225 is beyond EOD, truncated [ 997.437648][T25336] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:58 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f006c02000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:58 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000018024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 997.535627][T25336] loop2: detected capacity change from 0 to 1 [ 997.558934][T25350] loop5: detected capacity change from 0 to 16949 [ 997.571057][T25348] loop3: detected capacity change from 0 to 264192 10:15:58 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000020024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 997.597091][T25350] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 997.607960][ T380] loop2: p1 p2 p3 p4 [ 997.612371][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 997.618445][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 997.633461][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 997.639721][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:58 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f006d02000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 997.648970][T25336] loop2: p1 p2 p3 p4 [ 997.653233][T25336] loop2: p1 start 10 is beyond EOD, truncated [ 997.659364][T25336] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 997.667209][T25336] loop2: p3 start 225 is beyond EOD, truncated [ 997.673465][T25336] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 997.686361][ T380] loop2: p1 p2 p3 p4 [ 997.690510][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 997.696571][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 997.705623][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 997.711813][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 997.741660][T25357] loop5: detected capacity change from 0 to 16949 [ 997.762992][T25357] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:15:58 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x1000000}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:58 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000026024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:58 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0000003f0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:58 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x1ffff000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:58 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f009402000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:58 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff07000000007e0063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 998.243257][T25364] loop2: detected capacity change from 0 to 1 [ 998.252642][T25371] loop5: detected capacity change from 0 to 16949 10:15:58 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f009502000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:58 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000000000003f024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 998.285785][T25371] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 998.300778][T25364] loop2: p1 p2 p3 p4 [ 998.305182][T25364] loop2: p1 start 10 is beyond EOD, truncated [ 998.311291][T25364] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 998.326394][T25364] loop2: p3 start 225 is beyond EOD, truncated 10:15:58 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000040024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 998.332620][T25364] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 998.349727][T25379] loop3: detected capacity change from 0 to 264192 10:15:59 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000073024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 998.390729][T25364] loop2: detected capacity change from 0 to 1 [ 998.397393][T25384] loop5: detected capacity change from 0 to 16949 [ 998.422477][ T380] loop2: p1 p2 p3 p4 [ 998.428839][ T380] loop2: p1 start 10 is beyond EOD, truncated 10:15:59 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000000000007e024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 998.435226][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 998.458416][T25384] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 998.458922][T25379] loop3: detected capacity change from 0 to 264192 [ 998.480246][ T380] loop2: p3 start 225 is beyond EOD, truncated 10:15:59 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000380024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 998.486461][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 998.512949][ T380] loop2: p1 p2 p3 p4 [ 998.517212][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 998.523329][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 998.530889][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 998.537093][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 998.551713][T25364] loop2: p1 p2 p3 p4 [ 998.555891][T25364] loop2: p1 start 10 is beyond EOD, truncated [ 998.562010][T25364] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 998.574991][T25364] loop2: p3 start 225 is beyond EOD, truncated [ 998.581197][T25364] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:15:59 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x2000000}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:15:59 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f009e02000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:59 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000000000fffe024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:59 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x20000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:15:59 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000400063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:59 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff070000f0ff7f0063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:15:59 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000000000feff024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 999.141303][T25398] loop2: detected capacity change from 0 to 1 [ 999.148095][T25401] loop5: detected capacity change from 0 to 16949 [ 999.170885][T25401] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:15:59 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000002024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:15:59 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000003000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:15:59 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000003024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 999.212197][T25398] loop2: p1 p2 p3 p4 [ 999.217339][T25398] loop2: p1 start 10 is beyond EOD, truncated [ 999.223472][T25398] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 999.231025][T25398] loop2: p3 start 225 is beyond EOD, truncated [ 999.237263][T25398] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 999.238113][T25410] loop3: detected capacity change from 0 to 264192 10:15:59 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000004024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 999.303065][T25398] loop2: detected capacity change from 0 to 1 [ 999.335489][T25410] loop3: detected capacity change from 0 to 264192 [ 999.336686][ T380] loop2: p1 p2 p3 p4 10:16:00 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000005024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 999.350118][T25418] loop5: detected capacity change from 0 to 16949 [ 999.350790][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 999.362651][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 999.378153][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 999.384378][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 999.392392][T25418] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 999.440325][ T380] loop2: p1 p2 p3 p4 [ 999.447886][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 999.453985][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 999.470447][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 999.476840][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 999.485478][T25398] loop2: p1 p2 p3 p4 [ 999.489575][T25398] loop2: p1 start 10 is beyond EOD, truncated [ 999.495678][T25398] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 999.503597][T25398] loop2: p3 start 225 is beyond EOD, truncated [ 999.509815][T25398] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:00 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x3000000}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:00 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00ce03000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:00 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x20002000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:00 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000008024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:00 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000800400063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:00 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700fffffdef0063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:00 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000018024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1000.032217][T25435] loop2: detected capacity change from 0 to 1 [ 1000.033255][T25434] loop5: detected capacity change from 0 to 16949 10:16:00 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000026024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1000.081508][T25434] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1000.088133][T25430] loop3: detected capacity change from 0 to 264192 10:16:00 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000204000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:00 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000073024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1000.132217][T25435] loop2: detected capacity change from 0 to 1 10:16:00 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000480063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1000.195100][T25445] loop3: detected capacity change from 0 to 264192 [ 1000.204192][T25447] loop5: detected capacity change from 0 to 16949 10:16:00 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000000000007e024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1000.249724][T25453] loop2: detected capacity change from 0 to 1 [ 1000.272000][T25447] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1000.290920][T25453] loop2: p1 p2 p3 p4 [ 1000.296339][T25453] loop2: p1 start 10 is beyond EOD, truncated [ 1000.302528][T25453] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1000.321914][T25453] loop2: p3 start 225 is beyond EOD, truncated [ 1000.328275][T25453] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1000.373222][T25453] loop2: detected capacity change from 0 to 1 [ 1000.420820][T25453] loop2: p1 p2 p3 p4 [ 1000.425185][T25453] loop2: p1 start 10 is beyond EOD, truncated [ 1000.431315][T25453] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1000.451026][T25453] loop2: p3 start 225 is beyond EOD, truncated [ 1000.457237][T25453] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1000.595990][ T380] loop2: p1 p2 p3 p4 [ 1000.604951][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1000.611055][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1000.618708][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1000.624896][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:01 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x4000000}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:01 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x20ffd000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:01 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000604000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:01 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008000000000000fe024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:01 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700fffffffe0063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:01 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0000004a0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:01 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000034000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1000.916833][T25463] loop2: detected capacity change from 0 to 1 [ 1000.926544][T25465] loop5: detected capacity change from 0 to 16949 [ 1000.955418][T25465] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:01 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000080034000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1000.978671][T25473] loop3: detected capacity change from 0 to 264192 [ 1000.990940][T25463] loop2: p1 p2 p3 p4 [ 1000.995062][T25463] loop2: p1 start 10 is beyond EOD, truncated [ 1001.001229][T25463] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1001.011008][T25463] loop2: p3 start 225 is beyond EOD, truncated [ 1001.017252][T25463] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:01 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f001004000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:01 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000064000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1001.092558][T25473] loop3: detected capacity change from 0 to 264192 [ 1001.118581][T25463] loop2: detected capacity change from 0 to 1 [ 1001.132870][T25480] loop5: detected capacity change from 0 to 16949 10:16:01 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000074000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1001.172100][T25480] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1001.190807][ T380] loop2: p1 p2 p3 p4 [ 1001.195018][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1001.201276][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1001.222989][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1001.229182][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:01 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000005000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1001.294508][T25463] loop2: p1 p2 p3 p4 [ 1001.298683][T25463] loop2: p1 start 10 is beyond EOD, truncated [ 1001.304964][T25463] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1001.329534][T25463] loop2: p3 start 225 is beyond EOD, truncated [ 1001.335888][T25463] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1001.348039][ T380] loop2: p1 p2 p3 p4 [ 1001.352138][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1001.358209][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1001.367380][T25487] loop5: detected capacity change from 0 to 16949 [ 1001.373093][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1001.379997][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1001.381259][T25487] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:02 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x7000000}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:02 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000001104000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:02 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x3f000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:02 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0000004c0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:02 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000006000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:02 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700effdffff0063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:02 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000034000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1001.805740][T25492] loop2: detected capacity change from 0 to 1 [ 1001.813687][T25497] loop5: detected capacity change from 0 to 16949 [ 1001.837000][T25492] loop2: p1 p2 p3 p4 [ 1001.844670][T25492] loop2: p1 start 10 is beyond EOD, truncated 10:16:02 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000406000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:02 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000044000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1001.850778][T25492] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1001.858822][T25497] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1001.882892][T25492] loop2: p3 start 225 is beyond EOD, truncated [ 1001.889311][T25492] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1001.898403][T25507] loop3: detected capacity change from 0 to 264192 [ 1001.934966][T25510] loop5: detected capacity change from 0 to 16949 [ 1001.943907][T25492] loop2: detected capacity change from 0 to 1 [ 1001.972267][T25510] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:02 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000064000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1001.983146][ T380] loop2: p1 p2 p3 p4 [ 1001.987231][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1001.993347][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1002.004168][T25507] loop3: detected capacity change from 0 to 264192 [ 1002.014997][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1002.021225][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:02 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000007000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1002.038467][T25492] loop2: p1 p2 p3 p4 [ 1002.042651][T25492] loop2: p1 start 10 is beyond EOD, truncated [ 1002.049009][T25492] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:16:02 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000074000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1002.097303][T25492] loop2: p3 start 225 is beyond EOD, truncated [ 1002.103592][T25492] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1002.128044][T25518] loop5: detected capacity change from 0 to 16949 [ 1002.160886][T25518] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:03 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000000000000002400effffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:03 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000600063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:03 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x40000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:03 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f004608000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:03 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x8000000}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:03 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700feffffff0063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:03 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000000000000002effdffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1002.716583][T25532] loop2: detected capacity change from 0 to 1 [ 1002.723319][T25533] loop5: detected capacity change from 0 to 16949 10:16:03 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000009000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:03 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024002ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1002.762455][T25538] loop3: detected capacity change from 0 to 264192 [ 1002.810678][T25532] loop2: p1 p2 p3 p4 [ 1002.814868][T25532] loop2: p1 start 10 is beyond EOD, truncated [ 1002.820967][T25532] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1002.839334][T25542] loop5: detected capacity change from 0 to 16949 10:16:03 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024003ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1002.864591][T25538] loop3: detected capacity change from 0 to 264192 [ 1002.871294][T25532] loop2: p3 start 225 is beyond EOD, truncated [ 1002.877455][T25532] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:03 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024004ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:03 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00000a000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:03 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024005ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1002.976972][T25532] loop2: detected capacity change from 0 to 1 [ 1003.002448][T25553] loop5: detected capacity change from 0 to 16949 [ 1003.032773][ T380] loop2: p1 p2 p3 p4 [ 1003.036979][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1003.043076][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1003.056985][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1003.063302][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1003.074760][T25532] loop2: p1 p2 p3 p4 10:16:03 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000680063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:03 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x40000800, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 1003.079025][T25532] loop2: p1 start 10 is beyond EOD, truncated [ 1003.085145][T25532] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1003.092913][T25532] loop2: p3 start 225 is beyond EOD, truncated [ 1003.099080][T25532] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1003.133268][T25558] loop3: detected capacity change from 0 to 264192 [ 1003.182568][T25560] loop3: detected capacity change from 0 to 264192 [ 1003.211811][T25563] loop2: detected capacity change from 0 to 1 [ 1003.250709][ T380] loop2: p1 p2 p3 p4 [ 1003.255073][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1003.261170][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1003.268718][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1003.274931][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1003.283345][T25563] loop2: p1 p2 p3 p4 [ 1003.287844][T25563] loop2: p1 start 10 is beyond EOD, truncated [ 1003.294085][T25563] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1003.301639][T25563] loop2: p3 start 225 is beyond EOD, truncated [ 1003.307780][T25563] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1003.315992][ T380] loop2: p1 p2 p3 p4 [ 1003.320050][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1003.326200][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1003.334022][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1003.340171][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1003.371724][T25563] loop2: detected capacity change from 0 to 1 [ 1003.410661][ T380] loop2: p1 p2 p3 p4 [ 1003.414749][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1003.420883][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1003.428410][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1003.434572][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1003.443012][T25563] loop2: p1 p2 p3 p4 [ 1003.447114][T25563] loop2: p1 start 10 is beyond EOD, truncated [ 1003.453253][T25563] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1003.460683][T25563] loop2: p3 start 225 is beyond EOD, truncated [ 1003.466833][T25563] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:04 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x10000000}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:04 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024008ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:04 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00000b000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:04 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x48000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:04 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000200000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:04 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0000006c0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1003.511332][ T380] loop2: p1 p2 p3 p4 [ 1003.515367][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1003.521460][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1003.528990][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1003.535166][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:04 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024018ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1003.601054][T25572] loop2: detected capacity change from 0 to 1 [ 1003.602545][T25573] loop5: detected capacity change from 0 to 16949 [ 1003.628152][T25572] loop2: p1 p2 p3 p4 [ 1003.643441][T25572] loop2: p1 start 10 is beyond EOD, truncated 10:16:04 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00000c000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:04 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024026ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1003.649535][T25572] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1003.667054][T25578] loop3: detected capacity change from 0 to 264192 [ 1003.718362][T25583] loop5: detected capacity change from 0 to 16949 [ 1003.719415][T25572] loop2: p3 start 225 is beyond EOD, truncated [ 1003.731174][T25572] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:04 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00000d000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:04 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024073ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1003.795118][T25578] loop3: detected capacity change from 0 to 264192 [ 1003.807626][T25572] loop2: detected capacity change from 0 to 1 10:16:04 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac00000000006300080000000000000002407effffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1003.876204][ T380] loop2: p1 p2 p3 p4 [ 1003.880277][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1003.886379][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1003.894632][T25592] loop5: detected capacity change from 0 to 16949 [ 1003.932628][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1003.938830][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1003.969188][T25572] loop2: p1 p2 p3 p4 [ 1003.973359][T25572] loop2: p1 start 10 is beyond EOD, truncated [ 1003.979619][T25572] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1003.988237][T25572] loop2: p3 start 225 is beyond EOD, truncated [ 1003.994489][T25572] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:05 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0x40000000}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:05 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac0000000000630008000000000000000240feffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:05 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x4c000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:05 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00000e000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:05 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000740063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:05 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000300000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1004.488298][T25604] loop2: detected capacity change from 0 to 1 [ 1004.495323][T25602] loop5: detected capacity change from 0 to 16949 10:16:05 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00000f000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:05 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82020000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:05 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82030000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1004.530848][T25604] loop2: p1 p2 p3 p4 [ 1004.535199][T25604] loop2: p1 start 10 is beyond EOD, truncated [ 1004.535253][T25600] loop3: detected capacity change from 0 to 264192 [ 1004.541379][T25604] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1004.563678][T25604] loop2: p3 start 225 is beyond EOD, truncated [ 1004.569869][T25604] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:05 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82040000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:05 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000410000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1004.608767][T25618] loop3: detected capacity change from 0 to 264192 [ 1004.612287][T25604] loop2: detected capacity change from 0 to 1 [ 1004.619810][T25617] loop5: detected capacity change from 0 to 16949 10:16:05 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82050000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1004.670848][T25604] loop2: p1 p2 p3 p4 [ 1004.674931][T25604] loop2: p1 start 10 is beyond EOD, truncated [ 1004.681038][T25604] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1004.707566][T25604] loop2: p3 start 225 is beyond EOD, truncated [ 1004.713787][T25604] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1004.723008][T25626] loop5: detected capacity change from 0 to 16949 [ 1004.752351][ T380] loop2: p1 p2 p3 p4 [ 1004.756417][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1004.762594][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1004.775777][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1004.781997][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:05 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0xc00e0000}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:05 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x68000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:05 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82080000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:05 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f002010000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:05 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0000007a0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:05 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000400000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1005.383462][T25635] loop2: detected capacity change from 0 to 1 [ 1005.392099][T25637] loop5: detected capacity change from 0 to 16949 [ 1005.410666][T25635] loop2: p1 p2 p3 p4 [ 1005.414799][T25635] loop2: p1 start 10 is beyond EOD, truncated [ 1005.420970][T25635] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:16:06 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82180000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1005.447130][T25635] loop2: p3 start 225 is beyond EOD, truncated [ 1005.451263][T25644] loop3: detected capacity change from 0 to 264192 [ 1005.453563][T25635] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:06 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000011000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1005.499386][T25644] loop3: detected capacity change from 0 to 264192 10:16:06 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82260000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:06 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000012000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:06 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82730000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:06 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x6c000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 1005.549024][T25649] loop5: detected capacity change from 0 to 16949 [ 1005.585000][T25635] loop2: detected capacity change from 0 to 1 [ 1005.658245][T25635] loop2: p1 p2 p3 p4 [ 1005.662973][T25635] loop2: p1 start 10 is beyond EOD, truncated [ 1005.669076][T25635] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1005.676277][T25662] loop5: detected capacity change from 0 to 16949 [ 1005.686049][T25663] loop3: detected capacity change from 0 to 264192 [ 1005.710579][T25635] loop2: p3 start 225 is beyond EOD, truncated [ 1005.716798][T25635] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1005.771542][ T380] loop2: p1 p2 p3 p4 [ 1005.775682][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1005.781788][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1005.794753][T25665] loop3: detected capacity change from 0 to 264192 [ 1005.799886][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1005.807426][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:06 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0xc08e0000}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:06 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff827e0000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:06 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000013000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:06 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac0000017b0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:06 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x74000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:06 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000500000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:06 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82fe0000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1006.299077][T25670] loop2: detected capacity change from 0 to 1 [ 1006.312730][T25677] loop5: detected capacity change from 0 to 16949 10:16:06 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000018000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:07 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82040200e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1006.376379][T25675] loop3: detected capacity change from 0 to 264192 [ 1006.389366][T25670] loop2: p1 p2 p3 p4 [ 1006.393782][T25670] loop2: p1 start 10 is beyond EOD, truncated [ 1006.399862][T25670] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1006.428533][T25670] loop2: p3 start 225 is beyond EOD, truncated [ 1006.434749][T25670] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1006.447896][T25687] loop5: detected capacity change from 0 to 16949 [ 1006.464293][T25688] loop3: detected capacity change from 0 to 264192 10:16:07 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000300e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:07 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00211a000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1006.541340][T25670] loop2: detected capacity change from 0 to 1 10:16:07 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82800300e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1006.598128][T25697] loop5: detected capacity change from 0 to 16949 [ 1006.610899][T25670] loop2: p1 p2 p3 p4 [ 1006.615098][T25670] loop2: p1 start 10 is beyond EOD, truncated [ 1006.621217][T25670] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1006.631128][T25670] loop2: p3 start 225 is beyond EOD, truncated [ 1006.637289][T25670] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1006.721908][ T380] loop2: p1 p2 p3 p4 [ 1006.725963][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1006.732090][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1006.740508][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1006.746807][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:07 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47, 0xffffff7f}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:07 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00601b000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:07 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82020400e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:07 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x7a000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:07 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acffffff800063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:07 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000600000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:07 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82060400e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1007.192754][T25708] loop2: detected capacity change from 0 to 1 [ 1007.196478][T25711] loop5: detected capacity change from 0 to 16949 10:16:07 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000020000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:07 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000500e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1007.262322][T25718] loop3: detected capacity change from 0 to 264192 [ 1007.296624][T25708] loop2: detected capacity change from 0 to 1 10:16:07 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82040600e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1007.318836][T25723] loop5: detected capacity change from 0 to 16949 [ 1007.344016][T25725] loop3: detected capacity change from 0 to 264192 10:16:07 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000890063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:08 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82001800e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1007.412665][T25732] loop2: detected capacity change from 0 to 1 [ 1007.471081][T25732] loop2: p1 p2 p3 p4 [ 1007.475388][T25732] loop2: p1 start 10 is beyond EOD, truncated [ 1007.481485][T25732] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1007.495120][T25732] loop2: p3 start 225 is beyond EOD, truncated [ 1007.501329][T25732] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1007.543885][T25732] loop2: detected capacity change from 0 to 1 [ 1007.580868][T25732] loop2: p1 p2 p3 p4 [ 1007.585019][T25732] loop2: p1 start 10 is beyond EOD, truncated [ 1007.591107][T25732] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1007.611056][T25732] loop2: p3 start 225 is beyond EOD, truncated [ 1007.617265][T25732] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1007.661584][ T380] loop2: p1 p2 p3 p4 [ 1007.665638][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1007.671707][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1007.679712][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1007.685897][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:08 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:08 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f001020000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:08 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82002000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:08 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x7b010000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:08 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acffffff8c0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:08 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000800000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:08 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82002600e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1008.081496][T25741] loop2: detected capacity change from 0 to 1 [ 1008.088241][T25745] loop5: detected capacity change from 0 to 16949 10:16:08 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82003f00e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1008.126084][T25739] loop3: detected capacity change from 0 to 264192 [ 1008.162537][T25754] loop3: detected capacity change from 0 to 264192 10:16:08 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f001a21000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:08 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82004000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:08 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82007300e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1008.192308][T25741] loop2: detected capacity change from 0 to 1 10:16:08 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xa1010000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 1008.247175][T25761] loop5: detected capacity change from 0 to 16949 [ 1008.306607][T25765] loop3: detected capacity change from 0 to 264192 [ 1008.386254][T25768] loop3: detected capacity change from 0 to 264192 10:16:09 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x2}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:09 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000003900063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:09 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82007e00e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:09 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000022000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:09 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xfdfdffff, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:09 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000c00000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:09 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82038000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1008.959354][T25772] loop5: detected capacity change from 0 to 16949 [ 1008.971887][T25778] loop2: detected capacity change from 0 to 1 10:16:09 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000025000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:09 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82fffe00e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1009.011053][T25778] loop2: p1 p2 p3 p4 [ 1009.018737][T25779] loop3: detected capacity change from 0 to 264192 [ 1009.027530][T25778] loop2: p1 start 10 is beyond EOD, truncated [ 1009.033673][T25778] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1009.072389][T25787] loop3: detected capacity change from 0 to 264192 [ 1009.107909][T25792] loop5: detected capacity change from 0 to 16949 [ 1009.115499][T25778] loop2: p3 start 225 is beyond EOD, truncated 10:16:09 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82feff00e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:09 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xfeffffff, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 1009.121675][T25778] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:09 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000200e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1009.164733][T25795] loop3: detected capacity change from 0 to 264192 [ 1009.175138][T25778] loop2: detected capacity change from 0 to 1 [ 1009.214304][ T380] loop2: p1 p2 p3 p4 [ 1009.214605][T25802] loop3: detected capacity change from 0 to 264192 [ 1009.218485][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1009.230971][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1009.251666][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1009.257849][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1009.272619][T25778] loop2: p1 p2 p3 p4 [ 1009.276786][T25778] loop2: p1 start 10 is beyond EOD, truncated [ 1009.282905][T25778] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1009.293152][T25778] loop2: p3 start 225 is beyond EOD, truncated [ 1009.299369][T25778] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:10 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x3}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:10 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00422d000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:10 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000300e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:10 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xff600000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:10 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac00000e930063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:10 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700001000000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:10 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000400e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1009.851483][T25809] loop2: detected capacity change from 0 to 1 [ 1009.858209][T25811] loop5: detected capacity change from 0 to 16949 [ 1009.891543][T25813] loop3: detected capacity change from 0 to 264192 10:16:10 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000500e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1009.905957][T25809] loop2: p1 p2 p3 p4 [ 1009.914054][T25809] loop2: p1 start 10 is beyond EOD, truncated [ 1009.920137][T25809] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1009.932257][T25821] loop3: detected capacity change from 0 to 264192 [ 1009.932814][T25811] EXT4-fs mount: 21 callbacks suppressed [ 1009.932826][T25811] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:10 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000800e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:10 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82001800e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1009.971019][T25809] loop2: p3 start 225 is beyond EOD, truncated [ 1009.977208][T25809] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:10 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00002e000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:10 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82002600e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1010.028737][T25809] loop2: detected capacity change from 0 to 1 [ 1010.106999][ T380] loop2: p1 p2 p3 p4 [ 1010.111186][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1010.117282][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1010.126804][T25833] loop5: detected capacity change from 0 to 16949 [ 1010.133506][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1010.139708][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1010.150674][T25833] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1010.161329][T25809] loop2: p1 p2 p3 p4 [ 1010.165461][T25809] loop2: p1 start 10 is beyond EOD, truncated [ 1010.171563][T25809] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1010.179290][T25809] loop2: p3 start 225 is beyond EOD, truncated [ 1010.185483][T25809] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1010.255377][ T380] loop2: p1 p2 p3 p4 [ 1010.266423][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1010.272556][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1010.285370][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1010.291628][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:11 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x4}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:11 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xfffffdfd, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:11 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82007300e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:11 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000032000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:11 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000002940063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:11 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700002600000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:11 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82007e00e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1010.729196][T25838] loop5: detected capacity change from 0 to 16949 [ 1010.740898][T25843] loop2: detected capacity change from 0 to 1 [ 1010.771552][T25843] loop2: p1 p2 p3 p4 [ 1010.775876][T25843] loop2: p1 start 10 is beyond EOD, truncated [ 1010.781975][T25843] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1010.792438][T25852] loop3: detected capacity change from 0 to 264192 [ 1010.810883][T25843] loop2: p3 start 225 is beyond EOD, truncated 10:16:11 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff8200fe00e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1010.811191][T25838] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1010.817081][T25843] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1010.860413][T25856] loop3: detected capacity change from 0 to 264192 10:16:11 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000402e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:11 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f004235000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1010.894699][T25843] loop2: detected capacity change from 0 to 1 [ 1010.960800][T25843] loop2: p1 p2 p3 p4 [ 1010.964887][T25843] loop2: p1 start 10 is beyond EOD, truncated [ 1010.971009][T25843] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1010.989621][T25863] loop5: detected capacity change from 0 to 16949 [ 1011.001602][T25843] loop2: p3 start 225 is beyond EOD, truncated 10:16:11 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000003e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:11 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00003f000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1011.007793][T25843] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1011.018755][T25863] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1011.168860][ T380] loop2: p1 p2 p3 p4 [ 1011.175081][T25868] loop5: detected capacity change from 0 to 16949 [ 1011.176170][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1011.187782][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1011.200194][T25868] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1011.214362][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1011.220585][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:12 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x7}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:12 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xfffffffe, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:12 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82008003e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:12 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac00000e940063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:12 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00023f000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:12 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700007100000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:12 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000204e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1011.619315][T25875] loop2: detected capacity change from 0 to 1 [ 1011.631897][T25881] loop5: detected capacity change from 0 to 16949 [ 1011.655873][T25881] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:12 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000040000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:12 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000604e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1011.690987][T25875] loop2: p1 p2 p3 p4 [ 1011.694993][T25884] loop3: detected capacity change from 0 to 264192 [ 1011.695176][T25875] loop2: p1 start 10 is beyond EOD, truncated [ 1011.707595][T25875] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1011.720974][T25875] loop2: p3 start 225 is beyond EOD, truncated [ 1011.727565][T25875] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1011.758078][T25890] loop5: detected capacity change from 0 to 16949 [ 1011.778851][T25890] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1011.796073][T25875] loop2: detected capacity change from 0 to 1 10:16:12 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f002d42000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1011.814428][T25894] loop3: detected capacity change from 0 to 264192 [ 1011.831067][T25875] loop2: p1 p2 p3 p4 [ 1011.835234][T25875] loop2: p1 start 10 is beyond EOD, truncated [ 1011.841336][T25875] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1011.856077][T25898] loop5: detected capacity change from 0 to 16949 10:16:12 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000005e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:12 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000406e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1011.857022][T25875] loop2: p3 start 225 is beyond EOD, truncated [ 1011.868680][T25875] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1011.891434][T25898] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1011.953395][ T380] loop2: p1 p2 p3 p4 [ 1011.959672][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1011.965785][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1011.973510][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1011.979728][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:13 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x8}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:13 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f003542000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:13 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac00000e950063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:13 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000018e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:13 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x1000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:13 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700007e00000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:13 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000020e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1012.500986][T25913] loop2: detected capacity change from 0 to 1 [ 1012.501264][T25912] loop5: detected capacity change from 0 to 16949 [ 1012.550631][T25913] loop2: p1 p2 p3 p4 [ 1012.554788][T25913] loop2: p1 start 10 is beyond EOD, truncated [ 1012.560946][T25913] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1012.576243][T25920] loop3: detected capacity change from 0 to 264192 [ 1012.586146][T25912] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:13 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000026e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1012.597025][T25913] loop2: p3 start 225 is beyond EOD, truncated [ 1012.603228][T25913] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:13 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff8200003fe10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:13 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000846000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1012.674760][T25920] loop3: detected capacity change from 0 to 264192 [ 1012.684620][T25913] loop2: detected capacity change from 0 to 1 10:16:13 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000040e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1012.740747][T25913] loop2: p1 p2 p3 p4 [ 1012.744866][T25913] loop2: p1 start 10 is beyond EOD, truncated [ 1012.750946][T25913] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1012.768569][T25930] loop5: detected capacity change from 0 to 16949 10:16:13 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000073e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1012.788186][T25913] loop2: p3 start 225 is beyond EOD, truncated [ 1012.788422][T25930] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1012.794442][T25913] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1012.818730][ T380] loop2: p1 p2 p3 p4 [ 1012.823042][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1012.829211][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1012.869595][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1012.875834][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:13 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x10}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:13 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000048000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:13 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x2000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:13 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff8200007ee10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:13 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac00000e960063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:13 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000402000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:14 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000380e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:14 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00004c000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1013.386413][T25944] loop2: detected capacity change from 0 to 1 [ 1013.389671][T25946] loop5: detected capacity change from 0 to 16949 [ 1013.412291][T25946] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:14 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff8200fffee10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1013.452098][T25944] loop2: p1 p2 p3 p4 [ 1013.459938][T25944] loop2: p1 start 10 is beyond EOD, truncated [ 1013.466071][T25944] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1013.484800][T25951] loop3: detected capacity change from 0 to 264192 [ 1013.518596][T25944] loop2: p3 start 225 is beyond EOD, truncated [ 1013.524847][T25944] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1013.539769][T25959] loop5: detected capacity change from 0 to 16949 10:16:14 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff8200feffe10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:14 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00024d000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:14 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000002e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1013.559025][T25959] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1013.569230][T25951] loop3: detected capacity change from 0 to 264192 [ 1013.590521][T25944] loop2: detected capacity change from 0 to 1 [ 1013.660885][T25944] loop2: p1 p2 p3 p4 [ 1013.664965][T25944] loop2: p1 start 10 is beyond EOD, truncated [ 1013.671064][T25944] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1013.691199][T25967] loop5: detected capacity change from 0 to 16949 [ 1013.701830][T25944] loop2: p3 start 225 is beyond EOD, truncated [ 1013.707997][T25944] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1013.728886][T25967] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1013.765091][ T380] loop2: p1 p2 p3 p4 [ 1013.769247][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1013.775552][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1013.783210][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1013.789403][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:14 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x300}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:14 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000003e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:14 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x80000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:14 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000252000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:14 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac00000e970063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:14 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000003000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:14 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000004e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1014.266619][T25975] loop2: detected capacity change from 0 to 1 [ 1014.281804][T25973] loop5: detected capacity change from 0 to 16949 [ 1014.302579][T25973] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:14 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000005e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1014.313394][T25975] loop2: p1 p2 p3 p4 [ 1014.317524][T25975] loop2: p1 start 10 is beyond EOD, truncated [ 1014.320632][T25979] loop3: detected capacity change from 0 to 264192 [ 1014.323652][T25975] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1014.350899][T25975] loop2: p3 start 225 is beyond EOD, truncated [ 1014.357082][T25975] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:15 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000253000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:15 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000008e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1014.427550][T25975] loop2: detected capacity change from 0 to 1 [ 1014.477792][T25991] loop3: detected capacity change from 0 to 264192 [ 1014.498060][T25995] loop5: detected capacity change from 0 to 16949 [ 1014.511511][T25975] loop2: p1 p2 p3 p4 [ 1014.515672][T25975] loop2: p1 start 10 is beyond EOD, truncated 10:16:15 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000018e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:15 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x700}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) [ 1014.521886][T25975] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1014.536706][T25995] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1014.543497][T25975] loop2: p3 start 225 is beyond EOD, truncated [ 1014.553468][T25975] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:15 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac00000e980063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:15 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000026e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1014.598845][ T380] loop2: p1 p2 p3 p4 [ 1014.603009][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1014.609092][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:16:15 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x60ffffffffff, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:15 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000060000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:15 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000073e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1014.670917][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1014.677110][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1014.738925][T26006] loop3: detected capacity change from 0 to 264192 [ 1014.749455][T26014] loop5: detected capacity change from 0 to 16949 [ 1014.768067][T26014] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1014.790625][T26011] loop2: detected capacity change from 0 to 1 [ 1014.891060][T26011] loop2: p1 p2 p3 p4 [ 1014.896931][T26018] loop3: detected capacity change from 0 to 264192 [ 1014.898968][T26011] loop2: p1 start 10 is beyond EOD, truncated [ 1014.909533][T26011] loop2: p2 size 1073872896 extends beyond EOD, truncated 10:16:15 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000204000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:15 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff8200007ee10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:15 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f001b60000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1014.940858][T26011] loop2: p3 start 225 is beyond EOD, truncated [ 1014.947067][T26011] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1014.964784][T26022] loop5: detected capacity change from 0 to 16949 10:16:15 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff820000fee10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:15 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x7fc7f456a000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:15 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000161000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1014.996956][T26022] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1015.011990][T26011] loop2: detected capacity change from 0 to 1 [ 1015.081410][T26011] loop2: p1 p2 p3 p4 [ 1015.085494][T26011] loop2: p1 start 10 is beyond EOD, truncated [ 1015.088262][T26029] loop3: detected capacity change from 0 to 264192 [ 1015.091643][T26011] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1015.113803][T26032] loop5: detected capacity change from 0 to 16949 [ 1015.133418][T26011] loop2: p3 start 225 is beyond EOD, truncated [ 1015.139604][T26011] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1015.155154][T26032] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1015.174855][T26035] loop3: detected capacity change from 0 to 264192 [ 1015.233631][ T380] loop2: p1 p2 p3 p4 [ 1015.237807][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1015.244015][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1015.265843][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1015.272057][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:16 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0xec0}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:16 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10200008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:16 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000068000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:16 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000001a10063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:16 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x7fc7f476a000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:16 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10300008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1015.464178][T26043] loop2: detected capacity change from 0 to 1 [ 1015.472802][T26044] loop5: detected capacity change from 0 to 16949 [ 1015.499443][T26044] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:16 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000604000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1015.520927][T26043] loop2: p1 p2 p3 p4 [ 1015.525106][T26043] loop2: p1 start 10 is beyond EOD, truncated [ 1015.531293][T26043] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1015.538630][T26052] loop3: detected capacity change from 0 to 264192 10:16:16 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10400008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:16 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00016a000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:16 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10500008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1015.583469][T26043] loop2: p3 start 225 is beyond EOD, truncated [ 1015.589702][T26043] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:16 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10800008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1015.669663][T26063] loop5: detected capacity change from 0 to 16949 [ 1015.677424][T26043] loop2: detected capacity change from 0 to 1 10:16:16 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e11800008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1015.710897][ T380] loop2: p1 p2 p3 p4 [ 1015.717180][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1015.723284][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1015.724098][T26063] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1015.739914][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1015.747183][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1015.762993][T26052] loop3: detected capacity change from 0 to 264192 [ 1015.795917][T26043] loop2: p1 p2 p3 p4 [ 1015.800111][T26043] loop2: p1 start 10 is beyond EOD, truncated [ 1015.806229][T26043] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1015.813793][T26043] loop2: p3 start 225 is beyond EOD, truncated [ 1015.819962][T26043] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1015.841775][ T380] loop2: p1 p2 p3 p4 [ 1015.845807][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1015.851907][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1015.862258][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1015.868434][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:16 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x2000}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:16 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00026a000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:16 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e12600008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:16 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x1000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:16 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acffffffa10063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:16 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000005000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:16 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e17300008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1016.345640][T26074] loop2: detected capacity change from 0 to 1 [ 1016.348678][T26077] loop5: detected capacity change from 0 to 16949 [ 1016.379069][T26079] loop3: detected capacity change from 0 to 264192 [ 1016.398295][T26077] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:17 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00016b000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:17 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e17e00008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1016.452118][T26074] loop2: detected capacity change from 0 to 1 [ 1016.473711][T26088] loop3: detected capacity change from 0 to 264192 10:16:17 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e1fe00008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:17 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acffffffc90063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1016.538366][T26093] loop5: detected capacity change from 0 to 16949 [ 1016.575221][T26093] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:17 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00026b000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1016.593899][T26098] loop2: detected capacity change from 0 to 1 [ 1016.660593][T26101] loop5: detected capacity change from 0 to 16949 [ 1016.681779][T26101] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1016.703783][T26098] loop2: detected capacity change from 0 to 1 10:16:17 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x4000}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:17 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10402008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:17 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x20002000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:17 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00006c000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:17 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000011d20063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:17 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000006000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1017.230020][T26112] loop2: detected capacity change from 0 to 1 [ 1017.238314][T26113] loop5: detected capacity change from 0 to 16949 [ 1017.249316][T26113] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:17 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10003008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:17 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00026c000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1017.274278][T26115] loop3: detected capacity change from 0 to 264192 [ 1017.280982][T26112] loop2: p1 p2 p3 p4 [ 1017.285262][T26112] loop2: p1 start 10 is beyond EOD, truncated [ 1017.291356][T26112] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1017.301542][T26112] loop2: p3 start 225 is beyond EOD, truncated [ 1017.307714][T26112] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:17 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e18003008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:18 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00026d000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:18 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10204008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1017.350504][T26122] loop5: detected capacity change from 0 to 16949 [ 1017.372694][T26122] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:18 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10604008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1017.453215][T26112] loop2: detected capacity change from 0 to 1 [ 1017.468424][T26131] loop5: detected capacity change from 0 to 16949 [ 1017.477719][T26133] loop3: detected capacity change from 0 to 264192 [ 1017.501042][ T380] loop2: p1 p2 p3 p4 [ 1017.505907][T26131] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1017.516705][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1017.522905][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1017.544220][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1017.550422][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1017.594071][T26112] loop2: p1 p2 p3 p4 [ 1017.598225][T26112] loop2: p1 start 10 is beyond EOD, truncated [ 1017.604373][T26112] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1017.629647][T26112] loop2: p3 start 225 is beyond EOD, truncated [ 1017.635953][T26112] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1017.687874][ T380] loop2: p1 p2 p3 p4 [ 1017.696140][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1017.702348][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1017.712869][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1017.719045][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:18 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x8ec0}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:18 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10005008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:18 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000074000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:18 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x40000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:18 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acffffffe40063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:18 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000406000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:18 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10406008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1018.100351][T26141] loop5: detected capacity change from 0 to 16949 [ 1018.108536][T26144] loop2: detected capacity change from 0 to 1 [ 1018.136992][T26141] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:18 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00007a000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:18 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10018008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1018.190295][T26154] loop3: detected capacity change from 0 to 264192 [ 1018.198795][T26144] loop2: detected capacity change from 0 to 1 [ 1018.220859][T26158] loop5: detected capacity change from 0 to 16949 10:16:18 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000000ec0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1018.278282][T26158] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1018.316682][T26165] loop2: detected capacity change from 0 to 1 10:16:18 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000192000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:18 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10020008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1018.332426][T26166] loop3: detected capacity change from 0 to 264192 [ 1018.397958][T26165] loop2: p1 p2 p3 p4 [ 1018.398843][T26171] loop5: detected capacity change from 0 to 16949 [ 1018.402358][T26165] loop2: p1 start 10 is beyond EOD, truncated [ 1018.414507][T26165] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1018.423994][T26165] loop2: p3 start 225 is beyond EOD, truncated [ 1018.430187][T26165] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1018.440869][T26171] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1018.507146][T26165] loop2: detected capacity change from 0 to 1 [ 1018.550849][ T380] loop2: p1 p2 p3 p4 [ 1018.554986][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1018.561076][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1018.569002][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1018.575182][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1018.584109][T26165] loop2: p1 p2 p3 p4 [ 1018.588205][T26165] loop2: p1 start 10 is beyond EOD, truncated [ 1018.594300][T26165] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1018.602038][T26165] loop2: p3 start 225 is beyond EOD, truncated [ 1018.608221][T26165] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1018.661054][ T380] loop2: p1 p2 p3 p4 [ 1018.665184][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1018.671350][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1018.679027][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1018.685217][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:19 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xa056f4c77f0000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:19 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10026008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:19 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000193000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:19 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0xc00e}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:19 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acfffffff60063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:19 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff070000000c000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:19 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e1003f008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1018.985693][T26178] loop2: detected capacity change from 0 to 1 [ 1018.991249][T26182] loop5: detected capacity change from 0 to 16949 [ 1019.020402][T26182] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:19 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000194000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:19 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10040008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1019.050298][T26188] loop3: detected capacity change from 0 to 264192 10:16:19 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10073008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1019.118288][T26178] loop2: detected capacity change from 0 to 1 [ 1019.136039][T26194] loop5: detected capacity change from 0 to 16949 [ 1019.143233][T26196] loop3: detected capacity change from 0 to 264192 10:16:19 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000001f80063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:19 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e1007e008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1019.203784][T26194] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:19 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xa076f4c77f0000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:19 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000294000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1019.270546][T26206] loop2: detected capacity change from 0 to 1 [ 1019.320905][T26206] loop2: p1 p2 p3 p4 [ 1019.329489][T26206] loop2: p1 start 10 is beyond EOD, truncated [ 1019.335602][T26206] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1019.344086][T26208] loop5: detected capacity change from 0 to 16949 [ 1019.368857][T26208] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1019.387382][T26206] loop2: p3 start 225 is beyond EOD, truncated [ 1019.393602][T26206] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1019.404464][T26210] loop3: detected capacity change from 0 to 264192 [ 1019.482516][T26206] loop2: detected capacity change from 0 to 1 [ 1019.534046][T26213] loop3: detected capacity change from 0 to 264192 [ 1019.540739][T26206] loop2: p1 p2 p3 p4 [ 1019.544810][T26206] loop2: p1 start 10 is beyond EOD, truncated [ 1019.550958][T26206] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1019.562651][T26206] loop2: p3 start 225 is beyond EOD, truncated [ 1019.568826][T26206] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1019.651787][ T380] loop2: p1 p2 p3 p4 [ 1019.655827][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1019.661954][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1019.673066][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1019.679255][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:20 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0xc08e}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:20 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10380008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:20 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000195000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:20 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xd0ff2000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:20 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acfffffffb0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:20 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000810000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:20 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e1fffe008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1019.891071][T26224] loop2: detected capacity change from 0 to 1 [ 1019.901982][T26219] loop3: detected capacity change from 0 to 264192 [ 1019.920961][T26227] loop5: detected capacity change from 0 to 16949 10:16:20 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e1feff008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1019.970161][T26227] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1020.011588][T26224] loop2: detected capacity change from 0 to 1 10:16:20 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acfffffdfd0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1020.075509][T26235] loop3: detected capacity change from 0 to 264192 10:16:20 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10002008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:20 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000295000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:20 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10003008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1020.202411][T26242] loop2: detected capacity change from 0 to 1 [ 1020.221188][T26244] loop5: detected capacity change from 0 to 16949 [ 1020.291487][T26244] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1020.312322][T26242] loop2: detected capacity change from 0 to 1 10:16:21 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x40000}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:21 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10004008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:21 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xf0ff1f00000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:21 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00029e000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:21 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acfffffffe0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:21 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000020000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1020.759334][T26251] loop5: detected capacity change from 0 to 16949 [ 1020.780909][T26257] loop2: detected capacity change from 0 to 1 [ 1020.794230][T26248] loop3: detected capacity change from 0 to 264192 10:16:21 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10005008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:21 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10008008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1020.801542][T26251] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:21 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0001ac000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:21 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10018008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1020.841611][T26257] loop2: detected capacity change from 0 to 1 10:16:21 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac00000fff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:21 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10026008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1020.892557][T26267] loop3: detected capacity change from 0 to 264192 [ 1020.914987][T26271] loop5: detected capacity change from 0 to 16949 [ 1020.963475][T26271] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1020.986124][T26275] loop2: detected capacity change from 0 to 1 [ 1021.031691][ T380] loop2: p1 p2 p3 p4 [ 1021.035750][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1021.041836][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1021.049385][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1021.055643][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1021.071432][T26275] loop2: p1 p2 p3 p4 [ 1021.075466][T26275] loop2: p1 start 10 is beyond EOD, truncated [ 1021.081577][T26275] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1021.090922][T26275] loop2: p3 start 225 is beyond EOD, truncated [ 1021.097213][T26275] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1021.142958][T26275] loop2: detected capacity change from 0 to 1 [ 1021.180932][T26275] loop2: p1 p2 p3 p4 [ 1021.185202][T26275] loop2: p1 start 10 is beyond EOD, truncated [ 1021.191323][T26275] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1021.214271][T26275] loop2: p3 start 225 is beyond EOD, truncated [ 1021.220486][T26275] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 1021.263776][ T380] loop2: p1 p2 p3 p4 [ 1021.273263][ T380] loop2: p1 start 10 is beyond EOD, truncated [ 1021.279355][ T380] loop2: p2 size 1073872896 extends beyond EOD, truncated [ 1021.295004][ T380] loop2: p3 start 225 is beyond EOD, truncated [ 1021.301235][ T380] loop2: p4 size 3657465856 extends beyond EOD, truncated 10:16:22 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x200000}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:22 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0001ad000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:22 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x100000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:22 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10073008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:22 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acffffefff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:22 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000026000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:22 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e1007e008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1021.645289][T26285] loop5: detected capacity change from 0 to 16949 [ 1021.651517][T26287] loop2: detected capacity change from 0 to 1 10:16:22 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e100fe008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:22 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10004028877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:22 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000038877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1021.686339][T26285] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1021.714276][T26297] loop3: detected capacity change from 0 to 264192 10:16:22 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10080038877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:22 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0001b2000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1021.762459][T26287] loop2: detected capacity change from 0 to 1 [ 1021.798849][T26306] loop3: detected capacity change from 0 to 264192 [ 1021.828815][T26309] loop5: detected capacity change from 0 to 16949 [ 1021.865152][T26309] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:23 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x1000000}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:23 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10002048877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:23 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac00e0ffff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:23 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0001c0000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:23 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x200000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:23 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff070000003f000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:23 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10006048877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1022.540719][T26316] loop2: detected capacity change from 0 to 1 [ 1022.550111][T26319] loop5: detected capacity change from 0 to 16949 10:16:23 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000058877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:23 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0003ce000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1022.591520][T26326] loop3: detected capacity change from 0 to 264192 [ 1022.608094][T26319] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1022.626438][T26316] loop2: detected capacity change from 0 to 1 10:16:23 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10004068877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:23 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acffefffff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:23 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000188877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1022.687985][T26336] loop3: detected capacity change from 0 to 264192 [ 1022.719791][T26339] loop5: detected capacity change from 0 to 16949 [ 1022.767101][T26345] loop2: detected capacity change from 0 to 1 [ 1022.781162][T26339] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:23 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x2000000}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:23 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000208877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:23 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x204000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:23 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00c0ed000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:23 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acfdfdffff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:23 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000040000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1023.408749][T26353] loop2: detected capacity change from 0 to 1 [ 1023.415658][T26348] loop5: detected capacity change from 0 to 16949 10:16:24 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000268877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:24 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e100003f8877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1023.452123][T26356] loop3: detected capacity change from 0 to 264192 [ 1023.460300][T26348] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:24 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000408877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:24 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0001f8000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:24 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000738877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1023.513770][T26365] loop3: detected capacity change from 0 to 264192 [ 1023.542407][T26353] loop2: detected capacity change from 0 to 1 10:16:24 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e100007e8877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1023.620658][T26374] loop5: detected capacity change from 0 to 16949 [ 1023.654080][T26374] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 10:16:24 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x3000000}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:24 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac7fffffff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:24 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x300000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:24 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10003808877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:24 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00fffe000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:24 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000071000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:24 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e100fffe8877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1024.303373][T26390] loop2: detected capacity change from 0 to 1 [ 1024.303597][T26387] loop5: detected capacity change from 0 to 16949 [ 1024.342861][T26389] loop3: detected capacity change from 0 to 264192 10:16:25 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e100feff8877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:25 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000fff000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1024.391610][T26387] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1024.404300][T26390] loop2: detected capacity change from 0 to 1 [ 1024.412995][T26399] loop3: detected capacity change from 0 to 264192 10:16:25 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000028877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:25 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac80ffffff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:25 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000038877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1024.525462][T26407] loop5: detected capacity change from 0 to 16949 [ 1024.552719][T26407] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1024.586566][T26410] loop2: detected capacity change from 0 to 1 [ 1024.682205][T26410] loop2: detected capacity change from 0 to 1 10:16:25 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x4000000}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:25 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00feff000000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:25 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x400000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:25 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000048877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:25 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac8cffffff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:25 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff070000007e000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:25 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000058877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1025.185107][T26417] loop2: detected capacity change from 0 to 1 [ 1025.202079][T26423] loop5: detected capacity change from 0 to 16949 [ 1025.247368][T26423] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1025.275470][T26430] loop3: detected capacity change from 0 to 264192 10:16:25 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000088877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:25 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00ffff030000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:25 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000188877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1025.301430][T26417] loop2: detected capacity change from 0 to 1 10:16:25 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45aca1ffffff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1025.360292][T26430] loop3: detected capacity change from 0 to 264192 [ 1025.378030][T26436] loop5: detected capacity change from 0 to 16949 10:16:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000268877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1025.406513][T26436] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 1025.416684][T26436] EXT4-fs (loop5): group descriptors corrupted! [ 1025.456230][T26440] loop2: detected capacity change from 0 to 1 [ 1025.572573][T26440] loop2: detected capacity change from 0 to 1 10:16:26 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x7000000}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:26 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x500000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000738877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:26 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000040000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:26 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acc9ffffff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:26 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000880000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e100007e8877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1026.075298][T26449] loop2: detected capacity change from 0 to 1 [ 1026.083298][T26452] loop5: detected capacity change from 0 to 16949 [ 1026.096500][T26452] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 1026.106605][T26452] EXT4-fs (loop5): group descriptors corrupted! 10:16:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000fe8877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:26 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000080000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e1000000881b007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1026.143050][T26459] loop3: detected capacity change from 0 to 264192 [ 1026.182586][T26449] loop2: detected capacity change from 0 to 1 10:16:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877027200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1026.206195][T26464] loop5: detected capacity change from 0 to 16949 [ 1026.220841][T26459] loop3: detected capacity change from 0 to 264192 [ 1026.234985][T26464] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 1026.245110][T26464] EXT4-fs (loop5): group descriptors corrupted! 10:16:26 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877037200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:27 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x8000000}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:27 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x600000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:27 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000000c0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:27 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ace4ffffff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:27 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877047200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:27 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff070000fdef000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:27 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877057200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1026.973947][T26477] loop2: detected capacity change from 0 to 1 [ 1026.978024][T26479] loop5: detected capacity change from 0 to 16949 [ 1027.004018][T26479] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 1027.014155][T26479] EXT4-fs (loop5): group descriptors corrupted! 10:16:27 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877087200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:27 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877187200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1027.045815][T26489] loop3: detected capacity change from 0 to 264192 [ 1027.082724][T26477] loop2: detected capacity change from 0 to 1 10:16:27 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00ffff1f0000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:27 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877267200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1027.111070][T26489] loop3: detected capacity change from 0 to 264192 [ 1027.135339][T26497] loop5: detected capacity change from 0 to 16949 10:16:27 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877737200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1027.179194][T26497] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 1027.189325][T26497] EXT4-fs (loop5): group descriptors corrupted! 10:16:28 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x10000000}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:28 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acf6ffffff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:28 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x604000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:28 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e100000088777e7200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:28 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f00ffffe00000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:28 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff070000effd000063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:28 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877fe7200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1027.875693][T26512] loop5: detected capacity change from 0 to 16949 [ 1027.884480][T26513] loop2: detected capacity change from 0 to 1 [ 1027.894050][T26512] EXT4-fs (loop5): bad geometry: first data block 224 is beyond end of filesystem (64) 10:16:28 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007202300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:28 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000100000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:28 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007203300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1027.944581][T26519] loop3: detected capacity change from 0 to 264192 [ 1027.961598][T26513] loop2: detected capacity change from 0 to 1 10:16:28 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007204300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:28 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acfbffffff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1028.003355][T26526] loop5: detected capacity change from 0 to 16949 [ 1028.014423][T26519] loop3: detected capacity change from 0 to 264192 [ 1028.029091][T26526] EXT4-fs (loop5): bad geometry: first data block 256 is beyond end of filesystem (64) [ 1028.085077][T26531] loop2: detected capacity change from 0 to 1 [ 1028.231947][T26531] loop2: detected capacity change from 0 to 1 10:16:29 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0x40000000}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:29 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000200000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:29 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007205300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:29 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x700000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:29 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45acfeffffff0063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:29 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000200063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1028.745337][T26538] loop2: detected capacity change from 0 to 1 [ 1028.753484][T26543] loop5: detected capacity change from 0 to 16949 [ 1028.783452][T26541] loop3: detected capacity change from 0 to 264192 10:16:29 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007208300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:29 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007218300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:29 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007226300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1028.791970][T26543] EXT4-fs (loop5): bad geometry: first data block 512 is beyond end of filesystem (64) [ 1028.820246][T26548] loop3: detected capacity change from 0 to 264192 10:16:29 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x800000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:29 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000040200000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1028.871920][T26538] loop2: detected capacity change from 0 to 1 10:16:29 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007273300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1028.914215][T26556] loop5: detected capacity change from 0 to 16949 [ 1028.935039][T26559] loop3: detected capacity change from 0 to 264192 [ 1028.948974][T26556] EXT4-fs (loop5): bad geometry: first data block 516 is beyond end of filesystem (64) [ 1029.057057][T26563] loop3: detected capacity change from 0 to 264192 10:16:30 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e1000000887700727e300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:30 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000200000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:30 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000300000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:30 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x900000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:30 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0xc00e0000}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:30 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700007ffff00063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:30 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e100000088770072fe300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1029.633892][T26566] loop2: detected capacity change from 0 to 1 [ 1029.643756][T26576] loop5: detected capacity change from 0 to 16949 [ 1029.656505][T26576] EXT4-fs (loop5): bad geometry: first data block 768 is beyond end of filesystem (64) [ 1029.669407][T26568] loop3: detected capacity change from 0 to 264192 10:16:30 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300500a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:30 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000400000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:30 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300800a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1029.729289][T26566] loop2: detected capacity change from 0 to 1 [ 1029.763030][T26585] loop5: detected capacity change from 0 to 16949 10:16:30 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000300000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:30 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300f00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:30 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200301000a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1029.784896][T26588] loop3: detected capacity change from 0 to 264192 [ 1029.807290][T26585] EXT4-fs (loop5): bad geometry: first data block 1024 is beyond end of filesystem (64) 10:16:30 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200301100a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:30 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xa00000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:30 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000500000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1029.881221][T26595] loop2: detected capacity change from 0 to 1 [ 1029.929615][T26602] loop5: detected capacity change from 0 to 16949 [ 1029.939367][T26598] loop3: detected capacity change from 0 to 264192 [ 1029.948593][T26602] EXT4-fs (loop5): bad geometry: first data block 1280 is beyond end of filesystem (64) [ 1029.992060][T26595] loop2: detected capacity change from 0 to 1 [ 1030.002542][T26603] loop3: detected capacity change from 0 to 264192 10:16:31 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0xc08e0000}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:31 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200301200a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:31 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000600000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:31 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xb00000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:31 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000400000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:31 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000000163000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:31 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200301500a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1030.501046][T26607] loop5: detected capacity change from 0 to 16949 [ 1030.510717][T26611] loop2: detected capacity change from 0 to 1 [ 1030.521677][T26607] EXT4-fs (loop5): bad geometry: first data block 1536 is beyond end of filesystem (64) 10:16:31 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200301600a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:31 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000040600000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1030.569500][T26616] loop3: detected capacity change from 0 to 264192 [ 1030.591143][T26611] loop2: detected capacity change from 0 to 1 10:16:31 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200301700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1030.618236][T26622] loop3: detected capacity change from 0 to 264192 [ 1030.618945][T26623] loop5: detected capacity change from 0 to 16949 10:16:31 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000500000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:31 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xc00000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 1030.667981][T26623] EXT4-fs (loop5): bad geometry: first data block 1540 is beyond end of filesystem (64) [ 1030.731166][T26631] loop2: detected capacity change from 0 to 1 [ 1030.802184][T26631] loop2: detected capacity change from 0 to 1 [ 1030.828809][T26633] loop3: detected capacity change from 0 to 264192 [ 1030.936130][T26635] loop3: detected capacity change from 0 to 264192 10:16:31 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000700000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:31 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200301800a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:31 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000600000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:31 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}, 0xffffff7f}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:31 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xd00000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:31 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000000263000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:32 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200301900a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1031.389185][T26643] loop2: detected capacity change from 0 to 1 [ 1031.396713][T26639] loop5: detected capacity change from 0 to 16949 [ 1031.416713][T26639] EXT4-fs (loop5): bad geometry: first data block 1792 is beyond end of filesystem (64) [ 1031.417756][T26640] loop3: detected capacity change from 0 to 264192 10:16:32 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200301b00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:32 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000800000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:32 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200302100a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:32 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000700000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1031.511723][T26643] loop2: detected capacity change from 0 to 1 [ 1031.531556][T26656] loop3: detected capacity change from 0 to 264192 [ 1031.534988][T26658] loop5: detected capacity change from 0 to 16949 [ 1031.546633][T26658] EXT4-fs (loop5): bad geometry: first data block 2048 is beyond end of filesystem (64) 10:16:32 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200302200a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:32 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200302300a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:32 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xe00000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 1031.588948][T26662] loop2: detected capacity change from 0 to 1 [ 1031.662707][T26662] loop2: detected capacity change from 0 to 1 [ 1031.683745][T26667] loop3: detected capacity change from 0 to 264192 [ 1031.722517][T26670] loop3: detected capacity change from 0 to 264192 10:16:32 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:32 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000900000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:32 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200302400a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:32 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000800000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:32 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x1000000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:32 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000040263000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:32 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200302500a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1032.268800][T26675] loop2: detected capacity change from 0 to 1 [ 1032.286818][T26681] loop5: detected capacity change from 0 to 16949 [ 1032.303413][T26680] loop3: detected capacity change from 0 to 264192 10:16:32 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200302600a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1032.323863][T26681] EXT4-fs (loop5): bad geometry: first data block 2304 is beyond end of filesystem (64) 10:16:32 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200302700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1032.373360][T26675] loop2: detected capacity change from 0 to 1 10:16:33 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000a00000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:33 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000900000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:33 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200302800a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1032.432604][T26694] loop3: detected capacity change from 0 to 264192 [ 1032.449943][T26696] loop5: detected capacity change from 0 to 16949 [ 1032.477813][T26696] EXT4-fs (loop5): bad geometry: first data block 2560 is beyond end of filesystem (64) [ 1032.493519][T26698] loop2: detected capacity change from 0 to 1 [ 1032.598679][T26698] loop2: detected capacity change from 0 to 1 10:16:33 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200302900a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:33 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x1100000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:33 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000b00000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:33 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x2, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:33 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000000363000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:33 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000a00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1033.154813][T26710] loop2: detected capacity change from 0 to 1 [ 1033.155315][T26711] loop5: detected capacity change from 0 to 16949 [ 1033.189248][T26711] EXT4-fs (loop5): bad geometry: first data block 2816 is beyond end of filesystem (64) 10:16:33 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200302b00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1033.194346][T26705] loop3: detected capacity change from 0 to 264192 10:16:33 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200302c00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:33 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000c00000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1033.259001][T26710] loop2: detected capacity change from 0 to 1 [ 1033.265507][T26718] loop3: detected capacity change from 0 to 264192 10:16:33 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200302d00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:33 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000b00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1033.304739][T26722] loop5: detected capacity change from 0 to 16949 [ 1033.332212][T26722] EXT4-fs (loop5): bad geometry: first data block 3072 is beyond end of filesystem (64) 10:16:33 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200302e00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:34 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200302f00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1033.390949][T26728] loop2: detected capacity change from 0 to 1 10:16:34 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x1200000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 1033.509039][T26734] loop3: detected capacity change from 0 to 264192 [ 1033.521476][T26728] loop2: detected capacity change from 0 to 1 [ 1033.552630][T26736] loop3: detected capacity change from 0 to 264192 10:16:34 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x3, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:34 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000d00000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:34 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200303000a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:34 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000c00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:34 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x2000000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:34 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000000463000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:34 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200303300a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1034.057328][T26745] loop2: detected capacity change from 0 to 1 [ 1034.058219][T26747] loop5: detected capacity change from 0 to 16949 [ 1034.083972][T26747] EXT4-fs (loop5): bad geometry: first data block 3328 is beyond end of filesystem (64) 10:16:34 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200303800a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:34 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000e00000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1034.124254][T26753] loop3: detected capacity change from 0 to 264192 [ 1034.162602][T26745] loop2: detected capacity change from 0 to 1 10:16:34 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200303c00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:34 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000d00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:34 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200303d00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1034.185555][T26757] loop3: detected capacity change from 0 to 264192 [ 1034.193543][T26760] loop5: detected capacity change from 0 to 16949 [ 1034.208923][T26760] EXT4-fs (loop5): bad geometry: first data block 3584 is beyond end of filesystem (64) [ 1034.310681][T26768] loop2: detected capacity change from 0 to 1 [ 1034.413052][T26768] loop2: detected capacity change from 0 to 1 10:16:35 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x4, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:35 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200303e00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:35 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000f00000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:35 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x3f00000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:35 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000e00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:35 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000000563000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:35 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200304100a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1034.956147][T26777] loop5: detected capacity change from 0 to 16949 [ 1034.960733][T26779] loop2: detected capacity change from 0 to 1 [ 1034.972102][T26777] EXT4-fs (loop5): bad geometry: first data block 3840 is beyond end of filesystem (64) 10:16:35 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000001000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:35 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200304200a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1035.041983][T26776] loop3: detected capacity change from 0 to 264192 [ 1035.042363][T26779] loop2: detected capacity change from 0 to 1 [ 1035.074776][T26788] loop5: detected capacity change from 0 to 16949 10:16:35 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200304300a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:35 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac000f00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1035.095045][T26791] loop3: detected capacity change from 0 to 264192 [ 1035.102920][T26788] EXT4-fs (loop5): bad geometry: first data block 4096 is beyond end of filesystem (64) 10:16:35 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200304400a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1035.219216][T26795] loop2: detected capacity change from 0 to 1 10:16:36 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x7, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:36 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000041000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:36 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x4000000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:36 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200304500a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:36 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac001000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:36 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000000663000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:36 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200304600a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1035.828847][T26804] loop5: detected capacity change from 0 to 16949 [ 1035.841425][T26809] loop2: detected capacity change from 0 to 1 [ 1035.857781][T26804] EXT4-fs (loop5): bad geometry: first data block 4100 is beyond end of filesystem (64) 10:16:36 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200304700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1035.884695][T26812] loop3: detected capacity change from 0 to 264192 10:16:36 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000001100000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:36 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200304800a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1035.952319][T26809] loop2: detected capacity change from 0 to 1 [ 1035.971543][T26820] loop5: detected capacity change from 0 to 16949 [ 1035.982724][T26812] loop3: detected capacity change from 0 to 264192 [ 1035.990074][T26820] EXT4-fs (loop5): bad geometry: first data block 4352 is beyond end of filesystem (64) 10:16:36 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200304900a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:36 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac001100000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1036.044308][T26808] ================================================================== [ 1036.052422][T26808] BUG: KCSAN: data-race in io_clean_op / io_wq_free_work [ 1036.059450][T26808] [ 1036.061773][T26808] write to 0xffff888130ee2f58 of 4 bytes by task 26806 on cpu 1: [ 1036.069517][T26808] io_clean_op+0x3aa/0x3e0 [ 1036.073931][T26808] io_req_task_complete+0xb2/0x1e0 [ 1036.079056][T26808] tctx_task_work+0x275/0x4d0 [ 1036.083740][T26808] task_work_run+0xae/0x130 [ 1036.088243][T26808] exit_to_user_mode_prepare+0xf8/0x190 [ 1036.093790][T26808] syscall_exit_to_user_mode+0x20/0x40 [ 1036.099248][T26808] do_syscall_64+0x50/0xa0 [ 1036.103664][T26808] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1036.109562][T26808] [ 1036.111872][T26808] read to 0xffff888130ee2f58 of 4 bytes by task 26808 on cpu 0: [ 1036.119513][T26808] io_wq_free_work+0x1e/0xd0 [ 1036.124135][T26808] io_worker_handle_work+0x7e2/0xa20 [ 1036.129423][T26808] io_wqe_worker+0x1b9/0x540 [ 1036.134010][T26808] ret_from_fork+0x1f/0x30 [ 1036.138421][T26808] [ 1036.140733][T26808] value changed: 0x008c0102 -> 0x00890102 [ 1036.146439][T26808] [ 1036.148748][T26808] Reported by Kernel Concurrency Sanitizer on: [ 1036.154881][T26808] CPU: 0 PID: 26808 Comm: iou-wrk-26806 Not tainted 5.15.0-rc6-syzkaller #0 [ 1036.163575][T26808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1036.173626][T26808] ================================================================== [ 1036.228347][T26827] loop2: detected capacity change from 0 to 1 10:16:37 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x8, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:37 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000001200000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:37 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200304a00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:37 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x4000080000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:37 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac001200000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:37 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000040663000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:37 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200304b00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:37 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200304c00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1036.725239][T26834] loop2: detected capacity change from 0 to 1 [ 1036.739941][T26838] loop5: detected capacity change from 0 to 16949 [ 1036.749081][T26838] EXT4-fs (loop5): bad geometry: first data block 4608 is beyond end of filesystem (64) [ 1036.758145][T26830] loop3: detected capacity change from 0 to 264192 10:16:37 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000001300000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:37 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200304d00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:37 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac001c00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1036.822036][T26834] loop2: detected capacity change from 0 to 1 [ 1036.851070][T26848] loop5: detected capacity change from 0 to 16949 [ 1036.862086][T26848] EXT4-fs (loop5): bad geometry: first data block 4864 is beyond end of filesystem (64) 10:16:37 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200304e00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1036.894900][T26852] loop3: detected capacity change from 0 to 264192 [ 1036.901729][T26854] loop2: detected capacity change from 0 to 1 [ 1037.011280][T26854] loop2: detected capacity change from 0 to 1 10:16:38 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x10, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:38 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000001800000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:38 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200304f00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:38 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x4800000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:38 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000000863000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:38 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac002200000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:38 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200305000a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1037.617325][T26866] loop2: detected capacity change from 0 to 1 [ 1037.622181][T26869] loop5: detected capacity change from 0 to 16949 [ 1037.650788][T26869] EXT4-fs (loop5): bad geometry: first data block 6144 is beyond end of filesystem (64) 10:16:38 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200305100a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1037.662390][T26862] loop3: detected capacity change from 0 to 264192 10:16:38 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000211a00000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1037.712536][T26866] loop2: detected capacity change from 0 to 1 [ 1037.715775][T26875] loop3: detected capacity change from 0 to 264192 [ 1037.732536][T26878] loop5: detected capacity change from 0 to 16949 10:16:38 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200305200a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:38 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac002500000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:38 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200305300a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1037.758372][T26878] EXT4-fs (loop5): bad geometry: first data block 6689 is beyond end of filesystem (64) [ 1037.886748][T26887] loop2: detected capacity change from 0 to 1 [ 1038.001449][T26887] loop2: detected capacity change from 0 to 1 10:16:39 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x4c00000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:39 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000002000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:39 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200305400a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:39 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac002600000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:39 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x300, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:39 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000100863000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:39 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200305500a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1038.514352][T26895] loop2: detected capacity change from 0 to 1 [ 1038.520799][T26892] loop5: detected capacity change from 0 to 16949 [ 1038.541544][T26892] EXT4-fs (loop5): bad geometry: first data block 8192 is beyond end of filesystem (64) 10:16:39 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000102000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:39 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200305600a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1038.575803][T26904] loop3: detected capacity change from 0 to 264192 [ 1038.602503][T26895] loop2: detected capacity change from 0 to 1 10:16:39 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200305700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:39 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac002e00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1038.627083][T26907] loop5: detected capacity change from 0 to 16949 [ 1038.643717][T26907] EXT4-fs (loop5): bad geometry: first data block 8208 is beyond end of filesystem (64) 10:16:39 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200305800a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1038.676984][T26911] loop3: detected capacity change from 0 to 264192 10:16:39 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x6800000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:39 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200305c00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:39 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000002200000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1038.729844][T26918] loop2: detected capacity change from 0 to 1 10:16:39 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200305d00a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1038.781202][T26925] loop5: detected capacity change from 0 to 16949 [ 1038.786702][T26922] loop3: detected capacity change from 0 to 264192 [ 1038.798728][T26925] EXT4-fs (loop5): bad geometry: first data block 8704 is beyond end of filesystem (64) [ 1038.821842][T26918] loop2: detected capacity change from 0 to 1 [ 1038.884387][T26928] loop3: detected capacity change from 0 to 264192 10:16:39 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x700, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:39 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200306100a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:39 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000002500000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:39 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac004800000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:39 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x6c00000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:39 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000800863000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:40 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300702a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1039.400530][T26935] loop5: detected capacity change from 0 to 16949 [ 1039.410905][T26940] loop2: detected capacity change from 0 to 1 [ 1039.431692][T26935] EXT4-fs (loop5): bad geometry: first data block 9472 is beyond end of filesystem (64) 10:16:40 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300703a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:40 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000422d00000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1039.462656][T26940] loop2: detected capacity change from 0 to 1 [ 1039.470617][T26946] loop3: detected capacity change from 0 to 264192 10:16:40 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300704a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:40 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac004a00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1039.532826][T26946] loop3: detected capacity change from 0 to 264192 [ 1039.545553][T26953] loop5: detected capacity change from 0 to 16949 [ 1039.569400][T26953] EXT4-fs (loop5): bad geometry: first data block 11586 is beyond end of filesystem (64) 10:16:40 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300705a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1039.586173][T26956] loop2: detected capacity change from 0 to 1 [ 1039.672087][T26956] loop2: detected capacity change from 0 to 1 10:16:40 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0xec0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:40 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x7400000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:40 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300708a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:40 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000002e00000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:40 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac004c00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:40 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000000c63000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1040.271234][T26969] loop2: detected capacity change from 0 to 1 [ 1040.281396][T26966] loop5: detected capacity change from 0 to 16949 [ 1040.309009][T26966] EXT4-fs (loop5): bad geometry: first data block 11776 is beyond end of filesystem (64) 10:16:40 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300718a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1040.319419][T26974] loop3: detected capacity change from 0 to 264192 10:16:40 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300726a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:41 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000003200000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:41 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300773a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1040.391111][T26969] loop2: detected capacity change from 0 to 1 [ 1040.403681][T26980] loop3: detected capacity change from 0 to 264192 10:16:41 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac006000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:41 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e1000000887700720030077ea6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1040.460585][T26986] loop5: detected capacity change from 0 to 16949 [ 1040.502129][T26986] EXT4-fs (loop5): bad geometry: first data block 12800 is beyond end of filesystem (64) [ 1040.536402][T26991] loop2: detected capacity change from 0 to 1 [ 1040.632134][T26991] loop2: detected capacity change from 0 to 1 10:16:41 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x2000, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:41 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x7a00000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:41 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e100000088770072003007fea6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:41 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000423500000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:41 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac006800000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:41 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000001063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:41 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff02000000008000da55aa", 0x40, 0x1c0}]) [ 1041.169020][T26999] loop2: detected capacity change from 0 to 1 [ 1041.171931][T26996] loop5: detected capacity change from 0 to 16949 [ 1041.196444][T27002] loop3: detected capacity change from 0 to 264192 [ 1041.206416][T26996] EXT4-fs (loop5): bad geometry: first data block 13634 is beyond end of filesystem (64) 10:16:41 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff03000000008000da55aa", 0x40, 0x1c0}]) 10:16:41 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000003f00000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:41 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff04000000008000da55aa", 0x40, 0x1c0}]) [ 1041.271807][T26999] loop2: detected capacity change from 0 to 1 10:16:41 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac006c00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:41 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff05000000008000da55aa", 0x40, 0x1c0}]) [ 1041.324872][T27013] loop5: detected capacity change from 0 to 16949 [ 1041.352076][T27015] loop3: detected capacity change from 0 to 264192 [ 1041.363070][T27013] EXT4-fs (loop5): bad geometry: first data block 16128 is beyond end of filesystem (64) 10:16:42 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x4000, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff08000000008000da55aa", 0x40, 0x1c0}]) 10:16:42 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000023f00000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:42 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac007400000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:42 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0x7b01000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:42 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000002663000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1042.045787][T27024] loop5: detected capacity change from 0 to 16949 [ 1042.058971][T27032] loop2: detected capacity change from 0 to 1 [ 1042.073091][T27024] EXT4-fs (loop5): bad geometry: first data block 16130 is beyond end of filesystem (64) 10:16:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff18000000008000da55aa", 0x40, 0x1c0}]) [ 1042.092812][T27028] loop3: detected capacity change from 0 to 264192 10:16:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff26000000008000da55aa", 0x40, 0x1c0}]) 10:16:42 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000004000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff73000000008000da55aa", 0x40, 0x1c0}]) [ 1042.145837][T27032] loop2: detected capacity change from 0 to 1 [ 1042.154382][T27038] loop3: detected capacity change from 0 to 264192 [ 1042.182436][T27042] loop5: detected capacity change from 0 to 16949 10:16:42 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff7e000000008000da55aa", 0x40, 0x1c0}]) [ 1042.199559][T27042] EXT4-fs (loop5): bad geometry: first data block 16384 is beyond end of filesystem (64) 10:16:42 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac007a00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 1042.327900][T27049] loop2: detected capacity change from 0 to 1 [ 1042.401483][T27049] loop2: detected capacity change from 0 to 1 10:16:43 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x8ec0, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:43 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000084600000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6fffffffe000000008000da55aa", 0x40, 0x1c0}]) 10:16:43 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xa101000000000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:43 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac008900000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:43 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000003f63000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1042.953486][T27057] loop2: detected capacity change from 0 to 1 [ 1042.959787][T27053] loop3: detected capacity change from 0 to 264192 [ 1042.966670][T27056] loop5: detected capacity change from 0 to 16949 10:16:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff04020000008000da55aa", 0x40, 0x1c0}]) 10:16:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00030000008000da55aa", 0x40, 0x1c0}]) [ 1042.993957][T27056] EXT4-fs (loop5): bad geometry: first data block 17928 is beyond end of filesystem (64) [ 1043.062486][T27057] loop2: detected capacity change from 0 to 1 [ 1043.069156][T27067] loop3: detected capacity change from 0 to 264192 10:16:43 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000004800000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:43 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff80030000008000da55aa", 0x40, 0x1c0}]) 10:16:43 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac009000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:43 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xfdfdffff00000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 1043.166964][T27075] loop5: detected capacity change from 0 to 16949 [ 1043.198501][T27077] loop2: detected capacity change from 0 to 1 [ 1043.210676][T27075] EXT4-fs (loop5): bad geometry: first data block 18432 is beyond end of filesystem (64) [ 1043.236473][T27079] loop3: detected capacity change from 0 to 264192 [ 1043.304203][T27077] loop2: detected capacity change from 0 to 1 [ 1043.341901][T27082] loop3: detected capacity change from 0 to 264192 [ 1043.391086][T27081] cgroup: fork rejected by pids controller in /syz3 10:16:44 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000004c00000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff02040000008000da55aa", 0x40, 0x1c0}]) 10:16:44 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac00c000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:44 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xfeffffffffffffff, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:44 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0xc00e, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:44 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000004063000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff06040000008000da55aa", 0x40, 0x1c0}]) [ 1043.850034][T27175] loop2: detected capacity change from 0 to 1 [ 1043.858451][T27167] loop5: detected capacity change from 0 to 16949 10:16:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00050000008000da55aa", 0x40, 0x1c0}]) [ 1043.894171][T27178] loop3: detected capacity change from 0 to 264192 [ 1043.894524][T27167] EXT4-fs (loop5): bad geometry: first data block 19456 is beyond end of filesystem (64) 10:16:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff04060000008000da55aa", 0x40, 0x1c0}]) [ 1043.968475][T27175] loop2: detected capacity change from 0 to 1 [ 1043.974198][T27178] loop3: detected capacity change from 0 to 264192 10:16:44 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000024d00000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00180000008000da55aa", 0x40, 0x1c0}]) 10:16:44 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac00ec00000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00200000008000da55aa", 0x40, 0x1c0}]) [ 1044.078164][T27190] loop2: detected capacity change from 0 to 1 [ 1044.088535][T27191] loop5: detected capacity change from 0 to 16949 10:16:44 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xffffffff00000000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 1044.121411][T27191] EXT4-fs (loop5): bad geometry: first data block 19714 is beyond end of filesystem (64) 10:16:44 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00260000008000da55aa", 0x40, 0x1c0}]) 10:16:44 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000025200000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1044.171843][T27190] loop2: detected capacity change from 0 to 1 [ 1044.183805][T27197] loop3: detected capacity change from 0 to 264192 [ 1044.205111][T27202] loop5: detected capacity change from 0 to 16949 [ 1044.216405][T27202] EXT4-fs (loop5): bad geometry: first data block 20994 is beyond end of filesystem (64) [ 1044.244658][T27203] loop3: detected capacity change from 0 to 264192 10:16:45 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0xc08e, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff003f0000008000da55aa", 0x40, 0x1c0}]) 10:16:45 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac007b01000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000025300000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:45 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xffffffffff600000, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:45 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000007163000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1044.729270][T27206] loop2: detected capacity change from 0 to 1 [ 1044.747038][T27210] loop5: detected capacity change from 0 to 16949 [ 1044.757507][T27210] EXT4-fs (loop5): bad geometry: first data block 21250 is beyond end of filesystem (64) 10:16:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00400000008000da55aa", 0x40, 0x1c0}]) [ 1044.780900][T27215] loop3: detected capacity change from 0 to 264192 10:16:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00730000008000da55aa", 0x40, 0x1c0}]) 10:16:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000006000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1044.834997][T27221] loop3: detected capacity change from 0 to 264192 [ 1044.843247][T27206] loop2: detected capacity change from 0 to 1 [ 1044.865825][T27223] loop5: detected capacity change from 0 to 16949 10:16:45 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac00a101000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff007e0000008000da55aa", 0x40, 0x1c0}]) [ 1044.890666][T27223] EXT4-fs (loop5): bad geometry: first data block 24576 is beyond end of filesystem (64) 10:16:45 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff03800000008000da55aa", 0x40, 0x1c0}]) [ 1044.984334][T27233] loop2: detected capacity change from 0 to 1 [ 1045.102780][T27233] loop2: detected capacity change from 0 to 1 10:16:46 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000001e80)=ANY=[], 0x20001290}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/71, 0x47}}, {{0x0, 0x40000, &(0x7f0000000780)=[{&(0x7f0000001ec0)=""/4096, 0x20002ec0}], 0x1}}], 0x2, 0x2100, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x8f5}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) sendmmsg(r3, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc041) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 10:16:46 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xfffffffffffffffe, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) 10:16:46 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f0000001b6000000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) 10:16:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6fffffffffe0000008000da55aa", 0x40, 0x1c0}]) 10:16:46 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a000000ff45ac00f801000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 10:16:46 executing program 1: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0xfffffffffffffffb, 0x4, 0x0, @buffer={0x0, 0x42, &(0x7f00000000c0)=""/66}, &(0x7f0000000040)="59369ae4", &(0x7f0000000240)=""/249, 0x0, 0x1, 0x1, &(0x7f0000000140)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="02010f00000001000000ff0700000000007e63000800000000000000004000ffffffa500000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 10:16:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6fffffffeff0000008000da55aa", 0x40, 0x1c0}]) [ 1045.628251][T27239] loop2: detected capacity change from 0 to 1 [ 1045.641124][T27247] loop5: detected capacity change from 0 to 16949 [ 1045.658712][T27247] EXT4-fs (loop5): bad geometry: first data block 24603 is beyond end of filesystem (64) 10:16:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00000800008000da55aa", 0x40, 0x1c0}]) 10:16:46 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x846a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000016100000200000002000000008000000080002020000000dcf48a5fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000140)) [ 1045.688940][T27244] loop3: detected capacity change from 0 to 264192 10:16:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff40000800008000da55aa", 0x40, 0x1c0}]) [ 1045.731619][T27254] loop5: detected capacity change from 0 to 16949 [ 1045.750717][T27254] EXT4-fs (loop5): bad geometry: first data block 24833 is beyond end of filesystem (64) [ 1045.761609][T27256] loop3: detected capacity change from 0 to 264192 [ 1045.762120][T27239] loop2: detected capacity change from 0 to 1 10:16:46 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a6ffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e10000008877007200300700a6ffffff00002000008000da55aa", 0x40, 0x1c0}]) 10:16:46 executing program 3: r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x2, 0x0, @fd_index, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x304, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)) [ 1045.874580][T27263] loop3: detected capacity change from 0 to 264192 [ 1045.955156][T27265] loop3: detected capacity change from 0 to 264192