program: r0 = syz_mount_image$vfat(&(0x7f0000000480), &(0x7f0000000040)='./file2\x00', 0x80000, &(0x7f0000000240)=ANY=[], 0x1, 0x1203, &(0x7f0000002200)="$eJzs3E1rY1UYB/CnsWNrx76o42hnoQfduLpMu3AlSJEOSAPKOBVmBOGOvdGQaxJyQyEijq7c+jnEpTtB/ALd+BncdeNyFuIVknlpZjpqF01Af7/Nfcg5/5xzEwiccM49fuu7zzutKmvlw2gsLESjH5HupkjRiPte2Ztcb97a22k2d6+ndG3nxtabKaW1V3/+6MsfXvtlePHDH9d+WoqjjY+Pf9/+7ejy0ebxnzc+a1epXaVub5jydLvXG+a3yyIdtKtOltL7ZZFXRWp3q2Iw1d4qe/3+KOXdg9WV/qCoqpR3R6lTjNKwl4aDUco/zdvdlGVZWl0JnujCP3fZ//5uXdcRdX0hno66rutnYiUuxrOxGmvxdUQ8F8/HC3EpXozL8VK8HJvjXrOYPgAAAAAAAAAAAAAAAAAAAPx//N35//XYcP4fAAAAAAAAAAAAAAAAAAAAZuCDm7f2dprN3espLUeU3x7uH+5PrpP2nVa0o4wirsZ6/BHj0/8Tk/rau83dq2lsI74p79zL3zncf2o6vzV+nMC9/OK47X5+a5JP0/mlWDmZ3471uHT6+Nun5pfjjddP5LNYj18/iV6UcTAe+2H+q62U3nmv+Uj+yrgfAAAA/Bdk6YEH6/elE+v3LHu8fbI+jtg82/8Dj6yvF+PK4rzvnmr0RScvy2IwXSw/9ori3xeNc3rnRpzv5GP+H53iicXCQsQMB533LxOz8PBLn/dMAAAAAAAAAAAAOItz3kW4GKfsLHt7PrcKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7EDxwIAAAAAwvyt0+jYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIChAgAA///P7std") r1 = open(&(0x7f0000000780)='./file1\x00', 0x16f043, 0x195) ftruncate(r1, 0x2007fff) r2 = socket(0x200000000000011, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ip6gre0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/partitions\x00', 0x0, 0x0) r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_INTERRUPT(r6, 0x4048aecb, &(0x7f0000000040)=0x9) truncate(&(0x7f0000000040)='./file0\x00', 0x2000000000000006) r7 = syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x200000, &(0x7f0000003d00)=ANY=[], 0x8, 0x33b, &(0x7f0000001ec0)="$eJzs3U1rE0EcBvBnNi9NbKlrWyl4rBY8lbYeFBEUKV78Ah6kWNstlK4Vmgq2IEbPIt4EwaM3z6JfQS/iF9BTD8WTXoqgK/OyyWw6u01jm03N84OmSXZe/rM7szuzUhdE1Leuz319c2Fb/ogSgAKAy4AHoAIUAZzGeOXB2sbKRhgsZRVUUDnkj4DOKfakWVwLXFkrKyaH4ctPRQzZ39HRiKIo+rZvqh9diYXyI/TY38MDBszoVNsrXY/saNR1u/qLdYTFLnbxEMN5hkNERPkz13/PXCWGzPzd84BJMw8/7tf/xPxmN784ekLj+u/pz5GQ++ek2tRc76klnDz6XrxKdJXl7BNRc3eXoXtW4gCI/VaVKhavurwSBlN1VcBTXDWsZGPqdQlxQ5S0aMv614RjbZohq+3ZBlUbSrINpZT4Rw9c44cdvHRXN/+pjZjER/FZzAsfr7DUmP8VIyF3jto/PlC1M+j4p9NLVK30dapEK5vr91OqkjPxEXj/ttnKatp+raAgY3GRpYjW+bsfx/minJ4LI0jeVtCtm0lvnco16sw12/j8y5lrrDVXdbkUBlOL98PMWymHxrmiE8/FLTGB73iHOWv+78nUk0gfmfEo/63SqJSmZ2S2p6hSphzHBDWA72WMzGobhfSlG84DndQ6Wp7hLi5huLa5tboQhsF6/m/iodIj8eiOKPSlQn4jf1tpUJFvSgAOrdI/URQ5NxVxmA1Mi7mkWnzxtT4MwXpNnWbr+mMHdZnjWa9tbqGu96GV5lpqdutusPwmPiN00uTHjVyy/x8k+09Te23T3SGFFWH5aDtkXFViUwEDmSNlwPTVageV3ny0uhAmzha8E/+fskbr+O2dK3mHQ90n511Cr/+s9cq0OuvIFz9jNRLtV7hV4kzKCmhEvZ5obwXXKDZ1njgYvwmD2aw119nzwLmWGj3ENT5pLdY3cfbkudD5TxmZ02Uxhy+4w/v/RERERERERERERERERERERERERETHzUH/GqGTPydI1rjdh//xBhERERERERERERERERERERERERERERHRv7Ge/wsU1BNjyl1//i9anv9baOP5v/FzKYioY38DAAD//5LcWh4=") unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0) r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105442, 0x22) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000740)=[@textreal={0x8, &(0x7f00000006c0)="66b8dd2b00000f23c80f21f866350800d0000f23f80f01ca660f3801064f44360fc77000360f01c566b8000000000f23c80f21f866350c0080000f23f8b800008ee06f66b93b0900000f3266b9800000c00f326635002000000f30", 0x5b}], 0x1, 0x8, &(0x7f0000000980)=[@dstype0={0x6, 0xf}, @dstype3={0x7, 0x7}], 0x2) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000003cc0)={0xec, 0x0, &(0x7f0000000840)=[@clear_death, @reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000a00)={@ptr={0x70742a85, 0x0, &(0x7f00000009c0)=""/33, 0x21, 0x1, 0x3b}, @fd={0x66642a85, 0x0, r7}, @fda={0x66646185, 0x6, 0x2, 0x1e}}, &(0x7f0000000680)={0x0, 0x28, 0x40}}}, @transaction={0x40406300, {0x4, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000540)={@ptr={0x70742a85, 0x2001, &(0x7f00000004c0)=""/79, 0x4f, 0x0, 0xd}, @fda={0x66646185, 0x8, 0x1, 0x3d}, @fd={0x66642a85, 0x0, r7}}, &(0x7f0000000600)={0x0, 0x28, 0x48}}}, @free_buffer, @enter_looper, @reply={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000400)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r2}, @ptr={0x70742a85, 0x10000001, &(0x7f0000000340)=""/138, 0x8a, 0x1, 0x1a}}, &(0x7f00000002c0)={0x0, 0x18, 0x30}}}], 0x61, 0x0, &(0x7f0000003c40)="0022bbaa30c6f958a2293543cd068ddf60827b99382c8c4d3907623c6d7e28f0883fc1f5f476b6a5c167b007053fe85a87846e1a376e4c0ee41e0cced619da990846054ca58184883e8cee5cb917228622ebf67f975385d64f39dd32db20d5be9e"}) r9 = socket$nl_route(0x10, 0x3, 0x0) mknod$loop(&(0x7f0000003d80)='./file2\x00', 0x8b6, 0x1) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)={0x0, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x34}}}}, 0x108) r10 = socket(0x22, 0x800, 0xffffe502) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f00000007c0)=0x6) r11 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r11) getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3c) sendmsg$nl_route_sched(r10, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000940)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0xb, 0x0, 0x0, r12, {0x0, 0x4000}, {0x6}, {0xd}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x10}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0) truncate(&(0x7f0000000240)='./file2\x00', 0x7fff) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000200)) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000a80)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095", @ANYRESDEC=r9, @ANYRESDEC=r8], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff, @void, @value}, 0xfffffffffffffea6) [ 69.480479][ T4663] Bluetooth: hci0: command tx timeout [ 69.586504][ T5315] loop0: detected capacity change from 0 to 8192 [ 69.631314][ T5315] netlink: 4 bytes leftover after parsing attributes in process `syz.0.0'. [ 69.636753][ T5315] loop0: detected capacity change from 0 to 64 [ 69.644252][ T5315] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 69.648682][ T5315] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047] [ 69.651652][ T5315] CPU: 0 UID: 0 PID: 5315 Comm: syz.0.0 Not tainted 6.13.0-rc6-syzkaller #0 [ 69.654890][ T5315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.659051][ T5315] RIP: 0010:hfs_find_init+0x72/0x1f0 [ 69.661020][ T5315] Code: d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 54 14 84 ff 48 c7 03 00 00 00 00 48 89 2c 24 4c 8d 75 40 4d 89 f7 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 10 01 00 00 41 8b 06 8d 7c 00 04 be c0 [ 69.668138][ T5315] RSP: 0018:ffffc9000d2df400 EFLAGS: 00010202 [ 69.670177][ T5315] RAX: 1ffff92001a5be9f RBX: ffffc9000d2df4f8 RCX: 0000000000100000 [ 69.673365][ T5315] RDX: ffffc9000e4a2000 RSI: 0000000000001ba5 RDI: ffffc9000d2df4f0 [ 69.676201][ T5315] RBP: 0000000000000000 R08: ffffffff82830e5f R09: 0000000000000000 [ 69.679069][ T5315] R10: ffffc9000d2df4e0 R11: fffff52001a5bea3 R12: ffffc9000d2df4e0 [ 69.681861][ T5315] R13: dffffc0000000000 R14: 0000000000000040 R15: 0000000000000008 [ 69.684726][ T5315] FS: 00007f867b6f16c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000 [ 69.687829][ T5315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.690074][ T5315] CR2: 00007f866e807c00 CR3: 0000000043d02000 CR4: 0000000000352ef0 [ 69.692957][ T5315] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 69.695650][ T5315] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 69.698416][ T5315] Call Trace: [ 69.699704][ T5315] [ 69.700780][ T5315] ? __die_body+0x5f/0xb0 [ 69.702494][ T5315] ? die_addr+0xb0/0xe0 [ 69.704068][ T5315] ? exc_general_protection+0x3dd/0x5d0 [ 69.706090][ T5315] ? hfs_get_block+0x26f/0xb60 [ 69.707951][ T5315] ? asm_exc_general_protection+0x26/0x30 [ 69.710051][ T5315] ? hfs_get_block+0x3bf/0xb60 [ 69.711605][ T5315] ? hfs_find_init+0x72/0x1f0 [ 69.713373][ T5315] hfs_get_block+0x4f4/0xb60 [ 69.715012][ T5315] ? __pfx_hfs_get_block+0x10/0x10 [ 69.716860][ T5315] ? _raw_spin_unlock+0x28/0x50 [ 69.718593][ T5315] ? create_empty_buffers+0x471/0x530 [ 69.720509][ T5315] block_read_full_folio+0x3ee/0xae0 [ 69.722500][ T5315] ? __pfx_hfs_get_block+0x10/0x10 [ 69.724414][ T5315] ? __pfx_block_read_full_folio+0x10/0x10 [ 69.726426][ T5315] filemap_read_folio+0x148/0x3b0 [ 69.728272][ T5315] ? __pfx_hfs_read_folio+0x10/0x10 [ 69.730120][ T5315] ? __pfx_filemap_read_folio+0x10/0x10 [ 69.732102][ T5315] ? __filemap_get_folio+0x848/0x940 [ 69.734060][ T5315] ? hfs_btree_open+0x4cb/0xf40 [ 69.735789][ T5315] do_read_cache_folio+0x373/0x5b0 [ 69.737748][ T5315] ? __pfx_hfs_read_folio+0x10/0x10 [ 69.739647][ T5315] ? do_raw_spin_unlock+0x58/0x8b0 [ 69.741390][ T5315] read_cache_page+0x5b/0x170 [ 69.743308][ T5315] hfs_btree_open+0x506/0xf40 [ 69.745060][ T5315] hfs_mdb_get+0x1443/0x21b0 [ 69.746795][ T5315] ? __pfx_hfs_mdb_get+0x10/0x10 [ 69.748607][ T5315] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 69.750806][ T5315] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 69.752902][ T5315] ? __raw_spin_lock_init+0x45/0x100 [ 69.754801][ T5315] hfs_fill_super+0x38c/0x6b0 [ 69.756593][ T5315] ? __pfx_hfs_fill_super+0x10/0x10 [ 69.758540][ T5315] ? do_raw_spin_lock+0x14f/0x370 [ 69.760511][ T5315] ? sb_set_blocksize+0x98/0xf0 [ 69.762375][ T5315] ? setup_bdev_super+0x4e6/0x5d0 [ 69.764352][ T5315] get_tree_bdev_flags+0x48c/0x5c0 [ 69.766332][ T5315] ? __pfx_hfs_fill_super+0x10/0x10 [ 69.768358][ T5315] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 69.770437][ T5315] ? apparmor_capable+0x13b/0x1b0 [ 69.772267][ T5315] vfs_get_tree+0x90/0x2b0 [ 69.774073][ T5315] do_new_mount+0x2be/0xb40 [ 69.775746][ T5315] ? __pfx_do_new_mount+0x10/0x10 [ 69.777740][ T5315] __se_sys_mount+0x2d6/0x3c0 [ 69.779555][ T5315] ? __pfx___se_sys_mount+0x10/0x10 [ 69.781507][ T5315] ? do_syscall_64+0x100/0x230 [ 69.783377][ T5315] ? __x64_sys_mount+0x20/0xc0 [ 69.785014][ T5315] do_syscall_64+0xf3/0x230 [ 69.786677][ T5315] ? clear_bhb_loop+0x35/0x90 [ 69.788462][ T5315] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.790657][ T5315] RIP: 0033:0x7f867a9874ca [ 69.792442][ T5315] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.799503][ T5315] RSP: 002b:00007f867b6f0e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 69.802711][ T5315] RAX: ffffffffffffffda RBX: 00007f867b6f0ef0 RCX: 00007f867a9874ca [ 69.805384][ T5315] RDX: 0000000020000080 RSI: 0000000020000300 RDI: 00007f867b6f0eb0 [ 69.808430][ T5315] RBP: 0000000020000080 R08: 00007f867b6f0ef0 R09: 0000000000200000 [ 69.811338][ T5315] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000020000300 [ 69.814277][ T5315] R13: 00007f867b6f0eb0 R14: 000000000000033b R15: 0000000020003d00 [ 69.817148][ T5315] [ 69.818284][ T5315] Modules linked in: [ 69.820237][ T5315] ---[ end trace 0000000000000000 ]--- [ 69.827499][ T5315] RIP: 0010:hfs_find_init+0x72/0x1f0 [ 69.832594][ T5315] Code: d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 54 14 84 ff 48 c7 03 00 00 00 00 48 89 2c 24 4c 8d 75 40 4d 89 f7 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 10 01 00 00 41 8b 06 8d 7c 00 04 be c0 [ 69.840764][ T5315] RSP: 0018:ffffc9000d2df400 EFLAGS: 00010202 [ 69.843094][ T5315] RAX: 1ffff92001a5be9f RBX: ffffc9000d2df4f8 RCX: 0000000000100000 [ 69.846096][ T5315] RDX: ffffc9000e4a2000 RSI: 0000000000001ba5 RDI: ffffc9000d2df4f0 [ 69.849132][ T5315] RBP: 0000000000000000 R08: ffffffff82830e5f R09: 0000000000000000 [ 69.853061][ T5315] R10: ffffc9000d2df4e0 R11: fffff52001a5bea3 R12: ffffc9000d2df4e0 [ 69.856144][ T5315] R13: dffffc0000000000 R14: 0000000000000040 R15: 0000000000000008 [ 69.859137][ T5315] FS: 00007f867b6f16c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000 [ 69.863639][ T5315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.866148][ T5315] CR2: 00007f866e807c00 CR3: 0000000043d02000 CR4: 0000000000352ef0 [ 69.868949][ T5315] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 69.872301][ T5315] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 69.875397][ T5315] Kernel panic - not syncing: Fatal exception [ 69.877883][ T5315] Kernel Offset: disabled [ 69.879529][ T5315] Rebooting in 86400 seconds..