0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x0) [ 2482.284541] No source specified [ 2482.290781] No source specified 09:27:34 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2482.416771] No source specified 09:27:48 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:27:48 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 1) 09:27:48 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 1) 09:27:48 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:27:48 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:27:48 executing program 3: r0 = creat(&(0x7f0000000140)='./file0\x00', 0x1b7) r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000000200)={'#! ', './file0', [{0x20, ',-,{-+'}, {0x20, '%L\a\x00\x00\x00\x98t\x933-v\xe9\xe0\\\xfd\xdd\x90l\aT \x00\x00}'}, {0x20, '#[\xc0\x8c$:'}], 0xa, "7e7756990b3e0838317cdbfb868c8b2052a2b42107d76feec53976b58c2e4e36e271b0d3fb67a545"}, 0x5b) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r2, r3, 0x0, 0x80000) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r4, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) fcntl$addseals(r4, 0x409, 0x4) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x800) sendfile(r0, r5, 0x0, 0x68e146a1) 09:27:48 executing program 1: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020202010", 0x4c, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x800) setfsuid(r1) syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000380)='./file1\x00', 0x1a, 0x5, &(0x7f0000001700)=[{&(0x7f00000003c0)="5906bb241d8234ddad09b635cd392019bcce98f110675a69ba22d3021b92d7528f84ba51aa8ca515dd171fc26290cc9530a13aa18ecf1dacdf5e08425c84eb24a592b39a09d77464d9851d7efeee761a6c298a3f87453fccd79fc203134c5cab8084b3a8d00b1931cc89b5f60bf1a0b678c65fb6a55e46b2b8103740ec630143d5f7ded761339d3e1341c7d19d347dc565af2158291f4b6ebcb8a8dbd1c3ba6f77c59cfcf1b9c978330fc26f8cf20f47fa040d4cac1fce020466c2bcd0852a82a93a5bc326a15ad61548a7b11fb1de3d444d7946fe7e05a6c430c72a976898747cb77122cff217f3ede70272a4767f640fb055d75c5de0894a2291c85b726a627b963eaca3b87ec928bca0c6bf68c9bd41be8081fba14dda3bc2167ba721af2816984018c4f7dfc90845e93290a4d67c8dc59e614f66fea0a95165228c447897bbc933a65a39046046e37f2906ce6f94d3b6e8ab2f68a80fc13fc484af8724ba9e129896731b77201e62d0d48f575947e6aaecf41ef7d355d048a79f97242305569964470ec3350a7c5c6b1f38aeb0728cbeb1c6e31945f18ffd7d35284941d9505b84cc9700be96bbcceb9dbbcdd2f2bdbc815e636b27c4bf619444371a97ea49b56a03e795dc3ccdcfcfa525e8e6778308188afd47f2d9ba697d332892be9d468d1522a37d8ac7a21d284c9b809dafeae28460a9287e83f741595f441acc19d9cf638e2c63d57e2c43eb08883534c3f8188f99c908ce757dd4feaf5322d18eb0173f614d8a9f79bf41ffce6e3aa16f4710db9120195f241899a571cf9c2af6f239a385de668037b0bbe856210fb9664620b9ccabf137aaa2d2e4f556b461c89b8fdb062e64455618787591becfa0e0883704a9fdce853143f264eb6766aae9cba1fc9680c40db06def0a093063ba54a6913af3172b6f1469849ec7a323d356043f58ba9e577e1f76ad7b7b239e63ad03db9a0c12d7cc96357ed0fee917785376716552697d9cf44e74579f36d7d10fb1a86c10612d48954d0510bb08272bbb6f61e079bd9a85061b813b1a67a557244c67e63f42eeec46804af8fa1056ef147586df751a72a1b192bab0e5525462c71de71b10aefb66dae4ef00bb8db2b7defd53dbb63b24dee4be24851d60325f16db295e3de0533063a9866c963707ae1e27b933aa84370c4c0b1b0b49e84e0139a74710ffe2beefcb5a428343c98b7134fd84cc5d852abb5f674399a35e2072a3871b11d7a77c3e81182ff31cb36df8b778c850c9a0dd978d762d25f4903ee238af69024cfc7f64b602d312974da9fa751dd937942d1c8cb6f7e9aea59612b7a60cedeb88234667405f3b322b03475802c09c710d2789f8ebf806535f56435e5ffe636584493dd36d3cf514efc459dd28a815f07ad39638c5f1b825496ab899b77a2027c493038b150398b66364a97fa77fd1337e3f0184a8136be8b3c8e348add0f7e443e14237601326fee700e93fab7c88ea03a58a3833aab49426a3732a3be716ded8fd2dfd994e3b57adaf1fcfa6a4f14b01bb6a1ad280d2d30817d4b79800ab1addd303bb038d657a5063b468db090ad63d62b83d1b0f454a0c79fd4f694d8d1d9665549f383365f2edc630ae22bbc67d5e6147f5fdc217fe615654dc3fc7545a71e20001b0261b9ff490ba34d47153efe0b27db61572ea2933a707104195d6a6e38664c62e89dcde0459f7db5236e8f419ec689d7fb8d4ccf0faa327e139c5456fdcadba3bde5cf2bac6012d2a00fafae54856ee405c47ff45527ead83b9e20807a643aba14a9080c96c3d0e9ef7d2dbc61c122202c27f14da01c757828319dd45550c97ba26e369d1cb4036be1e35494ec07e3685d46bc634bfd2f8f053e8984b31ee1f8639bb709c4dcf2f999dc78f9b738233191b8955bf5306431c0d8a308ef0a8b19a1d79cce35e07e92c1fe020345075b44dbe3e4bcda4c57b86c2251a8439c893210b0f00d7be31db4cbd284358ba44385d5db982531f25478a4c19045db292aa9e842fae3568057303f9faffdea9ee4d0dcb3265874391f4db1c8252d19fa1481057f62ef2bf183b0dc562332b0d42c42d71227f3c25cc9b636e47bf9c952aeab5aeabf1805ef35ba0a9898ee64d733a3168035082f9a839dd940246f765ad0df0136edf4dee4df4ca5df177352432faa38af83516db24e41b8ce25bfe0d8352813ef5aa17215ac9181ff52705cf4df88fc17a43c0152aa0352283b9938c93eb737be95a8b8d9dfba10643636ce269b3113f5f04db55e686a9b9c58c239eff9737b1d2ecba68d2aec2ed4009708f7450c405052d95c6a6b4ba230423027687d5c773bc264cb6e471f70fac28c00f72fc3dd69f35a44be86cc2629c014186b8dd8698b4663273efcbeb7b981bc0c8cc652b715737c50a1f9e73ae13d7d3e164f2db734682c93bac6cfde6f3c0b48adcbd5756a102a7f00e82889be3f9987fad7bf892640f466cd3ef5629eba621e38b28adccad0d47d53a3322f404fa70e64e24604d07f8e13d2d7dab3083e3f8741cc27fdb3da18654fe8e8aa004d5fe9aea61838068fd8f0eb7771b0480fc4767aa030b550be6a4bb493b03dd646503b28989d6ecb33409c24254a02f1c6902e97ad347bb7b2ead0a3a20b4840f4b09af8e0bfea2c028711964857e7c958ba935c0015ab6c6acee81bf5532dcca865e7c262f76a86fd7f8d6fd65d3ef6c53e380ac0caa3339f1e51eafd5c5e0a7f85aaf2ff936f9473b82737b810a8af23774c3bad1f80fee73b939b60cd976ac260b68796783a53e3b95ccf34cbe53cf47274896b1b019be13278fb6332e230177fa7d1dfec8675679c0d8cc5b40b1df3bb4ddb80ad8b115b72f6bb35e3b6f2e4858b38e2aacdc7ae2764d483d2c1df4e2a35f335cef93b28e3c7231099a2e8255839abd2c1a750a30619f900c54ecd330e2415e18d2a600a5225ca91ae563c31c9272515fb2b6468b449816eae58c6b4ab277ecbbf1da3d352eb2fc1fe9a37613ceaff76ae7b69ac91cfafe057ea6fc45703ba93295f6d8d60395fe7f1161d894982d87423f5060ddce484bd8742703d055ac74b6f0f1eb30ec2276328756a9ffdf776b1f88938dc47f821950db084314dbc362403895fd239169f9243bcf1715d5735bf183cafca8dc8ce779f91a7f1cb580b83e6d89d2d3013c81ad6fc377d1beaf1d5e246d3f0aca0b00ae42db4cc1876c7a5bd5679cfac5a9458ebedcb220c16dbb3ea38d18472b1f379fdad38aee112519b99b041340ec96ecbcec40f5c7c407520ed035157bcae9df2fef8dee37df60581582bc78b1206f2219a837e66cb090bc56ab37b64612f64bff44d00ae5ff1d9aff2b5fc48e607ecb38dfe987dc30019b4d08f9d31e735b2fa74f6d876f88ea7277462458211e1b8988a5837bfadf5b9c2db2fef368e5bb0c1984915d1ffc423193974b36059818844eb5d88c0782df354ba3a325f5f32e771662a4c0ace9594ab3da04c23acebaa3ced4ea544cc369ce60e3f8bd6e3cf5ef78a1d15bc14b9675b6a84977ea2a9ce11a56c4a0de99dcaf2fe6dd60cba9fea2549ddc165a516bbcc7915e5f252979e0c58eead3a671b665b0541da31f6d402b4f19b01327e47c3fb44e9201d280e12b111686fa96578a8d9c5fd93fa80ce0e2aa10bb881d105bb803288e493c0a811c0d52f105e8b4fd5f217dd935388aedca62cb87739b4a689b9408c0efe5b2c654876f721963998d4847dba6423adca9bcf756d3cc2b3c645e8be0bb880f91a465c9d6d1c20a0a46178ced5055b9c1ae28dd7579b35e3b3d736fd3b2a416c48ed5f17d47aef0924da1e349ded67a9dae0269db21233e7e6e9a2725e0d953a7ef4d61b9d8b78f5be1c4326975cddf35cdbf2274d02fc4886d9c6457bbcfc1043b7500d97965f3eed3d8b50709274533757455415994f68a0d93a020d20d4cee1f312aaa47dcf6d1bd8a445b1f23dfa843cabcced1feae69d4f79e45524034896765661f30c6e99b406ec27f4b3add5e685b242b96a3af160fc8fa2531ad41e58d8e516d878d46cc2db9dd71679913480b2f5fe99eb28c552e58358819d4fae2cf7b883e7da8350805a73e2220081a05ea662e5bfa612a88b247e34ceee62ed1c865a9384c9b91328e732ec1f63753f870d45556c508a26b625b9a4865027628e3c8d0145be563eef8941fa789f8b70c108e1ac2872dae0e2d4dcd430e6c37f969e7e15363fd54401abca321f8ff4cafd7979dce4048407acd580a56c197ebfabe5564a5f0cb0f1f249b4e634b24b47c1054f992379961361f6670003d0fc05db8c4292ece6116d6c058364446c7007b663593ce6bf3c54f1c7065481d59f1994c129ea7231ec2183835da9603c17d2979df07377af1118010f7160cf636647a3f82b2e9cc743c8cc53eafd786fd564087e12b2d84e2dfb189f54b3bd08dc38c29d1be4abc442443bbdfad522c39413b0d1f953952a58db147baf6d023f288fb30fb7cb55590b8b5164fa6bd8c97f30fb3737565c069abeceb919bbd0a3342d4157e27465caebd9fca83d8747d9e8c63f345935888f72fcb898d9de0966faa7d6197fd8ddceac63c56742873854949e0b6613eb51f8e39b89ea59d5ea90890f114a16d6e914b52869159455bac7b589a229ccadd594e074c93946e010761e8435202d24141272bafd803b04ed7b8ac6f6022a04a510ddf8570e77e161e9a6ef0c9c7ef6c86fa4ea6144edadb16fc8fbe586f876fd6e7a630b49d8c9666c4c5b89f79b8809d6de0e459c6fe20343c6adaee94c40b7dc3ff4a1f665f81e5d2eb7671b18c72097ab39c3ccd506a5eaf360656e59f8f496baef83a5925ff9361c3a9a0743ec5ff3c40ce1f0a39410b0150f1575526135904a6c77d1075d86acd7d809d05e1fcf20636d9a6c90203561d7b4d037567c5f9e803ecf8ff0cf24878805cde7c841100bd003573c8afbde8b07494e490f2f8ee077379843ac1175ab41a11465f998a51b0c1c82bcc669395fd0001c66af7327733b6b4e22ca2ab5d22a33c62f2b126c3bc3dffe1b23bf8f9be6df9d26dc5596eef3659fca546bebb0eb2165742750348a54dfa42140876166b4a4687669530b4c6741bff1fa59b7201f64e14bd15773be507cbcb0300d7ba1b41d60d980cf01afea3004bc9c73b2ff49a229f18c3926d9499c0a355aaa548e64e51ac0580f866cfcad00da1166dc450498218f58cc2ad0b84e72d14f028c1108b3c88a7acb8b711bc51c535173077707b9073093ef38895916c062ce8fbd5c10e0462c93365ded2b8bfcef205d3901aa9a51ec2bf240a1d2bbfcca652392c89b38e7c73b5d7b68e6e47ef6999d3b071aca49061454788a6bc89c82bf74daf4dc3cd85bbc459f4fc9cad59c68970c6d8d1167fedb054e035d38138baa02049ea859782f64a391df388c68c7e92d167a43ccf90d0faa144342b8dcd2419cb0804ef687795f89492825deb9fdf73b27ea75c5fe7f5d5277b064d0675447a5117cb9b19eade9b6ec542329b5f3a040738a25e94d9dfd94d1846ae7c04fb179ef4dc63fb443f63149f4c1a0aa7216cc83fb7d617199b7106f2b476df1fe77c2c69540fa1f29f6563aa543c3884b9aa56ed87c82ab64128492698f61517c3564b6de14a6a253815bcb687e0b0d265aececec13780b6ef3b3de0926ef48d1e5c6383c620008abe510890b9156619f1a6e59aef335403ba39b513f65c8d5229aaa4d4016203f9b7749e4c2e6e3a9a3d03611a2cce61d366b8b75f2ad543765cc9e08e4225d58ce7b3a9", 0x1000, 0x100}, {&(0x7f00000013c0)="ca46641306074bf61d28fb8f3c3c7b82dc39205f83c8e8a8b8aeafc78f3c7380221535c710204945534a89b7067209b07fa823c9df284d5b31bb2f3217efd873ba07fe0c9b055e2b0241144e9b32fdc6a69c30019e39483d4e9faa214abad3ada6f2ba3db942abb9ed475c1eb098823389fd5e7eafcc25cd67d075ffc483ef2e60a2235f0717a049b21f073b859165712e5dd5c2c2324248", 0x98, 0xb2c3}, {&(0x7f0000001480)="82e8ca82504f4884057d0bf6b41c13e48536e7a20cab637c96a48c21b4cc4939f61781ff1414a1427a091967f5252bbcfcaf73f1c7d04722c3695a22155091d60d38aafc34dd9b75678338d9232930302a06cc978918eaa4357b2f5afa38e744974b0bbdc668a3ee72d37ed9724c58c2d8c9debeda65651864280fecec2e80c981a5cb508f654276dabedcebc143f09bf18c691446e200a34f417739e181962810793308822eb3f4e9d33739c2f95289f457d52351b4c9ce92e16d99a203752d01fb3f7d7d68db6dcf3b16c2d79d0e6950364ed42e17d8e63b9263172990e8e45353d6472c1a6d46ba", 0xe9, 0xd0}, {&(0x7f0000001580)="76dde27c4e7f41408cca08d0c236b49c104a89f6469d3df77ef361a3034829e5fc6acf6b59efa672454aad8b342c80f63dda57838b826313d0f675c46e3cd95b7b2b53504d25fc256006eebe4fe1fe24f9998abde65fe519b4c7035fbab60e23f46184158e6ddb1551069b5ba9e7206543ad29f80c77c292dfb3211b387202e9549b77dbcebddf18b918c9a5a15b7d127ef2b437f3b8410fcde3ee4e327a81f644187ffe9fdcb4de20f7178fa4c301a943c93f1c2576001921057c0656220fc3226feda4fb343997bbd003095d6690fca3cb417aaf580acf5cef75dc23d5b0c9e3e8352b18a3fc0bae96e4edd3d679707f932878a090edae9b13", 0xfa, 0x1ff}, {&(0x7f0000001680)="e849a05eaa528a55c2c786280759a1e024909c1a733d5370a401c3d5eee54d9928a168e8f7ca2b9a535d41026c91b65817c878a03ef479d4abe9b2db4c1c0a4128f88a47e702fe5718e7cd43f0fbc4de735889ab8d8ad1354c9312a43067416423ffc63ee59ff4cf08493c9ed9a645b0cc9993ebe60c0623ae", 0x79, 0x4}], 0x220011, &(0x7f0000001780)={[{@shortname_winnt}, {@utf8no}, {@uni_xlateno}, {@fat=@flush}, {@shortname_lower}, {@shortname_lower}, {@rodir}, {@rodir}, {@shortname_winnt}], [{@audit}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@fsname}, {@fsname={'fsname', 0x3d, 'vfat\x00'}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@func={'func', 0x3d, 'MODULE_CHECK'}}, {@euid_lt={'euid<', r1}}]}) statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000280)=""/225) setxattr$trusted_overlay_opaque(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), &(0x7f0000000180), 0x2, 0x1) 09:27:48 executing program 7: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_io_uring_complete(0x0) sendfile(r1, r2, 0x0, 0x80000) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000) tee(0xffffffffffffffff, r3, 0x6, 0x7) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x12) lsetxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000100)=@v2={0x3, 0x0, 0xc, 0x7ff, 0x9a, "a5d75c8ce278b190a998851ef7bf519ffb8f58bfbcc00df6ad5177f0c51bfec83a9893ee35ef19a2b0795873ff24a8cd5e4fcce973d9db5bd1a1b72ae21ddeb1ae4e282248ace461df5d82009fbab61ec06c2a992a890db6d5761b9504bf0cc7f25181e5783d5db42712aa1db997d9f963837e5e8235b5b6645510f3a0f1843d5067c18f447bd07ed7a818bfd17f5da410187afae14b0ee3717e"}, 0xa3, 0x1) sendfile(r0, r5, 0x0, 0x68e146a1) [ 2496.085752] No source specified [ 2496.090475] loop2: detected capacity change from 0 to 288 [ 2496.109188] loop0: detected capacity change from 0 to 256 [ 2496.119099] FAULT_INJECTION: forcing a failure. [ 2496.119099] name failslab, interval 1, probability 0, space 0, times 0 [ 2496.121690] CPU: 1 UID: 0 PID: 15373 Comm: syz-executor.4 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2496.121711] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2496.121724] Call Trace: [ 2496.121733] [ 2496.121743] dump_stack_lvl+0xfa/0x120 [ 2496.121767] should_fail_ex+0x4d7/0x5e0 [ 2496.121798] should_failslab+0xc2/0x120 [ 2496.121822] __kmalloc_cache_noprof+0x73/0x470 [ 2496.121842] ? __might_fault+0xe0/0x190 [ 2496.121858] ? alloc_pipe_info+0x10d/0x5a0 [ 2496.121884] ? perf_trace_lock_acquire+0xc9/0x700 09:27:48 executing program 1: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020202010", 0x4c, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x800) setfsuid(r1) syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000380)='./file1\x00', 0x1a, 0x5, &(0x7f0000001700)=[{&(0x7f00000003c0)="5906bb241d8234ddad09b635cd392019bcce98f110675a69ba22d3021b92d7528f84ba51aa8ca515dd171fc26290cc9530a13aa18ecf1dacdf5e08425c84eb24a592b39a09d77464d9851d7efeee761a6c298a3f87453fccd79fc203134c5cab8084b3a8d00b1931cc89b5f60bf1a0b678c65fb6a55e46b2b8103740ec630143d5f7ded761339d3e1341c7d19d347dc565af2158291f4b6ebcb8a8dbd1c3ba6f77c59cfcf1b9c978330fc26f8cf20f47fa040d4cac1fce020466c2bcd0852a82a93a5bc326a15ad61548a7b11fb1de3d444d7946fe7e05a6c430c72a976898747cb77122cff217f3ede70272a4767f640fb055d75c5de0894a2291c85b726a627b963eaca3b87ec928bca0c6bf68c9bd41be8081fba14dda3bc2167ba721af2816984018c4f7dfc90845e93290a4d67c8dc59e614f66fea0a95165228c447897bbc933a65a39046046e37f2906ce6f94d3b6e8ab2f68a80fc13fc484af8724ba9e129896731b77201e62d0d48f575947e6aaecf41ef7d355d048a79f97242305569964470ec3350a7c5c6b1f38aeb0728cbeb1c6e31945f18ffd7d35284941d9505b84cc9700be96bbcceb9dbbcdd2f2bdbc815e636b27c4bf619444371a97ea49b56a03e795dc3ccdcfcfa525e8e6778308188afd47f2d9ba697d332892be9d468d1522a37d8ac7a21d284c9b809dafeae28460a9287e83f741595f441acc19d9cf638e2c63d57e2c43eb08883534c3f8188f99c908ce757dd4feaf5322d18eb0173f614d8a9f79bf41ffce6e3aa16f4710db9120195f241899a571cf9c2af6f239a385de668037b0bbe856210fb9664620b9ccabf137aaa2d2e4f556b461c89b8fdb062e64455618787591becfa0e0883704a9fdce853143f264eb6766aae9cba1fc9680c40db06def0a093063ba54a6913af3172b6f1469849ec7a323d356043f58ba9e577e1f76ad7b7b239e63ad03db9a0c12d7cc96357ed0fee917785376716552697d9cf44e74579f36d7d10fb1a86c10612d48954d0510bb08272bbb6f61e079bd9a85061b813b1a67a557244c67e63f42eeec46804af8fa1056ef147586df751a72a1b192bab0e5525462c71de71b10aefb66dae4ef00bb8db2b7defd53dbb63b24dee4be24851d60325f16db295e3de0533063a9866c963707ae1e27b933aa84370c4c0b1b0b49e84e0139a74710ffe2beefcb5a428343c98b7134fd84cc5d852abb5f674399a35e2072a3871b11d7a77c3e81182ff31cb36df8b778c850c9a0dd978d762d25f4903ee238af69024cfc7f64b602d312974da9fa751dd937942d1c8cb6f7e9aea59612b7a60cedeb88234667405f3b322b03475802c09c710d2789f8ebf806535f56435e5ffe636584493dd36d3cf514efc459dd28a815f07ad39638c5f1b825496ab899b77a2027c493038b150398b66364a97fa77fd1337e3f0184a8136be8b3c8e348add0f7e443e14237601326fee700e93fab7c88ea03a58a3833aab49426a3732a3be716ded8fd2dfd994e3b57adaf1fcfa6a4f14b01bb6a1ad280d2d30817d4b79800ab1addd303bb038d657a5063b468db090ad63d62b83d1b0f454a0c79fd4f694d8d1d9665549f383365f2edc630ae22bbc67d5e6147f5fdc217fe615654dc3fc7545a71e20001b0261b9ff490ba34d47153efe0b27db61572ea2933a707104195d6a6e38664c62e89dcde0459f7db5236e8f419ec689d7fb8d4ccf0faa327e139c5456fdcadba3bde5cf2bac6012d2a00fafae54856ee405c47ff45527ead83b9e20807a643aba14a9080c96c3d0e9ef7d2dbc61c122202c27f14da01c757828319dd45550c97ba26e369d1cb4036be1e35494ec07e3685d46bc634bfd2f8f053e8984b31ee1f8639bb709c4dcf2f999dc78f9b738233191b8955bf5306431c0d8a308ef0a8b19a1d79cce35e07e92c1fe020345075b44dbe3e4bcda4c57b86c2251a8439c893210b0f00d7be31db4cbd284358ba44385d5db982531f25478a4c19045db292aa9e842fae3568057303f9faffdea9ee4d0dcb3265874391f4db1c8252d19fa1481057f62ef2bf183b0dc562332b0d42c42d71227f3c25cc9b636e47bf9c952aeab5aeabf1805ef35ba0a9898ee64d733a3168035082f9a839dd940246f765ad0df0136edf4dee4df4ca5df177352432faa38af83516db24e41b8ce25bfe0d8352813ef5aa17215ac9181ff52705cf4df88fc17a43c0152aa0352283b9938c93eb737be95a8b8d9dfba10643636ce269b3113f5f04db55e686a9b9c58c239eff9737b1d2ecba68d2aec2ed4009708f7450c405052d95c6a6b4ba230423027687d5c773bc264cb6e471f70fac28c00f72fc3dd69f35a44be86cc2629c014186b8dd8698b4663273efcbeb7b981bc0c8cc652b715737c50a1f9e73ae13d7d3e164f2db734682c93bac6cfde6f3c0b48adcbd5756a102a7f00e82889be3f9987fad7bf892640f466cd3ef5629eba621e38b28adccad0d47d53a3322f404fa70e64e24604d07f8e13d2d7dab3083e3f8741cc27fdb3da18654fe8e8aa004d5fe9aea61838068fd8f0eb7771b0480fc4767aa030b550be6a4bb493b03dd646503b28989d6ecb33409c24254a02f1c6902e97ad347bb7b2ead0a3a20b4840f4b09af8e0bfea2c028711964857e7c958ba935c0015ab6c6acee81bf5532dcca865e7c262f76a86fd7f8d6fd65d3ef6c53e380ac0caa3339f1e51eafd5c5e0a7f85aaf2ff936f9473b82737b810a8af23774c3bad1f80fee73b939b60cd976ac260b68796783a53e3b95ccf34cbe53cf47274896b1b019be13278fb6332e230177fa7d1dfec8675679c0d8cc5b40b1df3bb4ddb80ad8b115b72f6bb35e3b6f2e4858b38e2aacdc7ae2764d483d2c1df4e2a35f335cef93b28e3c7231099a2e8255839abd2c1a750a30619f900c54ecd330e2415e18d2a600a5225ca91ae563c31c9272515fb2b6468b449816eae58c6b4ab277ecbbf1da3d352eb2fc1fe9a37613ceaff76ae7b69ac91cfafe057ea6fc45703ba93295f6d8d60395fe7f1161d894982d87423f5060ddce484bd8742703d055ac74b6f0f1eb30ec2276328756a9ffdf776b1f88938dc47f821950db084314dbc362403895fd239169f9243bcf1715d5735bf183cafca8dc8ce779f91a7f1cb580b83e6d89d2d3013c81ad6fc377d1beaf1d5e246d3f0aca0b00ae42db4cc1876c7a5bd5679cfac5a9458ebedcb220c16dbb3ea38d18472b1f379fdad38aee112519b99b041340ec96ecbcec40f5c7c407520ed035157bcae9df2fef8dee37df60581582bc78b1206f2219a837e66cb090bc56ab37b64612f64bff44d00ae5ff1d9aff2b5fc48e607ecb38dfe987dc30019b4d08f9d31e735b2fa74f6d876f88ea7277462458211e1b8988a5837bfadf5b9c2db2fef368e5bb0c1984915d1ffc423193974b36059818844eb5d88c0782df354ba3a325f5f32e771662a4c0ace9594ab3da04c23acebaa3ced4ea544cc369ce60e3f8bd6e3cf5ef78a1d15bc14b9675b6a84977ea2a9ce11a56c4a0de99dcaf2fe6dd60cba9fea2549ddc165a516bbcc7915e5f252979e0c58eead3a671b665b0541da31f6d402b4f19b01327e47c3fb44e9201d280e12b111686fa96578a8d9c5fd93fa80ce0e2aa10bb881d105bb803288e493c0a811c0d52f105e8b4fd5f217dd935388aedca62cb87739b4a689b9408c0efe5b2c654876f721963998d4847dba6423adca9bcf756d3cc2b3c645e8be0bb880f91a465c9d6d1c20a0a46178ced5055b9c1ae28dd7579b35e3b3d736fd3b2a416c48ed5f17d47aef0924da1e349ded67a9dae0269db21233e7e6e9a2725e0d953a7ef4d61b9d8b78f5be1c4326975cddf35cdbf2274d02fc4886d9c6457bbcfc1043b7500d97965f3eed3d8b50709274533757455415994f68a0d93a020d20d4cee1f312aaa47dcf6d1bd8a445b1f23dfa843cabcced1feae69d4f79e45524034896765661f30c6e99b406ec27f4b3add5e685b242b96a3af160fc8fa2531ad41e58d8e516d878d46cc2db9dd71679913480b2f5fe99eb28c552e58358819d4fae2cf7b883e7da8350805a73e2220081a05ea662e5bfa612a88b247e34ceee62ed1c865a9384c9b91328e732ec1f63753f870d45556c508a26b625b9a4865027628e3c8d0145be563eef8941fa789f8b70c108e1ac2872dae0e2d4dcd430e6c37f969e7e15363fd54401abca321f8ff4cafd7979dce4048407acd580a56c197ebfabe5564a5f0cb0f1f249b4e634b24b47c1054f992379961361f6670003d0fc05db8c4292ece6116d6c058364446c7007b663593ce6bf3c54f1c7065481d59f1994c129ea7231ec2183835da9603c17d2979df07377af1118010f7160cf636647a3f82b2e9cc743c8cc53eafd786fd564087e12b2d84e2dfb189f54b3bd08dc38c29d1be4abc442443bbdfad522c39413b0d1f953952a58db147baf6d023f288fb30fb7cb55590b8b5164fa6bd8c97f30fb3737565c069abeceb919bbd0a3342d4157e27465caebd9fca83d8747d9e8c63f345935888f72fcb898d9de0966faa7d6197fd8ddceac63c56742873854949e0b6613eb51f8e39b89ea59d5ea90890f114a16d6e914b52869159455bac7b589a229ccadd594e074c93946e010761e8435202d24141272bafd803b04ed7b8ac6f6022a04a510ddf8570e77e161e9a6ef0c9c7ef6c86fa4ea6144edadb16fc8fbe586f876fd6e7a630b49d8c9666c4c5b89f79b8809d6de0e459c6fe20343c6adaee94c40b7dc3ff4a1f665f81e5d2eb7671b18c72097ab39c3ccd506a5eaf360656e59f8f496baef83a5925ff9361c3a9a0743ec5ff3c40ce1f0a39410b0150f1575526135904a6c77d1075d86acd7d809d05e1fcf20636d9a6c90203561d7b4d037567c5f9e803ecf8ff0cf24878805cde7c841100bd003573c8afbde8b07494e490f2f8ee077379843ac1175ab41a11465f998a51b0c1c82bcc669395fd0001c66af7327733b6b4e22ca2ab5d22a33c62f2b126c3bc3dffe1b23bf8f9be6df9d26dc5596eef3659fca546bebb0eb2165742750348a54dfa42140876166b4a4687669530b4c6741bff1fa59b7201f64e14bd15773be507cbcb0300d7ba1b41d60d980cf01afea3004bc9c73b2ff49a229f18c3926d9499c0a355aaa548e64e51ac0580f866cfcad00da1166dc450498218f58cc2ad0b84e72d14f028c1108b3c88a7acb8b711bc51c535173077707b9073093ef38895916c062ce8fbd5c10e0462c93365ded2b8bfcef205d3901aa9a51ec2bf240a1d2bbfcca652392c89b38e7c73b5d7b68e6e47ef6999d3b071aca49061454788a6bc89c82bf74daf4dc3cd85bbc459f4fc9cad59c68970c6d8d1167fedb054e035d38138baa02049ea859782f64a391df388c68c7e92d167a43ccf90d0faa144342b8dcd2419cb0804ef687795f89492825deb9fdf73b27ea75c5fe7f5d5277b064d0675447a5117cb9b19eade9b6ec542329b5f3a040738a25e94d9dfd94d1846ae7c04fb179ef4dc63fb443f63149f4c1a0aa7216cc83fb7d617199b7106f2b476df1fe77c2c69540fa1f29f6563aa543c3884b9aa56ed87c82ab64128492698f61517c3564b6de14a6a253815bcb687e0b0d265aececec13780b6ef3b3de0926ef48d1e5c6383c620008abe510890b9156619f1a6e59aef335403ba39b513f65c8d5229aaa4d4016203f9b7749e4c2e6e3a9a3d03611a2cce61d366b8b75f2ad543765cc9e08e4225d58ce7b3a9", 0x1000, 0x100}, {&(0x7f00000013c0)="ca46641306074bf61d28fb8f3c3c7b82dc39205f83c8e8a8b8aeafc78f3c7380221535c710204945534a89b7067209b07fa823c9df284d5b31bb2f3217efd873ba07fe0c9b055e2b0241144e9b32fdc6a69c30019e39483d4e9faa214abad3ada6f2ba3db942abb9ed475c1eb098823389fd5e7eafcc25cd67d075ffc483ef2e60a2235f0717a049b21f073b859165712e5dd5c2c2324248", 0x98, 0xb2c3}, {&(0x7f0000001480)="82e8ca82504f4884057d0bf6b41c13e48536e7a20cab637c96a48c21b4cc4939f61781ff1414a1427a091967f5252bbcfcaf73f1c7d04722c3695a22155091d60d38aafc34dd9b75678338d9232930302a06cc978918eaa4357b2f5afa38e744974b0bbdc668a3ee72d37ed9724c58c2d8c9debeda65651864280fecec2e80c981a5cb508f654276dabedcebc143f09bf18c691446e200a34f417739e181962810793308822eb3f4e9d33739c2f95289f457d52351b4c9ce92e16d99a203752d01fb3f7d7d68db6dcf3b16c2d79d0e6950364ed42e17d8e63b9263172990e8e45353d6472c1a6d46ba", 0xe9, 0xd0}, {&(0x7f0000001580)="76dde27c4e7f41408cca08d0c236b49c104a89f6469d3df77ef361a3034829e5fc6acf6b59efa672454aad8b342c80f63dda57838b826313d0f675c46e3cd95b7b2b53504d25fc256006eebe4fe1fe24f9998abde65fe519b4c7035fbab60e23f46184158e6ddb1551069b5ba9e7206543ad29f80c77c292dfb3211b387202e9549b77dbcebddf18b918c9a5a15b7d127ef2b437f3b8410fcde3ee4e327a81f644187ffe9fdcb4de20f7178fa4c301a943c93f1c2576001921057c0656220fc3226feda4fb343997bbd003095d6690fca3cb417aaf580acf5cef75dc23d5b0c9e3e8352b18a3fc0bae96e4edd3d679707f932878a090edae9b13", 0xfa, 0x1ff}, {&(0x7f0000001680)="e849a05eaa528a55c2c786280759a1e024909c1a733d5370a401c3d5eee54d9928a168e8f7ca2b9a535d41026c91b65817c878a03ef479d4abe9b2db4c1c0a4128f88a47e702fe5718e7cd43f0fbc4de735889ab8d8ad1354c9312a43067416423ffc63ee59ff4cf08493c9ed9a645b0cc9993ebe60c0623ae", 0x79, 0x4}], 0x220011, &(0x7f0000001780)={[{@shortname_winnt}, {@utf8no}, {@uni_xlateno}, {@fat=@flush}, {@shortname_lower}, {@shortname_lower}, {@rodir}, {@rodir}, {@shortname_winnt}], [{@audit}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@fsname}, {@fsname={'fsname', 0x3d, 'vfat\x00'}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@func={'func', 0x3d, 'MODULE_CHECK'}}, {@euid_lt={'euid<', r1}}]}) statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000280)=""/225) setxattr$trusted_overlay_opaque(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), &(0x7f0000000180), 0x2, 0x1) [ 2496.121908] ? alloc_pipe_info+0x10d/0x5a0 [ 2496.121930] alloc_pipe_info+0x10d/0x5a0 [ 2496.121958] splice_direct_to_actor+0x78c/0x9d0 [ 2496.121980] ? __pfx_direct_splice_actor+0x10/0x10 [ 2496.121998] ? lock_acquire+0x62/0x2f0 [ 2496.122017] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2496.122036] ? lock_acquire+0x15e/0x2f0 [ 2496.122055] do_splice_direct+0x179/0x250 [ 2496.122072] ? __pfx_do_splice_direct+0x10/0x10 [ 2496.122090] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2496.122110] ? security_file_permission+0x22/0x90 [ 2496.122131] do_sendfile+0xa8e/0xdc0 [ 2496.122158] ? __pfx_do_sendfile+0x10/0x10 [ 2496.122177] ? __fget_files+0x20d/0x3b0 [ 2496.122207] __x64_sys_sendfile64+0x1d3/0x210 [ 2496.122222] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2496.122246] do_syscall_64+0xbf/0x360 [ 2496.122264] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2496.122280] RIP: 0033:0x7f1a763a9b19 [ 2496.122291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2496.122305] RSP: 002b:00007f1a7391f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2496.122319] RAX: ffffffffffffffda RBX: 00007f1a764bcf60 RCX: 00007f1a763a9b19 [ 2496.122329] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2496.122338] RBP: 00007f1a7391f1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2496.122347] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2496.122355] R13: 00007ffd1680876f R14: 00007f1a7391f300 R15: 0000000000022000 [ 2496.122379] [ 2496.123836] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2496.155594] FAULT_INJECTION: forcing a failure. [ 2496.155594] name failslab, interval 1, probability 0, space 0, times 0 [ 2496.161483] CPU: 1 UID: 0 PID: 15374 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2496.161503] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2496.161511] Call Trace: [ 2496.161516] [ 2496.161522] dump_stack_lvl+0xfa/0x120 [ 2496.161543] should_fail_ex+0x4d7/0x5e0 [ 2496.161571] should_failslab+0xc2/0x120 [ 2496.161594] __kmalloc_cache_noprof+0x73/0x470 [ 2496.161614] ? __might_fault+0xe0/0x190 [ 2496.161629] ? alloc_pipe_info+0x10d/0x5a0 [ 2496.161650] ? perf_trace_lock_acquire+0xc9/0x700 [ 2496.161671] ? alloc_pipe_info+0x10d/0x5a0 [ 2496.161693] alloc_pipe_info+0x10d/0x5a0 [ 2496.161718] splice_direct_to_actor+0x78c/0x9d0 [ 2496.161737] ? __pfx_direct_splice_actor+0x10/0x10 [ 2496.161755] ? lock_acquire+0x62/0x2f0 [ 2496.161773] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2496.161792] ? lock_acquire+0x15e/0x2f0 [ 2496.161811] do_splice_direct+0x179/0x250 [ 2496.161828] ? __pfx_do_splice_direct+0x10/0x10 [ 2496.161845] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2496.161865] ? security_file_permission+0x22/0x90 [ 2496.161891] do_sendfile+0xa8e/0xdc0 [ 2496.161917] ? __pfx_do_sendfile+0x10/0x10 [ 2496.161937] ? __fget_files+0x20d/0x3b0 [ 2496.161964] __x64_sys_sendfile64+0x1d3/0x210 [ 2496.161980] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2496.162002] do_syscall_64+0xbf/0x360 [ 2496.162020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2496.162036] RIP: 0033:0x7f85c6477b19 [ 2496.162047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2496.162062] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2496.162076] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2496.162086] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2496.162095] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2496.162103] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2496.162112] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2496.162135] [ 2496.182268] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:27:48 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:27:48 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 2) [ 2496.297781] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:27:48 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 2) 09:27:48 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:27:48 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2496.362711] No source specified 09:27:48 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:27:48 executing program 1: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020202010", 0x4c, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x800) setfsuid(r1) syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000380)='./file1\x00', 0x1a, 0x5, &(0x7f0000001700)=[{&(0x7f00000003c0)="5906bb241d8234ddad09b635cd392019bcce98f110675a69ba22d3021b92d7528f84ba51aa8ca515dd171fc26290cc9530a13aa18ecf1dacdf5e08425c84eb24a592b39a09d77464d9851d7efeee761a6c298a3f87453fccd79fc203134c5cab8084b3a8d00b1931cc89b5f60bf1a0b678c65fb6a55e46b2b8103740ec630143d5f7ded761339d3e1341c7d19d347dc565af2158291f4b6ebcb8a8dbd1c3ba6f77c59cfcf1b9c978330fc26f8cf20f47fa040d4cac1fce020466c2bcd0852a82a93a5bc326a15ad61548a7b11fb1de3d444d7946fe7e05a6c430c72a976898747cb77122cff217f3ede70272a4767f640fb055d75c5de0894a2291c85b726a627b963eaca3b87ec928bca0c6bf68c9bd41be8081fba14dda3bc2167ba721af2816984018c4f7dfc90845e93290a4d67c8dc59e614f66fea0a95165228c447897bbc933a65a39046046e37f2906ce6f94d3b6e8ab2f68a80fc13fc484af8724ba9e129896731b77201e62d0d48f575947e6aaecf41ef7d355d048a79f97242305569964470ec3350a7c5c6b1f38aeb0728cbeb1c6e31945f18ffd7d35284941d9505b84cc9700be96bbcceb9dbbcdd2f2bdbc815e636b27c4bf619444371a97ea49b56a03e795dc3ccdcfcfa525e8e6778308188afd47f2d9ba697d332892be9d468d1522a37d8ac7a21d284c9b809dafeae28460a9287e83f741595f441acc19d9cf638e2c63d57e2c43eb08883534c3f8188f99c908ce757dd4feaf5322d18eb0173f614d8a9f79bf41ffce6e3aa16f4710db9120195f241899a571cf9c2af6f239a385de668037b0bbe856210fb9664620b9ccabf137aaa2d2e4f556b461c89b8fdb062e64455618787591becfa0e0883704a9fdce853143f264eb6766aae9cba1fc9680c40db06def0a093063ba54a6913af3172b6f1469849ec7a323d356043f58ba9e577e1f76ad7b7b239e63ad03db9a0c12d7cc96357ed0fee917785376716552697d9cf44e74579f36d7d10fb1a86c10612d48954d0510bb08272bbb6f61e079bd9a85061b813b1a67a557244c67e63f42eeec46804af8fa1056ef147586df751a72a1b192bab0e5525462c71de71b10aefb66dae4ef00bb8db2b7defd53dbb63b24dee4be24851d60325f16db295e3de0533063a9866c963707ae1e27b933aa84370c4c0b1b0b49e84e0139a74710ffe2beefcb5a428343c98b7134fd84cc5d852abb5f674399a35e2072a3871b11d7a77c3e81182ff31cb36df8b778c850c9a0dd978d762d25f4903ee238af69024cfc7f64b602d312974da9fa751dd937942d1c8cb6f7e9aea59612b7a60cedeb88234667405f3b322b03475802c09c710d2789f8ebf806535f56435e5ffe636584493dd36d3cf514efc459dd28a815f07ad39638c5f1b825496ab899b77a2027c493038b150398b66364a97fa77fd1337e3f0184a8136be8b3c8e348add0f7e443e14237601326fee700e93fab7c88ea03a58a3833aab49426a3732a3be716ded8fd2dfd994e3b57adaf1fcfa6a4f14b01bb6a1ad280d2d30817d4b79800ab1addd303bb038d657a5063b468db090ad63d62b83d1b0f454a0c79fd4f694d8d1d9665549f383365f2edc630ae22bbc67d5e6147f5fdc217fe615654dc3fc7545a71e20001b0261b9ff490ba34d47153efe0b27db61572ea2933a707104195d6a6e38664c62e89dcde0459f7db5236e8f419ec689d7fb8d4ccf0faa327e139c5456fdcadba3bde5cf2bac6012d2a00fafae54856ee405c47ff45527ead83b9e20807a643aba14a9080c96c3d0e9ef7d2dbc61c122202c27f14da01c757828319dd45550c97ba26e369d1cb4036be1e35494ec07e3685d46bc634bfd2f8f053e8984b31ee1f8639bb709c4dcf2f999dc78f9b738233191b8955bf5306431c0d8a308ef0a8b19a1d79cce35e07e92c1fe020345075b44dbe3e4bcda4c57b86c2251a8439c893210b0f00d7be31db4cbd284358ba44385d5db982531f25478a4c19045db292aa9e842fae3568057303f9faffdea9ee4d0dcb3265874391f4db1c8252d19fa1481057f62ef2bf183b0dc562332b0d42c42d71227f3c25cc9b636e47bf9c952aeab5aeabf1805ef35ba0a9898ee64d733a3168035082f9a839dd940246f765ad0df0136edf4dee4df4ca5df177352432faa38af83516db24e41b8ce25bfe0d8352813ef5aa17215ac9181ff52705cf4df88fc17a43c0152aa0352283b9938c93eb737be95a8b8d9dfba10643636ce269b3113f5f04db55e686a9b9c58c239eff9737b1d2ecba68d2aec2ed4009708f7450c405052d95c6a6b4ba230423027687d5c773bc264cb6e471f70fac28c00f72fc3dd69f35a44be86cc2629c014186b8dd8698b4663273efcbeb7b981bc0c8cc652b715737c50a1f9e73ae13d7d3e164f2db734682c93bac6cfde6f3c0b48adcbd5756a102a7f00e82889be3f9987fad7bf892640f466cd3ef5629eba621e38b28adccad0d47d53a3322f404fa70e64e24604d07f8e13d2d7dab3083e3f8741cc27fdb3da18654fe8e8aa004d5fe9aea61838068fd8f0eb7771b0480fc4767aa030b550be6a4bb493b03dd646503b28989d6ecb33409c24254a02f1c6902e97ad347bb7b2ead0a3a20b4840f4b09af8e0bfea2c028711964857e7c958ba935c0015ab6c6acee81bf5532dcca865e7c262f76a86fd7f8d6fd65d3ef6c53e380ac0caa3339f1e51eafd5c5e0a7f85aaf2ff936f9473b82737b810a8af23774c3bad1f80fee73b939b60cd976ac260b68796783a53e3b95ccf34cbe53cf47274896b1b019be13278fb6332e230177fa7d1dfec8675679c0d8cc5b40b1df3bb4ddb80ad8b115b72f6bb35e3b6f2e4858b38e2aacdc7ae2764d483d2c1df4e2a35f335cef93b28e3c7231099a2e8255839abd2c1a750a30619f900c54ecd330e2415e18d2a600a5225ca91ae563c31c9272515fb2b6468b449816eae58c6b4ab277ecbbf1da3d352eb2fc1fe9a37613ceaff76ae7b69ac91cfafe057ea6fc45703ba93295f6d8d60395fe7f1161d894982d87423f5060ddce484bd8742703d055ac74b6f0f1eb30ec2276328756a9ffdf776b1f88938dc47f821950db084314dbc362403895fd239169f9243bcf1715d5735bf183cafca8dc8ce779f91a7f1cb580b83e6d89d2d3013c81ad6fc377d1beaf1d5e246d3f0aca0b00ae42db4cc1876c7a5bd5679cfac5a9458ebedcb220c16dbb3ea38d18472b1f379fdad38aee112519b99b041340ec96ecbcec40f5c7c407520ed035157bcae9df2fef8dee37df60581582bc78b1206f2219a837e66cb090bc56ab37b64612f64bff44d00ae5ff1d9aff2b5fc48e607ecb38dfe987dc30019b4d08f9d31e735b2fa74f6d876f88ea7277462458211e1b8988a5837bfadf5b9c2db2fef368e5bb0c1984915d1ffc423193974b36059818844eb5d88c0782df354ba3a325f5f32e771662a4c0ace9594ab3da04c23acebaa3ced4ea544cc369ce60e3f8bd6e3cf5ef78a1d15bc14b9675b6a84977ea2a9ce11a56c4a0de99dcaf2fe6dd60cba9fea2549ddc165a516bbcc7915e5f252979e0c58eead3a671b665b0541da31f6d402b4f19b01327e47c3fb44e9201d280e12b111686fa96578a8d9c5fd93fa80ce0e2aa10bb881d105bb803288e493c0a811c0d52f105e8b4fd5f217dd935388aedca62cb87739b4a689b9408c0efe5b2c654876f721963998d4847dba6423adca9bcf756d3cc2b3c645e8be0bb880f91a465c9d6d1c20a0a46178ced5055b9c1ae28dd7579b35e3b3d736fd3b2a416c48ed5f17d47aef0924da1e349ded67a9dae0269db21233e7e6e9a2725e0d953a7ef4d61b9d8b78f5be1c4326975cddf35cdbf2274d02fc4886d9c6457bbcfc1043b7500d97965f3eed3d8b50709274533757455415994f68a0d93a020d20d4cee1f312aaa47dcf6d1bd8a445b1f23dfa843cabcced1feae69d4f79e45524034896765661f30c6e99b406ec27f4b3add5e685b242b96a3af160fc8fa2531ad41e58d8e516d878d46cc2db9dd71679913480b2f5fe99eb28c552e58358819d4fae2cf7b883e7da8350805a73e2220081a05ea662e5bfa612a88b247e34ceee62ed1c865a9384c9b91328e732ec1f63753f870d45556c508a26b625b9a4865027628e3c8d0145be563eef8941fa789f8b70c108e1ac2872dae0e2d4dcd430e6c37f969e7e15363fd54401abca321f8ff4cafd7979dce4048407acd580a56c197ebfabe5564a5f0cb0f1f249b4e634b24b47c1054f992379961361f6670003d0fc05db8c4292ece6116d6c058364446c7007b663593ce6bf3c54f1c7065481d59f1994c129ea7231ec2183835da9603c17d2979df07377af1118010f7160cf636647a3f82b2e9cc743c8cc53eafd786fd564087e12b2d84e2dfb189f54b3bd08dc38c29d1be4abc442443bbdfad522c39413b0d1f953952a58db147baf6d023f288fb30fb7cb55590b8b5164fa6bd8c97f30fb3737565c069abeceb919bbd0a3342d4157e27465caebd9fca83d8747d9e8c63f345935888f72fcb898d9de0966faa7d6197fd8ddceac63c56742873854949e0b6613eb51f8e39b89ea59d5ea90890f114a16d6e914b52869159455bac7b589a229ccadd594e074c93946e010761e8435202d24141272bafd803b04ed7b8ac6f6022a04a510ddf8570e77e161e9a6ef0c9c7ef6c86fa4ea6144edadb16fc8fbe586f876fd6e7a630b49d8c9666c4c5b89f79b8809d6de0e459c6fe20343c6adaee94c40b7dc3ff4a1f665f81e5d2eb7671b18c72097ab39c3ccd506a5eaf360656e59f8f496baef83a5925ff9361c3a9a0743ec5ff3c40ce1f0a39410b0150f1575526135904a6c77d1075d86acd7d809d05e1fcf20636d9a6c90203561d7b4d037567c5f9e803ecf8ff0cf24878805cde7c841100bd003573c8afbde8b07494e490f2f8ee077379843ac1175ab41a11465f998a51b0c1c82bcc669395fd0001c66af7327733b6b4e22ca2ab5d22a33c62f2b126c3bc3dffe1b23bf8f9be6df9d26dc5596eef3659fca546bebb0eb2165742750348a54dfa42140876166b4a4687669530b4c6741bff1fa59b7201f64e14bd15773be507cbcb0300d7ba1b41d60d980cf01afea3004bc9c73b2ff49a229f18c3926d9499c0a355aaa548e64e51ac0580f866cfcad00da1166dc450498218f58cc2ad0b84e72d14f028c1108b3c88a7acb8b711bc51c535173077707b9073093ef38895916c062ce8fbd5c10e0462c93365ded2b8bfcef205d3901aa9a51ec2bf240a1d2bbfcca652392c89b38e7c73b5d7b68e6e47ef6999d3b071aca49061454788a6bc89c82bf74daf4dc3cd85bbc459f4fc9cad59c68970c6d8d1167fedb054e035d38138baa02049ea859782f64a391df388c68c7e92d167a43ccf90d0faa144342b8dcd2419cb0804ef687795f89492825deb9fdf73b27ea75c5fe7f5d5277b064d0675447a5117cb9b19eade9b6ec542329b5f3a040738a25e94d9dfd94d1846ae7c04fb179ef4dc63fb443f63149f4c1a0aa7216cc83fb7d617199b7106f2b476df1fe77c2c69540fa1f29f6563aa543c3884b9aa56ed87c82ab64128492698f61517c3564b6de14a6a253815bcb687e0b0d265aececec13780b6ef3b3de0926ef48d1e5c6383c620008abe510890b9156619f1a6e59aef335403ba39b513f65c8d5229aaa4d4016203f9b7749e4c2e6e3a9a3d03611a2cce61d366b8b75f2ad543765cc9e08e4225d58ce7b3a9", 0x1000, 0x100}, {&(0x7f00000013c0)="ca46641306074bf61d28fb8f3c3c7b82dc39205f83c8e8a8b8aeafc78f3c7380221535c710204945534a89b7067209b07fa823c9df284d5b31bb2f3217efd873ba07fe0c9b055e2b0241144e9b32fdc6a69c30019e39483d4e9faa214abad3ada6f2ba3db942abb9ed475c1eb098823389fd5e7eafcc25cd67d075ffc483ef2e60a2235f0717a049b21f073b859165712e5dd5c2c2324248", 0x98, 0xb2c3}, {&(0x7f0000001480)="82e8ca82504f4884057d0bf6b41c13e48536e7a20cab637c96a48c21b4cc4939f61781ff1414a1427a091967f5252bbcfcaf73f1c7d04722c3695a22155091d60d38aafc34dd9b75678338d9232930302a06cc978918eaa4357b2f5afa38e744974b0bbdc668a3ee72d37ed9724c58c2d8c9debeda65651864280fecec2e80c981a5cb508f654276dabedcebc143f09bf18c691446e200a34f417739e181962810793308822eb3f4e9d33739c2f95289f457d52351b4c9ce92e16d99a203752d01fb3f7d7d68db6dcf3b16c2d79d0e6950364ed42e17d8e63b9263172990e8e45353d6472c1a6d46ba", 0xe9, 0xd0}, {&(0x7f0000001580)="76dde27c4e7f41408cca08d0c236b49c104a89f6469d3df77ef361a3034829e5fc6acf6b59efa672454aad8b342c80f63dda57838b826313d0f675c46e3cd95b7b2b53504d25fc256006eebe4fe1fe24f9998abde65fe519b4c7035fbab60e23f46184158e6ddb1551069b5ba9e7206543ad29f80c77c292dfb3211b387202e9549b77dbcebddf18b918c9a5a15b7d127ef2b437f3b8410fcde3ee4e327a81f644187ffe9fdcb4de20f7178fa4c301a943c93f1c2576001921057c0656220fc3226feda4fb343997bbd003095d6690fca3cb417aaf580acf5cef75dc23d5b0c9e3e8352b18a3fc0bae96e4edd3d679707f932878a090edae9b13", 0xfa, 0x1ff}, {&(0x7f0000001680)="e849a05eaa528a55c2c786280759a1e024909c1a733d5370a401c3d5eee54d9928a168e8f7ca2b9a535d41026c91b65817c878a03ef479d4abe9b2db4c1c0a4128f88a47e702fe5718e7cd43f0fbc4de735889ab8d8ad1354c9312a43067416423ffc63ee59ff4cf08493c9ed9a645b0cc9993ebe60c0623ae", 0x79, 0x4}], 0x220011, &(0x7f0000001780)={[{@shortname_winnt}, {@utf8no}, {@uni_xlateno}, {@fat=@flush}, {@shortname_lower}, {@shortname_lower}, {@rodir}, {@rodir}, {@shortname_winnt}], [{@audit}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@fsname}, {@fsname={'fsname', 0x3d, 'vfat\x00'}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@func={'func', 0x3d, 'MODULE_CHECK'}}, {@euid_lt={'euid<', r1}}]}) statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000280)=""/225) setxattr$trusted_overlay_opaque(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), &(0x7f0000000180), 0x2, 0x1) [ 2496.481365] loop2: detected capacity change from 0 to 288 09:27:48 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 1) [ 2496.521777] loop6: detected capacity change from 0 to 256 [ 2496.532933] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2496.543035] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:27:49 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:27:49 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 3) [ 2496.647154] syz-executor.0: attempt to access beyond end of device [ 2496.647154] loop0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 2496.650808] FAT-fs (loop0): unable to read boot sector 09:27:49 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2496.678487] FAULT_INJECTION: forcing a failure. [ 2496.678487] name failslab, interval 1, probability 0, space 0, times 0 [ 2496.679367] CPU: 1 UID: 0 PID: 15403 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2496.679383] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2496.679394] Call Trace: [ 2496.679399] [ 2496.679404] dump_stack_lvl+0xfa/0x120 [ 2496.679424] should_fail_ex+0x4d7/0x5e0 [ 2496.679450] ? alloc_pipe_info+0x1e8/0x5a0 [ 2496.679469] should_failslab+0xc2/0x120 [ 2496.679490] __kmalloc_noprof+0xb4/0x4b0 [ 2496.679513] alloc_pipe_info+0x1e8/0x5a0 [ 2496.679534] splice_direct_to_actor+0x78c/0x9d0 [ 2496.679551] ? __pfx_direct_splice_actor+0x10/0x10 [ 2496.679570] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2496.679586] ? lock_acquire+0x15e/0x2f0 [ 2496.679604] do_splice_direct+0x179/0x250 [ 2496.679618] ? __pfx_do_splice_direct+0x10/0x10 [ 2496.679633] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2496.679650] ? security_file_permission+0x22/0x90 [ 2496.679668] do_sendfile+0xa8e/0xdc0 [ 2496.679689] ? __pfx_do_sendfile+0x10/0x10 [ 2496.679705] ? __pfx___schedule+0x10/0x10 [ 2496.679722] ? __fget_files+0x20d/0x3b0 [ 2496.679746] __x64_sys_sendfile64+0x1d3/0x210 [ 2496.679759] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2496.679779] do_syscall_64+0xbf/0x360 [ 2496.679794] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2496.679807] RIP: 0033:0x7f85c6477b19 [ 2496.679817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2496.679829] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2496.679841] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2496.679849] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2496.679857] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2496.679864] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2496.679872] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2496.679891] 09:27:49 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2496.714645] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:27:49 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) (fail_nth: 1) 09:27:49 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 3) [ 2496.721780] FAULT_INJECTION: forcing a failure. [ 2496.721780] name failslab, interval 1, probability 0, space 0, times 0 [ 2496.722661] CPU: 1 UID: 0 PID: 15404 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2496.722677] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2496.722688] Call Trace: [ 2496.722693] [ 2496.722698] dump_stack_lvl+0xfa/0x120 [ 2496.722712] should_fail_ex+0x4d7/0x5e0 [ 2496.722735] should_failslab+0xc2/0x120 [ 2496.722753] __kmalloc_cache_noprof+0x73/0x470 [ 2496.722770] ? __might_fault+0xe0/0x190 [ 2496.722782] ? alloc_pipe_info+0x10d/0x5a0 [ 2496.722799] ? perf_trace_lock_acquire+0xc9/0x700 [ 2496.722817] ? alloc_pipe_info+0x10d/0x5a0 [ 2496.722835] alloc_pipe_info+0x10d/0x5a0 [ 2496.722856] splice_direct_to_actor+0x78c/0x9d0 [ 2496.722871] ? __pfx_direct_splice_actor+0x10/0x10 [ 2496.722890] ? lock_acquire+0x62/0x2f0 [ 2496.722905] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2496.722921] ? lock_acquire+0x15e/0x2f0 [ 2496.722937] do_splice_direct+0x179/0x250 [ 2496.722951] ? __pfx_do_splice_direct+0x10/0x10 [ 2496.722965] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2496.722982] ? security_file_permission+0x22/0x90 [ 2496.722998] do_sendfile+0xa8e/0xdc0 [ 2496.723019] ? __pfx_do_sendfile+0x10/0x10 [ 2496.723035] ? __fget_files+0x20d/0x3b0 [ 2496.723058] __x64_sys_sendfile64+0x1d3/0x210 [ 2496.723073] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2496.723094] do_syscall_64+0xbf/0x360 [ 2496.723109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2496.723121] RIP: 0033:0x7f7b6ab9db19 [ 2496.723130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2496.723141] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2496.723153] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2496.723161] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2496.723168] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2496.723175] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2496.723182] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2496.723202] [ 2496.816813] syz-executor.6: attempt to access beyond end of device [ 2496.816813] loop6: rw=0, sector=0, nr_sectors = 1 limit=0 [ 2496.817826] FAT-fs (loop6): unable to read boot sector [ 2496.848051] syz-executor.0: attempt to access beyond end of device [ 2496.848051] loop0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 2496.850130] FAULT_INJECTION: forcing a failure. [ 2496.850130] name failslab, interval 1, probability 0, space 0, times 0 [ 2496.850208] FAULT_INJECTION: forcing a failure. [ 2496.850208] name failslab, interval 1, probability 0, space 0, times 0 [ 2496.850988] CPU: 1 UID: 0 PID: 15412 Comm: syz-executor.4 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2496.851010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2496.851018] Call Trace: [ 2496.851024] [ 2496.851030] dump_stack_lvl+0xfa/0x120 [ 2496.851048] should_fail_ex+0x4d7/0x5e0 [ 2496.851073] ? alloc_pipe_info+0x1e8/0x5a0 [ 2496.851093] should_failslab+0xc2/0x120 [ 2496.851113] __kmalloc_noprof+0xb4/0x4b0 [ 2496.851135] alloc_pipe_info+0x1e8/0x5a0 [ 2496.851156] splice_direct_to_actor+0x78c/0x9d0 [ 2496.851173] ? __pfx_direct_splice_actor+0x10/0x10 [ 2496.851188] ? lock_acquire+0x62/0x2f0 [ 2496.851203] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2496.851220] ? lock_acquire+0x15e/0x2f0 [ 2496.851236] do_splice_direct+0x179/0x250 [ 2496.851250] ? __pfx_do_splice_direct+0x10/0x10 [ 2496.851265] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2496.851282] ? security_file_permission+0x22/0x90 [ 2496.851300] do_sendfile+0xa8e/0xdc0 [ 2496.851321] ? __pfx_do_sendfile+0x10/0x10 [ 2496.851337] ? __fget_files+0x20d/0x3b0 [ 2496.851361] __x64_sys_sendfile64+0x1d3/0x210 [ 2496.851375] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2496.851394] do_syscall_64+0xbf/0x360 [ 2496.851409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2496.851421] RIP: 0033:0x7f1a763a9b19 [ 2496.851430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2496.851442] RSP: 002b:00007f1a7391f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2496.851454] RAX: ffffffffffffffda RBX: 00007f1a764bcf60 RCX: 00007f1a763a9b19 [ 2496.851463] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2496.851470] RBP: 00007f1a7391f1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2496.851478] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2496.851485] R13: 00007ffd1680876f R14: 00007f1a7391f300 R15: 0000000000022000 [ 2496.851504] [ 2496.856925] FAT-fs (loop0): unable to read boot sector [ 2496.885476] CPU: 0 UID: 0 PID: 15409 Comm: syz-executor.1 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2496.885512] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2496.885527] Call Trace: [ 2496.885537] [ 2496.885547] dump_stack_lvl+0xfa/0x120 [ 2496.885583] should_fail_ex+0x4d7/0x5e0 [ 2496.885628] ? jbd2__journal_start+0x193/0x6b0 [ 2496.885654] should_failslab+0xc2/0x120 [ 2496.885694] kmem_cache_alloc_noprof+0x5f/0x470 [ 2496.885728] ? lock_is_held_type+0x9e/0x120 [ 2496.885762] jbd2__journal_start+0x193/0x6b0 [ 2496.885796] __ext4_journal_start_sb+0x325/0x5d0 [ 2496.885832] ? ext4_truncate+0x697/0x11a0 [ 2496.885876] ext4_truncate+0x697/0x11a0 [ 2496.885927] ? __pfx_ext4_truncate+0x10/0x10 [ 2496.885961] ? __pfx_unmap_mapping_range+0x10/0x10 [ 2496.886009] ext4_setattr+0x1afb/0x2660 [ 2496.886068] ? __pfx_ext4_setattr+0x10/0x10 [ 2496.886107] notify_change+0x677/0x1240 [ 2496.886152] ? do_truncate+0x1be/0x220 [ 2496.886186] do_truncate+0x1be/0x220 [ 2496.886222] ? __pfx_do_truncate+0x10/0x10 [ 2496.886277] ? lock_is_held_type+0x9e/0x120 [ 2496.886308] do_ftruncate+0x3b6/0x6f0 [ 2496.886351] do_sys_ftruncate+0x65/0xb0 [ 2496.886392] __x64_sys_ftruncate+0x59/0x80 [ 2496.886430] do_syscall_64+0xbf/0x360 [ 2496.886476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2496.886502] RIP: 0033:0x7f6e9ba9ab19 [ 2496.886522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2496.886546] RSP: 002b:00007f6e99010188 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 2496.886570] RAX: ffffffffffffffda RBX: 00007f6e9bbadf60 RCX: 00007f6e9ba9ab19 [ 2496.886587] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 2496.886601] RBP: 00007f6e990101d0 R08: 0000000000000000 R09: 0000000000000000 [ 2496.886616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2496.886631] R13: 00007ffecb3d630f R14: 00007f6e99010300 R15: 0000000000022000 [ 2496.886672] [ 2496.916323] EXT4-fs error (device sda) in ext4_setattr:5985: Out of memory 09:27:59 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) (fail_nth: 2) 09:27:59 executing program 7: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_io_uring_complete(0x0) sendfile(r1, r2, 0x0, 0x80000) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000) tee(0xffffffffffffffff, r3, 0x6, 0x7) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x12) lsetxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000100)=@v2={0x3, 0x0, 0xc, 0x7ff, 0x9a, "a5d75c8ce278b190a998851ef7bf519ffb8f58bfbcc00df6ad5177f0c51bfec83a9893ee35ef19a2b0795873ff24a8cd5e4fcce973d9db5bd1a1b72ae21ddeb1ae4e282248ace461df5d82009fbab61ec06c2a992a890db6d5761b9504bf0cc7f25181e5783d5db42712aa1db997d9f963837e5e8235b5b6645510f3a0f1843d5067c18f447bd07ed7a818bfd17f5da410187afae14b0ee3717e"}, 0xa3, 0x1) sendfile(r0, r5, 0x0, 0x68e146a1) 09:27:59 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 4) 09:27:59 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:27:59 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 2) 09:27:59 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 4) 09:27:59 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:27:59 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2507.316343] loop2: detected capacity change from 0 to 288 [ 2507.332517] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2507.367408] loop0: detected capacity change from 0 to 256 [ 2507.372177] syz-executor.6: attempt to access beyond end of device [ 2507.372177] loop6: rw=0, sector=0, nr_sectors = 1 limit=0 [ 2507.390478] FAT-fs (loop6): unable to read boot sector [ 2507.402221] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2507.452547] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:28:11 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) (fail_nth: 3) 09:28:11 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 5) 09:28:11 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:11 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:11 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}, {0x0}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:11 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 3) 09:28:11 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 5) 09:28:11 executing program 7: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_io_uring_complete(0x0) sendfile(r1, r2, 0x0, 0x80000) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000) tee(0xffffffffffffffff, r3, 0x6, 0x7) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x12) lsetxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000100)=@v2={0x3, 0x0, 0xc, 0x7ff, 0x9a, "a5d75c8ce278b190a998851ef7bf519ffb8f58bfbcc00df6ad5177f0c51bfec83a9893ee35ef19a2b0795873ff24a8cd5e4fcce973d9db5bd1a1b72ae21ddeb1ae4e282248ace461df5d82009fbab61ec06c2a992a890db6d5761b9504bf0cc7f25181e5783d5db42712aa1db997d9f963837e5e8235b5b6645510f3a0f1843d5067c18f447bd07ed7a818bfd17f5da410187afae14b0ee3717e"}, 0xa3, 0x1) sendfile(r0, r5, 0x0, 0x68e146a1) [ 2519.549382] loop2: detected capacity change from 0 to 288 [ 2519.553623] syz-executor.6: attempt to access beyond end of device [ 2519.553623] loop6: rw=0, sector=0, nr_sectors = 1 limit=0 [ 2519.556860] FAULT_INJECTION: forcing a failure. [ 2519.556860] name failslab, interval 1, probability 0, space 0, times 0 [ 2519.558651] CPU: 1 UID: 0 PID: 15454 Comm: syz-executor.4 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2519.558691] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2519.558704] Call Trace: [ 2519.558712] [ 2519.558722] dump_stack_lvl+0xfa/0x120 [ 2519.558753] should_fail_ex+0x4d7/0x5e0 [ 2519.558794] ? copy_splice_read+0x15b/0xb70 [ 2519.558817] should_failslab+0xc2/0x120 [ 2519.558854] __kmalloc_noprof+0xb4/0x4b0 [ 2519.558888] ? __pfx_perf_trace_lock+0x10/0x10 [ 2519.558923] copy_splice_read+0x15b/0xb70 [ 2519.558950] ? __memcg_slab_post_alloc_hook+0x4a2/0x9d0 [ 2519.558981] ? lock_release+0xc8/0x290 [ 2519.559006] ? __pfx_copy_splice_read+0x10/0x10 [ 2519.559032] ? __memcg_slab_post_alloc_hook+0x4ac/0x9d0 [ 2519.559065] ? look_up_lock_class+0x56/0x150 [ 2519.559089] ? register_lock_class+0x41/0x560 [ 2519.559112] ? lockdep_init_map_type+0x4b/0x240 [ 2519.559139] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 2519.559172] ? __pfx_copy_splice_read+0x10/0x10 [ 2519.559199] do_splice_read+0x1f8/0x2a0 [ 2519.559228] splice_direct_to_actor+0x2a8/0x9d0 [ 2519.559256] ? __pfx_direct_splice_actor+0x10/0x10 [ 2519.559291] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2519.559321] ? lock_acquire+0x15e/0x2f0 [ 2519.559350] do_splice_direct+0x179/0x250 [ 2519.559376] ? __pfx_do_splice_direct+0x10/0x10 [ 2519.559403] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2519.559434] ? security_file_permission+0x22/0x90 [ 2519.559466] do_sendfile+0xa8e/0xdc0 [ 2519.559504] ? __pfx_do_sendfile+0x10/0x10 [ 2519.559534] ? __fget_files+0x20d/0x3b0 [ 2519.559578] __x64_sys_sendfile64+0x1d3/0x210 [ 2519.559601] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2519.559636] do_syscall_64+0xbf/0x360 [ 2519.559663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2519.559686] RIP: 0033:0x7f1a763a9b19 [ 2519.559703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2519.559725] RSP: 002b:00007f1a7391f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2519.559746] RAX: ffffffffffffffda RBX: 00007f1a764bcf60 RCX: 00007f1a763a9b19 [ 2519.559761] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2519.559774] RBP: 00007f1a7391f1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2519.559787] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2519.559800] R13: 00007ffd1680876f R14: 00007f1a7391f300 R15: 0000000000022000 [ 2519.559836] [ 2519.561733] syz-executor.0: attempt to access beyond end of device [ 2519.561733] loop0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 2519.567972] FAT-fs (loop6): unable to read boot sector [ 2519.578194] FAULT_INJECTION: forcing a failure. [ 2519.578194] name failslab, interval 1, probability 0, space 0, times 0 [ 2519.584264] FAULT_INJECTION: forcing a failure. [ 2519.584264] name failslab, interval 1, probability 0, space 0, times 0 [ 2519.584449] CPU: 0 UID: 0 PID: 15460 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2519.584479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2519.584492] Call Trace: [ 2519.584500] [ 2519.584508] dump_stack_lvl+0xfa/0x120 [ 2519.584535] should_fail_ex+0x4d7/0x5e0 [ 2519.584575] ? alloc_pipe_info+0x1e8/0x5a0 [ 2519.584608] should_failslab+0xc2/0x120 [ 2519.584642] __kmalloc_noprof+0xb4/0x4b0 [ 2519.584681] alloc_pipe_info+0x1e8/0x5a0 [ 2519.584719] splice_direct_to_actor+0x78c/0x9d0 [ 2519.584749] ? __pfx_direct_splice_actor+0x10/0x10 [ 2519.584775] ? lock_acquire+0x62/0x2f0 [ 2519.584803] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2519.584833] ? lock_acquire+0x15e/0x2f0 [ 2519.584862] do_splice_direct+0x179/0x250 [ 2519.584895] ? __pfx_do_splice_direct+0x10/0x10 [ 2519.584922] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2519.584953] ? security_file_permission+0x22/0x90 [ 2519.584983] do_sendfile+0xa8e/0xdc0 [ 2519.585022] ? __pfx_do_sendfile+0x10/0x10 [ 2519.585056] ? perf_trace_preemptirq_template+0x259/0x430 [ 2519.585100] __x64_sys_sendfile64+0x1d3/0x210 [ 2519.585123] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2519.585158] do_syscall_64+0xbf/0x360 [ 2519.585185] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2519.585207] RIP: 0033:0x7f7b6ab9db19 [ 2519.585224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2519.585245] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2519.585267] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2519.585281] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 09:28:12 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) (fail_nth: 4) [ 2519.585294] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2519.585308] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2519.585321] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2519.585357] [ 2519.594219] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2519.594948] CPU: 1 UID: 0 PID: 15461 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2519.594978] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2519.594990] Call Trace: [ 2519.594998] [ 2519.595007] dump_stack_lvl+0xfa/0x120 [ 2519.595032] should_fail_ex+0x4d7/0x5e0 [ 2519.595071] ? copy_splice_read+0x15b/0xb70 [ 2519.595093] should_failslab+0xc2/0x120 [ 2519.595127] __kmalloc_noprof+0xb4/0x4b0 [ 2519.595155] ? __pfx_perf_trace_lock+0x10/0x10 [ 2519.595188] copy_splice_read+0x15b/0xb70 [ 2519.595216] ? __memcg_slab_post_alloc_hook+0x4a2/0x9d0 [ 2519.595246] ? lock_release+0xc8/0x290 [ 2519.595271] ? __pfx_copy_splice_read+0x10/0x10 [ 2519.595297] ? __memcg_slab_post_alloc_hook+0x4ac/0x9d0 [ 2519.595330] ? look_up_lock_class+0x56/0x150 [ 2519.595353] ? register_lock_class+0x41/0x560 [ 2519.595376] ? lockdep_init_map_type+0x4b/0x240 [ 2519.595403] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 2519.595436] ? __pfx_copy_splice_read+0x10/0x10 [ 2519.595463] do_splice_read+0x1f8/0x2a0 [ 2519.595492] splice_direct_to_actor+0x2a8/0x9d0 [ 2519.595521] ? __pfx_direct_splice_actor+0x10/0x10 [ 2519.595556] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2519.595585] ? lock_acquire+0x15e/0x2f0 [ 2519.595614] do_splice_direct+0x179/0x250 [ 2519.595640] ? __pfx_do_splice_direct+0x10/0x10 [ 2519.595668] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2519.595698] ? security_file_permission+0x22/0x90 [ 2519.595729] do_sendfile+0xa8e/0xdc0 [ 2519.595767] ? __pfx_do_sendfile+0x10/0x10 [ 2519.595797] ? __fget_files+0x20d/0x3b0 [ 2519.595840] __x64_sys_sendfile64+0x1d3/0x210 [ 2519.595863] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2519.595906] do_syscall_64+0xbf/0x360 [ 2519.595933] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2519.595955] RIP: 0033:0x7f85c6477b19 [ 2519.595971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2519.595992] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2519.596013] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2519.596028] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2519.596041] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2519.596054] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2519.596067] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2519.596103] [ 2519.615194] FAT-fs (loop0): unable to read boot sector 09:28:12 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 4) 09:28:12 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 6) 09:28:12 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:12 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:12 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}, {0x0}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:12 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 6) [ 2519.985645] FAULT_INJECTION: forcing a failure. [ 2519.985645] name failslab, interval 1, probability 0, space 0, times 0 [ 2519.987621] CPU: 1 UID: 0 PID: 15472 Comm: syz-executor.1 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2519.987651] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2519.987664] Call Trace: [ 2519.987672] [ 2519.987681] dump_stack_lvl+0xfa/0x120 [ 2519.987713] should_fail_ex+0x4d7/0x5e0 [ 2519.987756] ? jbd2__journal_start+0x193/0x6b0 [ 2519.987779] should_failslab+0xc2/0x120 [ 2519.987815] kmem_cache_alloc_noprof+0x5f/0x470 [ 2519.987845] ? lock_is_held_type+0x9e/0x120 [ 2519.987876] jbd2__journal_start+0x193/0x6b0 [ 2519.987914] __ext4_journal_start_sb+0x325/0x5d0 [ 2519.987947] ? ext4_dirty_inode+0xa5/0x130 [ 2519.987987] ext4_dirty_inode+0xa5/0x130 [ 2519.988022] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 2519.988055] __mark_inode_dirty+0x1b7/0xd00 [ 2519.988096] ext4_setattr+0x8f2/0x2660 [ 2519.988149] ? __pfx_ext4_setattr+0x10/0x10 [ 2519.988184] notify_change+0x677/0x1240 [ 2519.988224] ? do_truncate+0x1be/0x220 [ 2519.988255] do_truncate+0x1be/0x220 [ 2519.988287] ? __pfx_do_truncate+0x10/0x10 [ 2519.988337] ? lock_is_held_type+0x9e/0x120 [ 2519.988364] do_ftruncate+0x3b6/0x6f0 [ 2519.988404] do_sys_ftruncate+0x65/0xb0 [ 2519.988441] __x64_sys_ftruncate+0x59/0x80 [ 2519.988475] do_syscall_64+0xbf/0x360 [ 2519.988502] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2519.988526] RIP: 0033:0x7f6e9ba9ab19 [ 2519.988543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2519.988565] RSP: 002b:00007f6e99010188 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 2519.988586] RAX: ffffffffffffffda RBX: 00007f6e9bbadf60 RCX: 00007f6e9ba9ab19 [ 2519.988602] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 2519.988615] RBP: 00007f6e990101d0 R08: 0000000000000000 R09: 0000000000000000 [ 2519.988628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2519.988641] R13: 00007ffecb3d630f R14: 00007f6e99010300 R15: 0000000000022000 [ 2519.988679] [ 2520.147113] syz-executor.0: attempt to access beyond end of device [ 2520.147113] loop0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 2520.152024] FAT-fs (loop0): unable to read boot sector [ 2520.162794] loop6: detected capacity change from 0 to 256 [ 2520.166018] loop2: detected capacity change from 0 to 288 [ 2520.180995] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2520.224018] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2520.402240] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:28:23 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 7) 09:28:23 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) (fail_nth: 5) 09:28:23 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:23 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 5) 09:28:23 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 1) 09:28:23 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 7) 09:28:23 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}, {0x0}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:23 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}, {0x0}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2531.409925] syz-executor.0: attempt to access beyond end of device [ 2531.409925] loop0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 2531.414428] FAT-fs (loop0): unable to read boot sector [ 2531.424437] loop2: detected capacity change from 0 to 288 [ 2531.428234] syz-executor.6: attempt to access beyond end of device [ 2531.428234] loop6: rw=0, sector=0, nr_sectors = 1 limit=0 [ 2531.431024] FAULT_INJECTION: forcing a failure. [ 2531.431024] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2531.431360] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2531.431990] CPU: 0 UID: 0 PID: 15502 Comm: syz-executor.4 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2531.432009] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2531.432016] Call Trace: [ 2531.432021] [ 2531.432026] dump_stack_lvl+0xfa/0x120 [ 2531.432045] should_fail_ex+0x4d7/0x5e0 [ 2531.432069] should_fail_alloc_page+0xe0/0x110 [ 2531.432091] prepare_alloc_pages+0x1af/0x500 [ 2531.432106] ? __pfx_perf_trace_lock+0x10/0x10 [ 2531.432124] alloc_pages_bulk_noprof+0x130/0xf20 [ 2531.432142] ? find_held_lock+0x2b/0x80 [ 2531.432162] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 2531.432177] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 2531.432199] ? __kasan_kmalloc+0x7f/0x90 [ 2531.432211] ? trace_kmalloc+0x1f/0xb0 [ 2531.432223] ? __kmalloc_noprof+0x215/0x4b0 [ 2531.432237] ? __pfx_perf_trace_lock+0x10/0x10 [ 2531.432255] copy_splice_read+0x192/0xb70 [ 2531.432271] ? __memcg_slab_post_alloc_hook+0x4a2/0x9d0 [ 2531.432289] ? lock_release+0xc8/0x290 [ 2531.432302] ? __pfx_copy_splice_read+0x10/0x10 [ 2531.432316] ? __memcg_slab_post_alloc_hook+0x4ac/0x9d0 [ 2531.432334] ? look_up_lock_class+0x56/0x150 [ 2531.432347] ? register_lock_class+0x41/0x560 [ 2531.432360] ? lockdep_init_map_type+0x4b/0x240 [ 2531.432374] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 2531.432392] ? __pfx_copy_splice_read+0x10/0x10 [ 2531.432407] do_splice_read+0x1f8/0x2a0 [ 2531.432423] splice_direct_to_actor+0x2a8/0x9d0 [ 2531.432438] ? __pfx_direct_splice_actor+0x10/0x10 [ 2531.432457] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2531.432473] ? lock_acquire+0x15e/0x2f0 [ 2531.432489] do_splice_direct+0x179/0x250 [ 2531.432502] ? __pfx_do_splice_direct+0x10/0x10 [ 2531.432517] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2531.432534] ? security_file_permission+0x22/0x90 [ 2531.432552] do_sendfile+0xa8e/0xdc0 [ 2531.432572] ? __pfx_do_sendfile+0x10/0x10 [ 2531.432589] ? __fget_files+0x20d/0x3b0 [ 2531.432613] __x64_sys_sendfile64+0x1d3/0x210 [ 2531.432625] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2531.432644] do_syscall_64+0xbf/0x360 [ 2531.432660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2531.432673] RIP: 0033:0x7f1a763a9b19 [ 2531.432683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2531.432694] RSP: 002b:00007f1a7391f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2531.432706] RAX: ffffffffffffffda RBX: 00007f1a764bcf60 RCX: 00007f1a763a9b19 [ 2531.432714] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2531.432721] RBP: 00007f1a7391f1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2531.432728] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2531.432735] R13: 00007ffd1680876f R14: 00007f1a7391f300 R15: 0000000000022000 [ 2531.432755] [ 2531.436408] FAULT_INJECTION: forcing a failure. [ 2531.436408] name failslab, interval 1, probability 0, space 0, times 0 [ 2531.454934] FAT-fs (loop6): unable to read boot sector [ 2531.455109] CPU: 0 UID: 0 PID: 15497 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2531.455126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2531.455133] Call Trace: [ 2531.455137] [ 2531.455142] dump_stack_lvl+0xfa/0x120 [ 2531.455157] should_fail_ex+0x4d7/0x5e0 [ 2531.455179] ? copy_splice_read+0x15b/0xb70 [ 2531.455191] should_failslab+0xc2/0x120 [ 2531.455211] __kmalloc_noprof+0xb4/0x4b0 [ 2531.455227] ? __pfx_perf_trace_lock+0x10/0x10 [ 2531.455245] copy_splice_read+0x15b/0xb70 [ 2531.455259] ? __memcg_slab_post_alloc_hook+0x4a2/0x9d0 [ 2531.455276] ? lock_release+0xc8/0x290 [ 2531.455290] ? __pfx_copy_splice_read+0x10/0x10 [ 2531.455304] ? __memcg_slab_post_alloc_hook+0x4ac/0x9d0 [ 2531.455322] ? look_up_lock_class+0x56/0x150 [ 2531.455334] ? register_lock_class+0x41/0x560 [ 2531.455347] ? lockdep_init_map_type+0x4b/0x240 [ 2531.455362] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 2531.455380] ? __pfx_copy_splice_read+0x10/0x10 [ 2531.455395] do_splice_read+0x1f8/0x2a0 [ 2531.455411] splice_direct_to_actor+0x2a8/0x9d0 [ 2531.455426] ? __pfx_direct_splice_actor+0x10/0x10 [ 2531.455445] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2531.455461] ? lock_acquire+0x15e/0x2f0 [ 2531.455477] do_splice_direct+0x179/0x250 [ 2531.455491] ? __pfx_do_splice_direct+0x10/0x10 [ 2531.455506] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2531.455523] ? security_file_permission+0x22/0x90 [ 2531.455540] do_sendfile+0xa8e/0xdc0 [ 2531.455561] ? __pfx_do_sendfile+0x10/0x10 [ 2531.455580] ? perf_trace_preemptirq_template+0x259/0x430 [ 2531.455603] __x64_sys_sendfile64+0x1d3/0x210 [ 2531.455615] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2531.455635] do_syscall_64+0xbf/0x360 [ 2531.455649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2531.455661] RIP: 0033:0x7f7b6ab9db19 [ 2531.455671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2531.455682] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2531.455694] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2531.455702] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2531.455709] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2531.455716] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2531.455723] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2531.455742] [ 2531.469459] FAULT_INJECTION: forcing a failure. 09:28:23 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2531.469459] name failslab, interval 1, probability 0, space 0, times 0 [ 2531.486962] CPU: 0 UID: 0 PID: 15503 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2531.486979] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2531.486986] Call Trace: [ 2531.486991] [ 2531.486995] dump_stack_lvl+0xfa/0x120 [ 2531.487012] should_fail_ex+0x4d7/0x5e0 [ 2531.487035] should_failslab+0xc2/0x120 [ 2531.487054] __kmalloc_cache_noprof+0x73/0x470 [ 2531.487071] ? __might_fault+0xe0/0x190 [ 2531.487083] ? alloc_pipe_info+0x10d/0x5a0 [ 2531.487101] ? perf_trace_lock_acquire+0xc9/0x700 [ 2531.487119] ? alloc_pipe_info+0x10d/0x5a0 [ 2531.487137] alloc_pipe_info+0x10d/0x5a0 [ 2531.487157] splice_direct_to_actor+0x78c/0x9d0 [ 2531.487173] ? __pfx_direct_splice_actor+0x10/0x10 [ 2531.487188] ? lock_acquire+0x62/0x2f0 [ 2531.487203] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2531.487219] ? lock_acquire+0x15e/0x2f0 [ 2531.487234] do_splice_direct+0x179/0x250 [ 2531.487248] ? __pfx_do_splice_direct+0x10/0x10 [ 2531.487263] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2531.487280] ? security_file_permission+0x22/0x90 [ 2531.487297] do_sendfile+0xa8e/0xdc0 [ 2531.487318] ? __pfx_do_sendfile+0x10/0x10 [ 2531.487334] ? __fget_files+0x20d/0x3b0 [ 2531.487358] __x64_sys_sendfile64+0x1d3/0x210 [ 2531.487371] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2531.487390] do_syscall_64+0xbf/0x360 [ 2531.487404] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2531.487417] RIP: 0033:0x7fe5d2196b19 [ 2531.487427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2531.487438] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2531.487450] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2531.487458] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2531.487464] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2531.487472] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2531.487479] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2531.487498] [ 2531.504670] FAULT_INJECTION: forcing a failure. [ 2531.504670] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2531.506498] CPU: 1 UID: 0 PID: 15500 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2531.506529] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2531.506541] Call Trace: [ 2531.506549] [ 2531.506559] dump_stack_lvl+0xfa/0x120 [ 2531.506587] should_fail_ex+0x4d7/0x5e0 [ 2531.506629] should_fail_alloc_page+0xe0/0x110 [ 2531.506669] prepare_alloc_pages+0x1af/0x500 [ 2531.506697] ? __pfx_perf_trace_lock+0x10/0x10 [ 2531.506729] alloc_pages_bulk_noprof+0x130/0xf20 [ 2531.506765] ? find_held_lock+0x2b/0x80 [ 2531.506816] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 2531.506846] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 2531.506894] ? __kasan_kmalloc+0x7f/0x90 [ 2531.506918] ? trace_kmalloc+0x1f/0xb0 [ 2531.506939] ? __kmalloc_noprof+0x215/0x4b0 [ 2531.506968] ? __pfx_perf_trace_lock+0x10/0x10 [ 2531.507003] copy_splice_read+0x192/0xb70 [ 2531.507033] ? __memcg_slab_post_alloc_hook+0x4a2/0x9d0 [ 2531.507066] ? lock_release+0xc8/0x290 [ 2531.507092] ? __pfx_copy_splice_read+0x10/0x10 [ 2531.507119] ? __memcg_slab_post_alloc_hook+0x4ac/0x9d0 [ 2531.507155] ? look_up_lock_class+0x56/0x150 [ 2531.507180] ? register_lock_class+0x41/0x560 [ 2531.507205] ? lockdep_init_map_type+0x4b/0x240 [ 2531.507233] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 2531.507268] ? __pfx_copy_splice_read+0x10/0x10 [ 2531.507298] do_splice_read+0x1f8/0x2a0 [ 2531.507329] splice_direct_to_actor+0x2a8/0x9d0 [ 2531.507360] ? __pfx_direct_splice_actor+0x10/0x10 [ 2531.507398] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2531.507430] ? lock_acquire+0x15e/0x2f0 [ 2531.507461] do_splice_direct+0x179/0x250 [ 2531.507488] ? __pfx_do_splice_direct+0x10/0x10 [ 2531.507517] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2531.507550] ? security_file_permission+0x22/0x90 [ 2531.507582] do_sendfile+0xa8e/0xdc0 [ 2531.507624] ? __pfx_do_sendfile+0x10/0x10 [ 2531.507656] ? __fget_files+0x20d/0x3b0 [ 2531.507701] __x64_sys_sendfile64+0x1d3/0x210 [ 2531.507726] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2531.507765] do_syscall_64+0xbf/0x360 [ 2531.507793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2531.507817] RIP: 0033:0x7f85c6477b19 [ 2531.507835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2531.507857] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2531.507880] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2531.507896] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2531.507910] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2531.507924] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2531.507939] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2531.507977] 09:28:24 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 8) 09:28:24 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) (fail_nth: 6) 09:28:24 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 8) [ 2531.635114] FAULT_INJECTION: forcing a failure. [ 2531.635114] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2531.636208] CPU: 0 UID: 0 PID: 15509 Comm: syz-executor.1 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2531.636225] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2531.636232] Call Trace: [ 2531.636237] [ 2531.636242] dump_stack_lvl+0xfa/0x120 [ 2531.636261] should_fail_ex+0x4d7/0x5e0 [ 2531.636286] _copy_to_user+0x32/0xd0 [ 2531.636303] simple_read_from_buffer+0xe0/0x180 [ 2531.636322] proc_fail_nth_read+0x189/0x270 [ 2531.636341] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2531.636359] ? security_file_permission+0x22/0x90 [ 2531.636374] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2531.636392] vfs_read+0x1eb/0xbe0 [ 2531.636413] ? __pfx_vfs_read+0x10/0x10 [ 2531.636431] ? lock_release+0xc8/0x290 [ 2531.636449] ? __fget_files+0x20d/0x3b0 [ 2531.636473] ksys_read+0x121/0x240 [ 2531.636489] ? __pfx_ksys_read+0x10/0x10 [ 2531.636507] ? __secure_computing+0x18d/0x290 [ 2531.636526] do_syscall_64+0xbf/0x360 [ 2531.636541] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2531.636554] RIP: 0033:0x7f6e9ba4d69c [ 2531.636564] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 2531.636575] RSP: 002b:00007f6e99010170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2531.636587] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6e9ba4d69c [ 2531.636595] RDX: 000000000000000f RSI: 00007f6e990101e0 RDI: 0000000000000004 [ 2531.636602] RBP: 00007f6e990101d0 R08: 0000000000000000 R09: 0000000000000000 [ 2531.636609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2531.636616] R13: 00007ffecb3d630f R14: 00007f6e99010300 R15: 0000000000022000 [ 2531.636635] 09:28:24 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 2) [ 2531.652177] loop0: detected capacity change from 0 to 256 09:28:24 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}, {0x0}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2531.687638] FAULT_INJECTION: forcing a failure. [ 2531.687638] name failslab, interval 1, probability 0, space 0, times 0 [ 2531.688688] CPU: 0 UID: 0 PID: 15512 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2531.688704] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2531.688711] Call Trace: [ 2531.688716] [ 2531.688721] dump_stack_lvl+0xfa/0x120 [ 2531.688741] should_fail_ex+0x4d7/0x5e0 [ 2531.688764] ? iter_file_splice_write+0x1cd/0x10c0 [ 2531.688779] should_failslab+0xc2/0x120 [ 2531.688799] __kmalloc_noprof+0xb4/0x4b0 [ 2531.688821] iter_file_splice_write+0x1cd/0x10c0 [ 2531.688839] ? kfree+0x281/0x470 [ 2531.688853] ? copy_splice_read+0x83d/0xb70 [ 2531.688871] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2531.688891] ? __lock_acquire+0xc65/0x1b70 [ 2531.688920] ? lock_is_held_type+0x9e/0x120 [ 2531.688933] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2531.688949] direct_splice_actor+0x192/0x7b0 [ 2531.688966] splice_direct_to_actor+0x347/0x9d0 [ 2531.688981] ? __pfx_direct_splice_actor+0x10/0x10 [ 2531.689000] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2531.689016] ? lock_acquire+0x15e/0x2f0 [ 2531.689032] do_splice_direct+0x179/0x250 [ 2531.689046] ? __pfx_do_splice_direct+0x10/0x10 [ 2531.689061] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2531.689078] ? security_file_permission+0x22/0x90 [ 2531.689096] do_sendfile+0xa8e/0xdc0 [ 2531.689118] ? __pfx_do_sendfile+0x10/0x10 [ 2531.689136] ? perf_trace_preemptirq_template+0x259/0x430 [ 2531.689161] __x64_sys_sendfile64+0x1d3/0x210 [ 2531.689174] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2531.689194] do_syscall_64+0xbf/0x360 [ 2531.689209] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2531.689222] RIP: 0033:0x7f85c6477b19 [ 2531.689232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2531.689243] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2531.689255] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2531.689263] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2531.689270] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2531.689278] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2531.689285] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2531.689305] 09:28:24 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) 09:28:24 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 6) [ 2531.725090] FAT-fs (loop0): bogus number of reserved sectors [ 2531.726074] FAT-fs (loop0): Can't find a valid FAT filesystem [ 2531.796009] FAULT_INJECTION: forcing a failure. [ 2531.796009] name failslab, interval 1, probability 0, space 0, times 0 [ 2531.796956] CPU: 0 UID: 0 PID: 15520 Comm: syz-executor.4 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2531.796973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2531.796980] Call Trace: [ 2531.796985] [ 2531.796991] dump_stack_lvl+0xfa/0x120 [ 2531.797011] should_fail_ex+0x4d7/0x5e0 [ 2531.797035] ? iter_file_splice_write+0x1cd/0x10c0 [ 2531.797050] should_failslab+0xc2/0x120 [ 2531.797070] __kmalloc_noprof+0xb4/0x4b0 [ 2531.797093] iter_file_splice_write+0x1cd/0x10c0 [ 2531.797110] ? kfree+0x281/0x470 [ 2531.797124] ? copy_splice_read+0x83d/0xb70 [ 2531.797142] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2531.797158] ? __lock_acquire+0xc65/0x1b70 [ 2531.797187] ? lock_is_held_type+0x9e/0x120 [ 2531.797200] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2531.797216] direct_splice_actor+0x192/0x7b0 [ 2531.797233] splice_direct_to_actor+0x347/0x9d0 [ 2531.797249] ? __pfx_direct_splice_actor+0x10/0x10 [ 2531.797268] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2531.797284] ? lock_acquire+0x15e/0x2f0 [ 2531.797300] do_splice_direct+0x179/0x250 [ 2531.797314] ? __pfx_do_splice_direct+0x10/0x10 [ 2531.797328] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2531.797346] ? security_file_permission+0x22/0x90 [ 2531.797363] do_sendfile+0xa8e/0xdc0 [ 2531.797385] ? __pfx_do_sendfile+0x10/0x10 [ 2531.797401] ? __fget_files+0x20d/0x3b0 [ 2531.797426] __x64_sys_sendfile64+0x1d3/0x210 [ 2531.797438] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2531.797458] do_syscall_64+0xbf/0x360 [ 2531.797474] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2531.797487] RIP: 0033:0x7f1a763a9b19 [ 2531.797497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2531.797508] RSP: 002b:00007f1a7391f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2531.797520] RAX: ffffffffffffffda RBX: 00007f1a764bcf60 RCX: 00007f1a763a9b19 [ 2531.797528] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2531.797536] RBP: 00007f1a7391f1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2531.797543] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2531.797550] R13: 00007ffd1680876f R14: 00007f1a7391f300 R15: 0000000000022000 [ 2531.797570] [ 2531.817441] syz-executor.6: attempt to access beyond end of device [ 2531.817441] loop6: rw=0, sector=0, nr_sectors = 1 limit=0 09:28:24 executing program 2: unlinkat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2531.827331] FAT-fs (loop6): unable to read boot sector 09:28:24 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2531.952518] loop0: detected capacity change from 0 to 256 [ 2531.957398] FAT-fs (loop0): bogus number of reserved sectors [ 2531.958362] FAT-fs (loop0): Can't find a valid FAT filesystem 09:28:33 executing program 2: unlinkat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:33 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 9) 09:28:33 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x4) 09:28:33 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}, {0x0}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:33 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 9) 09:28:33 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 3) 09:28:33 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:33 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 7) 09:28:33 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x8) [ 2540.861347] FAULT_INJECTION: forcing a failure. [ 2540.861347] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2540.862713] syz-executor.6: attempt to access beyond end of device [ 2540.862713] loop6: rw=0, sector=0, nr_sectors = 1 limit=0 [ 2540.863492] CPU: 1 UID: 0 PID: 15545 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2540.863526] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2540.863540] Call Trace: [ 2540.863549] [ 2540.863559] dump_stack_lvl+0xfa/0x120 [ 2540.863592] should_fail_ex+0x4d7/0x5e0 [ 2540.863638] should_fail_alloc_page+0xe0/0x110 [ 2540.863679] prepare_alloc_pages+0x1af/0x500 [ 2540.863705] ? __pfx_perf_trace_lock+0x10/0x10 [ 2540.863739] alloc_pages_bulk_noprof+0x130/0xf20 [ 2540.863774] ? find_held_lock+0x2b/0x80 [ 2540.863814] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 2540.863844] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 2540.863894] ? __kasan_kmalloc+0x7f/0x90 [ 2540.863918] ? trace_kmalloc+0x1f/0xb0 [ 2540.863940] ? __kmalloc_noprof+0x215/0x4b0 [ 2540.863969] ? __pfx_perf_trace_lock+0x10/0x10 [ 2540.864004] copy_splice_read+0x192/0xb70 [ 2540.864035] ? __memcg_slab_post_alloc_hook+0x4a2/0x9d0 [ 2540.864069] ? lock_release+0xc8/0x290 [ 2540.864096] ? __pfx_copy_splice_read+0x10/0x10 [ 2540.864123] ? __memcg_slab_post_alloc_hook+0x4ac/0x9d0 [ 2540.864159] ? look_up_lock_class+0x56/0x150 [ 2540.864184] ? register_lock_class+0x41/0x560 [ 2540.864209] ? lockdep_init_map_type+0x4b/0x240 [ 2540.864238] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 2540.864274] ? __pfx_copy_splice_read+0x10/0x10 [ 2540.864303] do_splice_read+0x1f8/0x2a0 [ 2540.864334] splice_direct_to_actor+0x2a8/0x9d0 [ 2540.864365] ? __pfx_direct_splice_actor+0x10/0x10 [ 2540.864402] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2540.864434] ? lock_acquire+0x15e/0x2f0 [ 2540.864466] do_splice_direct+0x179/0x250 [ 2540.864493] ? __pfx_do_splice_direct+0x10/0x10 [ 2540.864522] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2540.864555] ? security_file_permission+0x22/0x90 [ 2540.864589] do_sendfile+0xa8e/0xdc0 [ 2540.864630] ? __pfx_do_sendfile+0x10/0x10 [ 2540.864662] ? __fget_files+0x20d/0x3b0 [ 2540.864709] __x64_sys_sendfile64+0x1d3/0x210 [ 2540.864733] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2540.864771] do_syscall_64+0xbf/0x360 [ 2540.864801] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2540.864825] RIP: 0033:0x7f7b6ab9db19 [ 2540.864844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2540.864867] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2540.864890] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2540.864906] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2540.864920] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2540.864934] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2540.864948] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2540.864986] [ 2540.877642] FAULT_INJECTION: forcing a failure. [ 2540.877642] name failslab, interval 1, probability 0, space 0, times 0 [ 2540.879316] loop0: detected capacity change from 0 to 256 [ 2540.879623] CPU: 1 UID: 0 PID: 15547 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2540.879655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2540.879669] Call Trace: [ 2540.879678] [ 2540.879687] dump_stack_lvl+0xfa/0x120 [ 2540.879718] should_fail_ex+0x4d7/0x5e0 [ 2540.879762] ? alloc_pipe_info+0x1e8/0x5a0 [ 2540.879798] should_failslab+0xc2/0x120 [ 2540.879836] __kmalloc_noprof+0xb4/0x4b0 [ 2540.879885] alloc_pipe_info+0x1e8/0x5a0 [ 2540.879926] splice_direct_to_actor+0x78c/0x9d0 [ 2540.879958] ? __pfx_direct_splice_actor+0x10/0x10 [ 2540.879986] ? lock_acquire+0x62/0x2f0 [ 2540.880016] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2540.880048] ? lock_acquire+0x15e/0x2f0 [ 2540.880079] do_splice_direct+0x179/0x250 [ 2540.880107] ? __pfx_do_splice_direct+0x10/0x10 [ 2540.880136] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2540.880169] ? security_file_permission+0x22/0x90 [ 2540.880202] do_sendfile+0xa8e/0xdc0 [ 2540.880243] ? __pfx_do_sendfile+0x10/0x10 [ 2540.880276] ? __fget_files+0x20d/0x3b0 [ 2540.880322] __x64_sys_sendfile64+0x1d3/0x210 [ 2540.880346] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2540.880385] do_syscall_64+0xbf/0x360 [ 2540.880414] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2540.880438] RIP: 0033:0x7fe5d2196b19 [ 2540.880456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2540.880480] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2540.880503] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2540.880519] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2540.880533] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2540.880547] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2540.880561] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2540.880600] 09:28:33 executing program 2: unlinkat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2540.921971] FAT-fs (loop6): unable to read boot sector [ 2540.954402] FAT-fs (loop0): bogus number of reserved sectors [ 2540.955455] FAT-fs (loop0): Can't find a valid FAT filesystem 09:28:33 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 8) 09:28:33 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:33 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 4) 09:28:33 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x10) [ 2541.130338] loop6: detected capacity change from 0 to 256 [ 2541.133829] FAULT_INJECTION: forcing a failure. [ 2541.133829] name failslab, interval 1, probability 0, space 0, times 0 [ 2541.135824] CPU: 1 UID: 0 PID: 15559 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2541.135857] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2541.135871] Call Trace: [ 2541.135886] [ 2541.135896] dump_stack_lvl+0xfa/0x120 [ 2541.135929] should_fail_ex+0x4d7/0x5e0 [ 2541.135973] ? iter_file_splice_write+0x1cd/0x10c0 [ 2541.136002] should_failslab+0xc2/0x120 [ 2541.136041] __kmalloc_noprof+0xb4/0x4b0 [ 2541.136085] iter_file_splice_write+0x1cd/0x10c0 [ 2541.136121] ? kfree+0x281/0x470 [ 2541.136148] ? copy_splice_read+0x83d/0xb70 [ 2541.136184] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2541.136216] ? __lock_acquire+0xc65/0x1b70 [ 2541.136273] ? lock_is_held_type+0x9e/0x120 [ 2541.136296] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2541.136329] direct_splice_actor+0x192/0x7b0 [ 2541.136363] splice_direct_to_actor+0x347/0x9d0 [ 2541.136394] ? __pfx_direct_splice_actor+0x10/0x10 [ 2541.136431] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2541.136464] ? lock_acquire+0x15e/0x2f0 [ 2541.136495] do_splice_direct+0x179/0x250 [ 2541.136523] ? __pfx_do_splice_direct+0x10/0x10 [ 2541.136553] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2541.136586] ? security_file_permission+0x22/0x90 [ 2541.136620] do_sendfile+0xa8e/0xdc0 [ 2541.136663] ? __pfx_do_sendfile+0x10/0x10 [ 2541.136695] ? __fget_files+0x20d/0x3b0 [ 2541.136742] __x64_sys_sendfile64+0x1d3/0x210 [ 2541.136767] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2541.136806] do_syscall_64+0xbf/0x360 [ 2541.136835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2541.136860] RIP: 0033:0x7f7b6ab9db19 [ 2541.136878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2541.136901] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2541.136924] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2541.136940] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2541.136954] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2541.136969] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2541.136983] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2541.137022] [ 2541.137740] FAT-fs (loop6): bogus number of reserved sectors [ 2541.155721] FAT-fs (loop6): Can't find a valid FAT filesystem 09:28:44 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 5) 09:28:44 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:44 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x38) 09:28:44 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 10) 09:28:44 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 10) 09:28:44 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:44 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:44 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 9) [ 2551.778509] loop6: detected capacity change from 0 to 256 [ 2551.785851] FAT-fs (loop6): bogus number of reserved sectors [ 2551.786574] FAT-fs (loop6): Can't find a valid FAT filesystem [ 2551.801109] loop0: detected capacity change from 0 to 256 [ 2551.805729] FAULT_INJECTION: forcing a failure. [ 2551.805729] name failslab, interval 1, probability 0, space 0, times 0 [ 2551.807716] CPU: 1 UID: 0 PID: 15577 Comm: syz-executor.4 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2551.807752] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2551.807767] Call Trace: [ 2551.807776] [ 2551.807787] dump_stack_lvl+0xfa/0x120 [ 2551.807823] should_fail_ex+0x4d7/0x5e0 [ 2551.807873] ? jbd2__journal_start+0x193/0x6b0 [ 2551.807908] should_failslab+0xc2/0x120 [ 2551.807951] kmem_cache_alloc_noprof+0x5f/0x470 [ 2551.807989] ? lock_is_held_type+0x9e/0x120 [ 2551.808026] jbd2__journal_start+0x193/0x6b0 [ 2551.808062] __ext4_journal_start_sb+0x325/0x5d0 [ 2551.808102] ? ext4_dirty_inode+0xa5/0x130 [ 2551.808150] ext4_dirty_inode+0xa5/0x130 [ 2551.808192] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 2551.808231] __mark_inode_dirty+0x1b7/0xd00 [ 2551.808281] generic_update_time+0xcb/0xf0 [ 2551.808325] file_modified+0x1f0/0x230 [ 2551.808354] ext4_file_write_iter+0xca3/0x1990 [ 2551.808409] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2551.808442] ? __kasan_kmalloc+0x7f/0x90 [ 2551.808469] ? trace_kmalloc+0x1f/0xb0 [ 2551.808493] ? __kmalloc_noprof+0x215/0x4b0 [ 2551.808527] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2551.808571] iter_file_splice_write+0x927/0x10c0 [ 2551.808630] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2551.808705] ? lock_is_held_type+0x9e/0x120 [ 2551.808731] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2551.808768] direct_splice_actor+0x192/0x7b0 [ 2551.808806] splice_direct_to_actor+0x347/0x9d0 [ 2551.808841] ? __pfx_direct_splice_actor+0x10/0x10 [ 2551.808884] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2551.808921] ? lock_acquire+0x15e/0x2f0 [ 2551.808958] do_splice_direct+0x179/0x250 [ 2551.808989] ? __pfx_do_splice_direct+0x10/0x10 [ 2551.809022] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2551.809060] ? security_file_permission+0x22/0x90 [ 2551.809099] do_sendfile+0xa8e/0xdc0 [ 2551.809147] ? __pfx_do_sendfile+0x10/0x10 [ 2551.809184] ? __fget_files+0x20d/0x3b0 [ 2551.809237] __x64_sys_sendfile64+0x1d3/0x210 [ 2551.809266] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2551.809310] do_syscall_64+0xbf/0x360 [ 2551.809343] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2551.809371] RIP: 0033:0x7f1a763a9b19 [ 2551.809391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2551.809417] RSP: 002b:00007f1a7391f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2551.809442] RAX: ffffffffffffffda RBX: 00007f1a764bcf60 RCX: 00007f1a763a9b19 [ 2551.809460] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2551.809476] RBP: 00007f1a7391f1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2551.809492] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2551.809508] R13: 00007ffd1680876f R14: 00007f1a7391f300 R15: 0000000000022000 [ 2551.809554] [ 2551.809625] FAT-fs (loop0): bogus number of reserved sectors [ 2551.833985] FAT-fs (loop0): Can't find a valid FAT filesystem [ 2551.847525] FAULT_INJECTION: forcing a failure. [ 2551.847525] name failslab, interval 1, probability 0, space 0, times 0 [ 2551.848613] CPU: 0 UID: 0 PID: 15586 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2551.848630] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2551.848637] Call Trace: [ 2551.848641] [ 2551.848646] dump_stack_lvl+0xfa/0x120 [ 2551.848663] should_fail_ex+0x4d7/0x5e0 [ 2551.848686] ? jbd2__journal_start+0x193/0x6b0 [ 2551.848698] should_failslab+0xc2/0x120 [ 2551.848718] kmem_cache_alloc_noprof+0x5f/0x470 [ 2551.848734] ? lock_is_held_type+0x9e/0x120 [ 2551.848750] jbd2__journal_start+0x193/0x6b0 [ 2551.848767] __ext4_journal_start_sb+0x325/0x5d0 [ 2551.848784] ? ext4_dirty_inode+0xa5/0x130 [ 2551.848806] ext4_dirty_inode+0xa5/0x130 [ 2551.848825] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 2551.848842] __mark_inode_dirty+0x1b7/0xd00 [ 2551.848865] generic_update_time+0xcb/0xf0 [ 2551.848889] file_modified+0x1f0/0x230 [ 2551.848902] ext4_file_write_iter+0xca3/0x1990 [ 2551.848927] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2551.848942] ? __kasan_kmalloc+0x7f/0x90 [ 2551.848954] ? trace_kmalloc+0x1f/0xb0 [ 2551.848964] ? __kmalloc_noprof+0x215/0x4b0 [ 2551.848980] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2551.849000] iter_file_splice_write+0x927/0x10c0 [ 2551.849026] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2551.849059] ? lock_is_held_type+0x9e/0x120 [ 2551.849071] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2551.849087] direct_splice_actor+0x192/0x7b0 [ 2551.849104] splice_direct_to_actor+0x347/0x9d0 [ 2551.849120] ? __pfx_direct_splice_actor+0x10/0x10 [ 2551.849139] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2551.849155] ? lock_acquire+0x15e/0x2f0 [ 2551.849172] do_splice_direct+0x179/0x250 [ 2551.849186] ? __pfx_do_splice_direct+0x10/0x10 [ 2551.849200] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2551.849217] ? security_file_permission+0x22/0x90 [ 2551.849235] do_sendfile+0xa8e/0xdc0 [ 2551.849259] ? __pfx_do_sendfile+0x10/0x10 [ 2551.849277] ? perf_trace_preemptirq_template+0x259/0x430 [ 2551.849302] __x64_sys_sendfile64+0x1d3/0x210 [ 2551.849315] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2551.849334] do_syscall_64+0xbf/0x360 [ 2551.849349] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2551.849361] RIP: 0033:0x7f85c6477b19 [ 2551.849370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2551.849385] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2551.849397] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2551.849405] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2551.849412] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2551.849419] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2551.849426] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2551.849446] [ 2551.878404] loop2: detected capacity change from 0 to 288 [ 2551.888371] FAULT_INJECTION: forcing a failure. [ 2551.888371] name failslab, interval 1, probability 0, space 0, times 0 [ 2551.889924] CPU: 0 UID: 0 PID: 15585 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2551.889941] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2551.889947] Call Trace: [ 2551.889951] [ 2551.889956] dump_stack_lvl+0xfa/0x120 [ 2551.889971] should_fail_ex+0x4d7/0x5e0 [ 2551.889993] ? copy_splice_read+0x15b/0xb70 [ 2551.890005] should_failslab+0xc2/0x120 [ 2551.890023] __kmalloc_noprof+0xb4/0x4b0 [ 2551.890038] ? __pfx_perf_trace_lock+0x10/0x10 [ 2551.890058] copy_splice_read+0x15b/0xb70 [ 2551.890072] ? __memcg_slab_post_alloc_hook+0x4a2/0x9d0 [ 2551.890089] ? lock_release+0xc8/0x290 [ 2551.890103] ? __pfx_copy_splice_read+0x10/0x10 [ 2551.890117] ? __memcg_slab_post_alloc_hook+0x4ac/0x9d0 [ 2551.890135] ? look_up_lock_class+0x56/0x150 [ 2551.890147] ? register_lock_class+0x41/0x560 [ 2551.890159] ? lockdep_init_map_type+0x4b/0x240 [ 2551.890174] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 2551.890192] ? __pfx_copy_splice_read+0x10/0x10 [ 2551.890207] do_splice_read+0x1f8/0x2a0 [ 2551.890222] splice_direct_to_actor+0x2a8/0x9d0 [ 2551.890238] ? __pfx_direct_splice_actor+0x10/0x10 [ 2551.890256] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2551.890272] ? lock_acquire+0x15e/0x2f0 [ 2551.890288] do_splice_direct+0x179/0x250 [ 2551.890302] ? __pfx_do_splice_direct+0x10/0x10 [ 2551.890317] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2551.890334] ? security_file_permission+0x22/0x90 [ 2551.890350] do_sendfile+0xa8e/0xdc0 [ 2551.890371] ? __pfx_do_sendfile+0x10/0x10 [ 2551.890387] ? __fget_files+0x20d/0x3b0 [ 2551.890410] __x64_sys_sendfile64+0x1d3/0x210 [ 2551.890423] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2551.890442] do_syscall_64+0xbf/0x360 [ 2551.890456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2551.890468] RIP: 0033:0x7fe5d2196b19 [ 2551.890477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2551.890488] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2551.890500] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2551.890508] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2551.890515] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2551.890522] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2551.890530] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2551.890549] 09:28:44 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x321) 09:28:44 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:44 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:44 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 6) [ 2551.970563] loop6: detected capacity change from 0 to 256 [ 2551.978640] FAT-fs (loop6): bogus number of reserved sectors [ 2551.979248] FAT-fs (loop6): Can't find a valid FAT filesystem 09:28:44 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2552.069762] loop2: detected capacity change from 0 to 288 09:28:44 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xa9f) [ 2552.248185] loop0: detected capacity change from 0 to 256 [ 2552.277566] FAT-fs (loop0): bogus number of reserved sectors [ 2552.278489] FAT-fs (loop0): Can't find a valid FAT filesystem 09:28:57 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:57 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 11) 09:28:57 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 7) 09:28:57 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:57 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 10) 09:28:57 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x2000) 09:28:57 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 11) 09:28:57 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2565.569954] loop2: detected capacity change from 0 to 288 09:28:58 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2565.625426] loop6: detected capacity change from 0 to 256 [ 2565.637075] loop0: detected capacity change from 0 to 256 [ 2565.647972] FAULT_INJECTION: forcing a failure. [ 2565.647972] name failslab, interval 1, probability 0, space 0, times 0 [ 2565.649128] CPU: 1 UID: 0 PID: 15626 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2565.649147] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2565.649155] Call Trace: [ 2565.649160] [ 2565.649166] dump_stack_lvl+0xfa/0x120 [ 2565.649187] should_fail_ex+0x4d7/0x5e0 [ 2565.649214] ? jbd2__journal_start+0x193/0x6b0 [ 2565.649229] should_failslab+0xc2/0x120 [ 2565.649252] kmem_cache_alloc_noprof+0x5f/0x470 [ 2565.649272] ? lock_is_held_type+0x9e/0x120 [ 2565.649291] jbd2__journal_start+0x193/0x6b0 [ 2565.649310] __ext4_journal_start_sb+0x325/0x5d0 [ 2565.649331] ? ext4_dirty_inode+0xa5/0x130 [ 2565.649356] ext4_dirty_inode+0xa5/0x130 [ 2565.649378] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 2565.649398] __mark_inode_dirty+0x1b7/0xd00 [ 2565.649424] generic_update_time+0xcb/0xf0 [ 2565.649447] file_modified+0x1f0/0x230 [ 2565.649462] ext4_file_write_iter+0xca3/0x1990 [ 2565.649490] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2565.649508] ? __kasan_kmalloc+0x7f/0x90 [ 2565.649521] ? trace_kmalloc+0x1f/0xb0 [ 2565.649534] ? __kmalloc_noprof+0x215/0x4b0 [ 2565.649552] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2565.649574] iter_file_splice_write+0x927/0x10c0 [ 2565.649605] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2565.649643] ? lock_is_held_type+0x9e/0x120 [ 2565.649656] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2565.649675] direct_splice_actor+0x192/0x7b0 [ 2565.649695] splice_direct_to_actor+0x347/0x9d0 [ 2565.649713] ? __pfx_direct_splice_actor+0x10/0x10 [ 2565.649734] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2565.649753] ? lock_acquire+0x15e/0x2f0 [ 2565.649777] do_splice_direct+0x179/0x250 [ 2565.649794] ? __pfx_do_splice_direct+0x10/0x10 [ 2565.649811] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2565.649830] ? security_file_permission+0x22/0x90 [ 2565.649851] do_sendfile+0xa8e/0xdc0 [ 2565.649876] ? __pfx_do_sendfile+0x10/0x10 [ 2565.649895] ? __fget_files+0x20d/0x3b0 [ 2565.649922] __x64_sys_sendfile64+0x1d3/0x210 [ 2565.649937] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2565.649960] do_syscall_64+0xbf/0x360 [ 2565.649977] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2565.649992] RIP: 0033:0x7f7b6ab9db19 [ 2565.650003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2565.650016] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2565.650030] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2565.650039] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2565.650049] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2565.650058] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2565.650066] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2565.650089] [ 2565.674349] FAULT_INJECTION: forcing a failure. [ 2565.674349] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2565.675465] FAT-fs (loop6): bogus number of reserved sectors [ 2565.676169] CPU: 0 UID: 0 PID: 15624 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2565.676200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2565.676213] Call Trace: [ 2565.676221] [ 2565.676230] dump_stack_lvl+0xfa/0x120 [ 2565.676257] should_fail_ex+0x4d7/0x5e0 [ 2565.676300] should_fail_alloc_page+0xe0/0x110 [ 2565.676338] prepare_alloc_pages+0x1af/0x500 [ 2565.676364] ? __pfx_perf_trace_lock+0x10/0x10 [ 2565.676397] alloc_pages_bulk_noprof+0x130/0xf20 [ 2565.676432] ? find_held_lock+0x2b/0x80 [ 2565.676471] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 2565.676501] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 2565.676543] ? __kasan_kmalloc+0x7f/0x90 [ 2565.676566] ? trace_kmalloc+0x1f/0xb0 [ 2565.676586] ? __kmalloc_noprof+0x215/0x4b0 [ 2565.676615] ? __pfx_perf_trace_lock+0x10/0x10 [ 2565.676650] copy_splice_read+0x192/0xb70 [ 2565.676679] ? __memcg_slab_post_alloc_hook+0x4a2/0x9d0 [ 2565.676712] ? lock_release+0xc8/0x290 [ 2565.676738] ? __pfx_copy_splice_read+0x10/0x10 [ 2565.676764] ? __memcg_slab_post_alloc_hook+0x4ac/0x9d0 [ 2565.676800] ? look_up_lock_class+0x56/0x150 [ 2565.676824] ? register_lock_class+0x41/0x560 [ 2565.676848] ? lockdep_init_map_type+0x4b/0x240 [ 2565.676883] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 2565.676919] ? __pfx_copy_splice_read+0x10/0x10 [ 2565.676947] do_splice_read+0x1f8/0x2a0 [ 2565.676979] splice_direct_to_actor+0x2a8/0x9d0 [ 2565.677009] ? __pfx_direct_splice_actor+0x10/0x10 [ 2565.677047] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2565.677081] ? lock_acquire+0x15e/0x2f0 [ 2565.677111] do_splice_direct+0x179/0x250 [ 2565.677138] ? __pfx_do_splice_direct+0x10/0x10 [ 2565.677167] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2565.677199] ? security_file_permission+0x22/0x90 [ 2565.677232] do_sendfile+0xa8e/0xdc0 [ 2565.677272] ? __pfx_do_sendfile+0x10/0x10 [ 2565.677304] ? __fget_files+0x20d/0x3b0 [ 2565.677349] __x64_sys_sendfile64+0x1d3/0x210 [ 2565.677373] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2565.677411] do_syscall_64+0xbf/0x360 [ 2565.677438] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2565.677462] RIP: 0033:0x7fe5d2196b19 [ 2565.677479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2565.677501] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2565.677523] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2565.677539] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2565.677553] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2565.677567] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2565.677581] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2565.677619] [ 2565.679401] FAT-fs (loop0): bogus number of reserved sectors [ 2565.679658] FAT-fs (loop6): Can't find a valid FAT filesystem [ 2565.722859] FAT-fs (loop0): Can't find a valid FAT filesystem 09:28:58 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:58 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:58 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:58 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:28:58 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 8) 09:28:58 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x2103) [ 2565.902209] loop0: detected capacity change from 0 to 256 [ 2565.912210] FAT-fs (loop0): bogus number of reserved sectors [ 2565.912687] FAT-fs (loop0): Can't find a valid FAT filesystem [ 2565.920765] loop6: detected capacity change from 0 to 256 [ 2565.944137] FAT-fs (loop6): bogus number of reserved sectors [ 2565.944616] FAT-fs (loop6): Can't find a valid FAT filesystem [ 2565.951792] FAULT_INJECTION: forcing a failure. [ 2565.951792] name failslab, interval 1, probability 0, space 0, times 0 [ 2565.952871] CPU: 1 UID: 0 PID: 15640 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2565.952891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2565.952900] Call Trace: [ 2565.952905] [ 2565.952910] dump_stack_lvl+0xfa/0x120 [ 2565.952934] should_fail_ex+0x4d7/0x5e0 [ 2565.952958] ? iter_file_splice_write+0x1cd/0x10c0 [ 2565.952973] should_failslab+0xc2/0x120 [ 2565.952995] __kmalloc_noprof+0xb4/0x4b0 [ 2565.953021] iter_file_splice_write+0x1cd/0x10c0 [ 2565.953039] ? kfree+0x281/0x470 [ 2565.953053] ? copy_splice_read+0x83d/0xb70 [ 2565.953071] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2565.953087] ? __lock_acquire+0xc65/0x1b70 [ 2565.953116] ? lock_is_held_type+0x9e/0x120 [ 2565.953128] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2565.953145] direct_splice_actor+0x192/0x7b0 [ 2565.953162] splice_direct_to_actor+0x347/0x9d0 [ 2565.953177] ? __pfx_direct_splice_actor+0x10/0x10 [ 2565.953196] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2565.953213] ? lock_acquire+0x15e/0x2f0 [ 2565.953228] do_splice_direct+0x179/0x250 [ 2565.953242] ? __pfx_do_splice_direct+0x10/0x10 [ 2565.953257] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2565.953274] ? security_file_permission+0x22/0x90 [ 2565.953292] do_sendfile+0xa8e/0xdc0 [ 2565.953314] ? __pfx_do_sendfile+0x10/0x10 [ 2565.953331] ? __fget_files+0x20d/0x3b0 [ 2565.953355] __x64_sys_sendfile64+0x1d3/0x210 [ 2565.953368] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2565.953388] do_syscall_64+0xbf/0x360 [ 2565.953403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2565.953416] RIP: 0033:0x7fe5d2196b19 [ 2565.953425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2565.953437] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2565.953448] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2565.953456] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2565.953463] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2565.953470] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001 [ 2565.953478] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2565.953497] 09:29:09 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x3800) 09:29:09 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 11) 09:29:09 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:09 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:09 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:09 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 12) 09:29:09 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 9) 09:29:09 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 12) [ 2576.862094] FAULT_INJECTION: forcing a failure. [ 2576.862094] name failslab, interval 1, probability 0, space 0, times 0 [ 2576.863229] CPU: 1 UID: 0 PID: 15659 Comm: syz-executor.4 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2576.863246] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2576.863254] Call Trace: [ 2576.863265] [ 2576.863270] dump_stack_lvl+0xfa/0x120 [ 2576.863290] should_fail_ex+0x4d7/0x5e0 [ 2576.863315] ? jbd2__journal_start+0x193/0x6b0 [ 2576.863328] should_failslab+0xc2/0x120 [ 2576.863349] kmem_cache_alloc_noprof+0x5f/0x470 [ 2576.863366] ? lock_is_held_type+0x9e/0x120 [ 2576.863384] jbd2__journal_start+0x193/0x6b0 [ 2576.863400] __ext4_journal_start_sb+0x325/0x5d0 [ 2576.863419] ? ext4_file_write_iter+0xd74/0x1990 [ 2576.863439] ext4_file_write_iter+0xd74/0x1990 [ 2576.863465] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2576.863480] ? __kasan_kmalloc+0x7f/0x90 [ 2576.863492] ? trace_kmalloc+0x1f/0xb0 [ 2576.863503] ? __kmalloc_noprof+0x215/0x4b0 [ 2576.863519] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2576.863540] iter_file_splice_write+0x927/0x10c0 [ 2576.863567] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2576.863601] ? lock_is_held_type+0x9e/0x120 [ 2576.863612] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2576.863629] direct_splice_actor+0x192/0x7b0 [ 2576.863647] splice_direct_to_actor+0x347/0x9d0 [ 2576.863663] ? __pfx_direct_splice_actor+0x10/0x10 [ 2576.863682] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2576.863699] ? lock_acquire+0x15e/0x2f0 [ 2576.863717] do_splice_direct+0x179/0x250 [ 2576.863731] ? __pfx_do_splice_direct+0x10/0x10 [ 2576.863747] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2576.863764] ? security_file_permission+0x22/0x90 [ 2576.863782] do_sendfile+0xa8e/0xdc0 [ 2576.863805] ? __pfx_do_sendfile+0x10/0x10 [ 2576.863822] ? __fget_files+0x20d/0x3b0 [ 2576.863847] __x64_sys_sendfile64+0x1d3/0x210 [ 2576.863860] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2576.863884] do_syscall_64+0xbf/0x360 [ 2576.863900] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2576.863913] RIP: 0033:0x7f1a763a9b19 [ 2576.863925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2576.863937] RSP: 002b:00007f1a7391f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2576.863950] RAX: ffffffffffffffda RBX: 00007f1a764bcf60 RCX: 00007f1a763a9b19 [ 2576.863958] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2576.863965] RBP: 00007f1a7391f1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2576.863973] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2576.863980] R13: 00007ffd1680876f R14: 00007f1a7391f300 R15: 0000000000022000 [ 2576.864000] [ 2576.868748] loop6: detected capacity change from 0 to 256 [ 2576.870768] FAULT_INJECTION: forcing a failure. [ 2576.870768] name failslab, interval 1, probability 0, space 0, times 0 [ 2576.886837] CPU: 1 UID: 0 PID: 15660 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2576.886853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2576.886860] Call Trace: [ 2576.886865] [ 2576.886870] dump_stack_lvl+0xfa/0x120 [ 2576.886888] should_fail_ex+0x4d7/0x5e0 [ 2576.886910] ? jbd2__journal_start+0x193/0x6b0 [ 2576.886923] should_failslab+0xc2/0x120 [ 2576.886942] kmem_cache_alloc_noprof+0x5f/0x470 [ 2576.886958] ? lock_is_held_type+0x9e/0x120 [ 2576.886974] jbd2__journal_start+0x193/0x6b0 [ 2576.886991] __ext4_journal_start_sb+0x325/0x5d0 [ 2576.887009] ? ext4_file_write_iter+0xd74/0x1990 [ 2576.887028] ext4_file_write_iter+0xd74/0x1990 [ 2576.887054] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2576.887069] ? __kasan_kmalloc+0x7f/0x90 [ 2576.887081] ? trace_kmalloc+0x1f/0xb0 [ 2576.887092] ? __kmalloc_noprof+0x215/0x4b0 [ 2576.887108] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2576.887128] iter_file_splice_write+0x927/0x10c0 [ 2576.887155] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2576.887189] ? lock_is_held_type+0x9e/0x120 [ 2576.887201] ? __pfx_iter_file_splice_write+0x10/0x10 09:29:09 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 13) [ 2576.887217] direct_splice_actor+0x192/0x7b0 [ 2576.887235] splice_direct_to_actor+0x347/0x9d0 [ 2576.887251] ? __pfx_direct_splice_actor+0x10/0x10 [ 2576.887278] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2576.887295] ? lock_acquire+0x15e/0x2f0 [ 2576.887312] do_splice_direct+0x179/0x250 [ 2576.887326] ? __pfx_do_splice_direct+0x10/0x10 [ 2576.887341] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2576.887358] ? security_file_permission+0x22/0x90 [ 2576.887376] do_sendfile+0xa8e/0xdc0 [ 2576.887397] ? __pfx_do_sendfile+0x10/0x10 [ 2576.887414] ? __fget_files+0x20d/0x3b0 [ 2576.887438] __x64_sys_sendfile64+0x1d3/0x210 [ 2576.887451] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2576.887471] do_syscall_64+0xbf/0x360 [ 2576.887486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2576.887498] RIP: 0033:0x7f85c6477b19 [ 2576.887507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2576.887519] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2576.887531] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2576.887539] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2576.887546] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2576.887554] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2576.887561] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2576.887581] [ 2576.890377] loop0: detected capacity change from 0 to 256 [ 2576.929240] No source specified [ 2576.945684] FAT-fs (loop6): bogus number of reserved sectors [ 2576.946690] FAT-fs (loop6): Can't find a valid FAT filesystem [ 2576.951563] FAT-fs (loop0): bogus number of reserved sectors [ 2576.952653] FAT-fs (loop0): Can't find a valid FAT filesystem 09:29:09 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:09 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x9f0a) 09:29:09 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 12) 09:29:09 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 13) [ 2577.110640] No source specified 09:29:09 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:09 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:09 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 10) [ 2577.194291] FAULT_INJECTION: forcing a failure. [ 2577.194291] name failslab, interval 1, probability 0, space 0, times 0 [ 2577.196020] CPU: 0 UID: 0 PID: 15677 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2577.196051] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2577.196066] Call Trace: [ 2577.196078] [ 2577.196089] dump_stack_lvl+0xfa/0x120 [ 2577.196121] should_fail_ex+0x4d7/0x5e0 [ 2577.196165] ? jbd2__journal_start+0x193/0x6b0 [ 2577.196189] should_failslab+0xc2/0x120 [ 2577.196227] kmem_cache_alloc_noprof+0x5f/0x470 [ 2577.196258] ? lock_is_held_type+0x9e/0x120 [ 2577.196290] jbd2__journal_start+0x193/0x6b0 [ 2577.196322] __ext4_journal_start_sb+0x325/0x5d0 [ 2577.196357] ? ext4_file_write_iter+0xd74/0x1990 [ 2577.196394] ext4_file_write_iter+0xd74/0x1990 [ 2577.196442] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2577.196471] ? __kasan_kmalloc+0x7f/0x90 [ 2577.196494] ? trace_kmalloc+0x1f/0xb0 [ 2577.196514] ? __kmalloc_noprof+0x215/0x4b0 [ 2577.196544] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2577.196583] iter_file_splice_write+0x927/0x10c0 [ 2577.196634] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2577.196698] ? lock_is_held_type+0x9e/0x120 [ 2577.196720] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2577.196752] direct_splice_actor+0x192/0x7b0 [ 2577.196785] splice_direct_to_actor+0x347/0x9d0 [ 2577.196815] ? __pfx_direct_splice_actor+0x10/0x10 [ 2577.196852] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2577.196901] do_splice_direct+0x179/0x250 [ 2577.196928] ? __pfx_do_splice_direct+0x10/0x10 [ 2577.196957] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2577.196990] ? security_file_permission+0x22/0x90 [ 2577.197023] do_sendfile+0xa8e/0xdc0 [ 2577.197064] ? __pfx_do_sendfile+0x10/0x10 09:29:09 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2577.197101] ? perf_trace_preemptirq_template+0x259/0x430 [ 2577.197147] __x64_sys_sendfile64+0x1d3/0x210 [ 2577.197171] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2577.197209] do_syscall_64+0xbf/0x360 [ 2577.197238] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2577.197262] RIP: 0033:0x7f7b6ab9db19 [ 2577.197279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2577.197301] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2577.197324] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2577.197339] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2577.197353] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2577.197367] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2577.197381] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2577.197419] 09:29:09 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x80000) [ 2577.288541] loop0: detected capacity change from 0 to 256 [ 2577.298220] loop6: detected capacity change from 0 to 256 [ 2577.307331] FAT-fs (loop0): bogus number of reserved sectors [ 2577.308500] FAT-fs (loop0): Can't find a valid FAT filesystem [ 2577.320868] FAT-fs (loop6): bogus number of reserved sectors [ 2577.321977] FAT-fs (loop6): Can't find a valid FAT filesystem [ 2577.370345] FAULT_INJECTION: forcing a failure. [ 2577.370345] name failslab, interval 1, probability 0, space 0, times 0 [ 2577.372172] CPU: 0 UID: 0 PID: 15685 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2577.372202] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2577.372216] Call Trace: [ 2577.372223] [ 2577.372232] dump_stack_lvl+0xfa/0x120 [ 2577.372264] should_fail_ex+0x4d7/0x5e0 [ 2577.372305] ? jbd2__journal_start+0x193/0x6b0 [ 2577.372328] should_failslab+0xc2/0x120 [ 2577.372365] kmem_cache_alloc_noprof+0x5f/0x470 [ 2577.372396] ? lock_is_held_type+0x9e/0x120 [ 2577.372427] jbd2__journal_start+0x193/0x6b0 [ 2577.372457] __ext4_journal_start_sb+0x325/0x5d0 [ 2577.372490] ? ext4_dirty_inode+0xa5/0x130 [ 2577.372531] ext4_dirty_inode+0xa5/0x130 [ 2577.372566] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 2577.372598] __mark_inode_dirty+0x1b7/0xd00 [ 2577.372640] generic_update_time+0xcb/0xf0 [ 2577.372677] file_modified+0x1f0/0x230 [ 2577.372701] ext4_file_write_iter+0xca3/0x1990 09:29:09 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 13) [ 2577.372747] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2577.372775] ? __kasan_kmalloc+0x7f/0x90 [ 2577.372797] ? trace_kmalloc+0x1f/0xb0 [ 2577.372817] ? __kmalloc_noprof+0x215/0x4b0 [ 2577.372845] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2577.372889] iter_file_splice_write+0x927/0x10c0 [ 2577.372938] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2577.373000] ? lock_is_held_type+0x9e/0x120 [ 2577.373021] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2577.373051] direct_splice_actor+0x192/0x7b0 [ 2577.373083] splice_direct_to_actor+0x347/0x9d0 [ 2577.373112] ? __pfx_direct_splice_actor+0x10/0x10 [ 2577.373147] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2577.373177] ? lock_acquire+0x15e/0x2f0 [ 2577.373208] do_splice_direct+0x179/0x250 [ 2577.373234] ? __pfx_do_splice_direct+0x10/0x10 [ 2577.373262] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2577.373293] ? security_file_permission+0x22/0x90 [ 2577.373325] do_sendfile+0xa8e/0xdc0 [ 2577.373364] ? __pfx_do_sendfile+0x10/0x10 [ 2577.373395] ? __fget_files+0x20d/0x3b0 [ 2577.373439] __x64_sys_sendfile64+0x1d3/0x210 [ 2577.373462] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2577.373498] do_syscall_64+0xbf/0x360 [ 2577.373526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2577.373549] RIP: 0033:0x7fe5d2196b19 [ 2577.373566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2577.373587] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2577.373608] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2577.373623] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2577.373636] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2577.373649] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2577.373662] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2577.373699] [ 2577.441204] No source specified 09:29:09 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b3000808200004000080", 0x14}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:09 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:10 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x1000000) 09:29:10 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2577.613238] loop0: detected capacity change from 0 to 256 [ 2577.650580] FAT-fs (loop0): invalid media value (0x00) [ 2577.651741] FAT-fs (loop0): Can't find a valid FAT filesystem [ 2577.670834] FAULT_INJECTION: forcing a failure. [ 2577.670834] name failslab, interval 1, probability 0, space 0, times 0 [ 2577.672570] CPU: 0 UID: 0 PID: 15692 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2577.672601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2577.672615] Call Trace: [ 2577.672624] [ 2577.672633] dump_stack_lvl+0xfa/0x120 [ 2577.672664] should_fail_ex+0x4d7/0x5e0 [ 2577.672707] ? jbd2__journal_start+0x193/0x6b0 [ 2577.672730] should_failslab+0xc2/0x120 [ 2577.672766] kmem_cache_alloc_noprof+0x5f/0x470 [ 2577.672797] ? lock_is_held_type+0x9e/0x120 [ 2577.672827] jbd2__journal_start+0x193/0x6b0 [ 2577.672857] __ext4_journal_start_sb+0x325/0x5d0 [ 2577.672903] ? ext4_file_write_iter+0xd74/0x1990 [ 2577.672938] ext4_file_write_iter+0xd74/0x1990 [ 2577.672984] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2577.673012] ? __kasan_kmalloc+0x7f/0x90 [ 2577.673033] ? trace_kmalloc+0x1f/0xb0 [ 2577.673054] ? __kmalloc_noprof+0x215/0x4b0 [ 2577.673082] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2577.673119] iter_file_splice_write+0x927/0x10c0 [ 2577.673167] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2577.673229] ? lock_is_held_type+0x9e/0x120 [ 2577.673251] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2577.673281] direct_splice_actor+0x192/0x7b0 [ 2577.673312] splice_direct_to_actor+0x347/0x9d0 [ 2577.673341] ? __pfx_direct_splice_actor+0x10/0x10 [ 2577.673376] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2577.673407] ? lock_acquire+0x15e/0x2f0 [ 2577.673438] do_splice_direct+0x179/0x250 [ 2577.673464] ? __pfx_do_splice_direct+0x10/0x10 [ 2577.673491] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2577.673522] ? security_file_permission+0x22/0x90 [ 2577.673554] do_sendfile+0xa8e/0xdc0 [ 2577.673594] ? __pfx_do_sendfile+0x10/0x10 [ 2577.673628] ? perf_trace_preemptirq_template+0x259/0x430 [ 2577.673672] __x64_sys_sendfile64+0x1d3/0x210 [ 2577.673696] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2577.673732] do_syscall_64+0xbf/0x360 [ 2577.673760] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2577.673783] RIP: 0033:0x7f7b6ab9db19 [ 2577.673801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2577.673822] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2577.673844] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2577.673859] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2577.673872] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2577.673885] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2577.673898] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2577.673935] [ 2577.716189] loop6: detected capacity change from 0 to 256 [ 2577.739630] loop2: detected capacity change from 0 to 256 [ 2577.752502] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2577.765727] FAT-fs (loop6): bogus number of reserved sectors [ 2577.766804] FAT-fs (loop6): Can't find a valid FAT filesystem 09:29:21 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:21 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 14) 09:29:21 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:21 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 14) 09:29:22 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 14) 09:29:22 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b3000808200004000080", 0x14}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:22 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 11) 09:29:22 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x4000000) [ 2589.572489] FAULT_INJECTION: forcing a failure. [ 2589.572489] name failslab, interval 1, probability 0, space 0, times 0 [ 2589.573434] CPU: 0 UID: 0 PID: 15713 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2589.573451] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2589.573459] Call Trace: [ 2589.573464] [ 2589.573470] dump_stack_lvl+0xfa/0x120 [ 2589.573490] should_fail_ex+0x4d7/0x5e0 [ 2589.573516] should_failslab+0xc2/0x120 [ 2589.573537] __kmalloc_cache_noprof+0x73/0x470 [ 2589.573552] ? __ext4_journal_stop+0xe2/0x1f0 [ 2589.573571] ? ext4_file_write_iter+0xdbd/0x1990 [ 2589.573587] ? iter_file_splice_write+0x927/0x10c0 [ 2589.573602] ? direct_splice_actor+0x192/0x7b0 [ 2589.573614] ? splice_direct_to_actor+0x347/0x9d0 [ 2589.573627] ? __iomap_dio_rw+0x270/0x1cf0 [ 2589.573642] ? do_sendfile+0xa8e/0xdc0 [ 2589.573662] ? __iomap_dio_rw+0x270/0x1cf0 [ 2589.573678] __iomap_dio_rw+0x270/0x1cf0 [ 2589.573699] ? perf_trace_preemptirq_template+0x259/0x430 [ 2589.573721] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2589.573737] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2589.573754] ? lock_release+0xc8/0x290 [ 2589.573768] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2589.573788] ? mark_held_locks+0x49/0x80 [ 2589.573803] ? kasan_quarantine_put+0x84/0x1e0 [ 2589.573838] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2589.573853] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2589.573881] iomap_dio_rw+0x40/0xa0 [ 2589.573900] ext4_file_write_iter+0xe0b/0x1990 [ 2589.573925] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2589.573940] ? __kasan_kmalloc+0x7f/0x90 [ 2589.573952] ? trace_kmalloc+0x1f/0xb0 [ 2589.573963] ? __kmalloc_noprof+0x215/0x4b0 [ 2589.573979] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2589.573998] iter_file_splice_write+0x927/0x10c0 [ 2589.574024] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2589.574058] ? lock_is_held_type+0x9e/0x120 [ 2589.574070] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2589.574087] direct_splice_actor+0x192/0x7b0 [ 2589.574104] splice_direct_to_actor+0x347/0x9d0 [ 2589.574120] ? __pfx_direct_splice_actor+0x10/0x10 [ 2589.574139] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2589.574155] ? lock_acquire+0x15e/0x2f0 [ 2589.574171] do_splice_direct+0x179/0x250 [ 2589.574185] ? __pfx_do_splice_direct+0x10/0x10 [ 2589.574200] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2589.574217] ? security_file_permission+0x22/0x90 [ 2589.574235] do_sendfile+0xa8e/0xdc0 [ 2589.574255] ? __pfx_do_sendfile+0x10/0x10 [ 2589.574274] ? perf_trace_preemptirq_template+0x259/0x430 [ 2589.574297] __x64_sys_sendfile64+0x1d3/0x210 [ 2589.574310] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2589.574330] do_syscall_64+0xbf/0x360 [ 2589.574345] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2589.574358] RIP: 0033:0x7f7b6ab9db19 [ 2589.574368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2589.574379] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2589.574391] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2589.574399] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2589.574406] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2589.574413] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2589.574420] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2589.574440] [ 2589.606579] loop0: detected capacity change from 0 to 256 [ 2589.608808] FAULT_INJECTION: forcing a failure. [ 2589.608808] name failslab, interval 1, probability 0, space 0, times 0 [ 2589.609713] CPU: 0 UID: 0 PID: 15718 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2589.609729] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2589.609735] Call Trace: [ 2589.609739] [ 2589.609744] dump_stack_lvl+0xfa/0x120 [ 2589.609758] should_fail_ex+0x4d7/0x5e0 [ 2589.609780] should_failslab+0xc2/0x120 [ 2589.609798] __kmalloc_cache_noprof+0x73/0x470 [ 2589.609812] ? __ext4_journal_stop+0xe2/0x1f0 [ 2589.609828] ? ext4_file_write_iter+0xdbd/0x1990 [ 2589.609843] ? iter_file_splice_write+0x927/0x10c0 [ 2589.609856] ? direct_splice_actor+0x192/0x7b0 [ 2589.609869] ? splice_direct_to_actor+0x347/0x9d0 [ 2589.609885] ? __iomap_dio_rw+0x270/0x1cf0 [ 2589.609899] ? do_sendfile+0xa8e/0xdc0 [ 2589.609919] ? __iomap_dio_rw+0x270/0x1cf0 [ 2589.609934] __iomap_dio_rw+0x270/0x1cf0 [ 2589.609955] ? perf_trace_preemptirq_template+0x259/0x430 [ 2589.609976] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2589.609993] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2589.610011] ? lock_release+0xc8/0x290 [ 2589.610024] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2589.610044] ? mark_held_locks+0x49/0x80 [ 2589.610059] ? kasan_quarantine_put+0x84/0x1e0 [ 2589.610094] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2589.610108] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2589.610131] iomap_dio_rw+0x40/0xa0 [ 2589.610150] ext4_file_write_iter+0xe0b/0x1990 [ 2589.610174] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2589.610189] ? __kasan_kmalloc+0x7f/0x90 [ 2589.610201] ? trace_kmalloc+0x1f/0xb0 [ 2589.610211] ? __kmalloc_noprof+0x215/0x4b0 [ 2589.610227] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2589.610246] iter_file_splice_write+0x927/0x10c0 [ 2589.610272] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2589.610306] ? lock_is_held_type+0x9e/0x120 [ 2589.610317] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2589.610333] direct_splice_actor+0x192/0x7b0 [ 2589.610350] splice_direct_to_actor+0x347/0x9d0 [ 2589.610367] ? __pfx_direct_splice_actor+0x10/0x10 [ 2589.610386] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2589.610402] ? lock_acquire+0x15e/0x2f0 [ 2589.610418] do_splice_direct+0x179/0x250 [ 2589.610432] ? __pfx_do_splice_direct+0x10/0x10 [ 2589.610447] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2589.610464] ? security_file_permission+0x22/0x90 [ 2589.610480] do_sendfile+0xa8e/0xdc0 [ 2589.610501] ? __pfx_do_sendfile+0x10/0x10 [ 2589.610520] ? perf_trace_preemptirq_template+0x259/0x430 [ 2589.610543] __x64_sys_sendfile64+0x1d3/0x210 [ 2589.610555] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2589.610575] do_syscall_64+0xbf/0x360 [ 2589.610589] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2589.610601] RIP: 0033:0x7f85c6477b19 [ 2589.610610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2589.610621] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2589.610632] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2589.610640] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2589.610647] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2589.610655] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2589.610662] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2589.610682] [ 2589.616979] loop6: detected capacity change from 0 to 256 [ 2589.633347] FAT-fs (loop0): invalid media value (0x00) [ 2589.636808] FAT-fs (loop6): bogus number of reserved sectors [ 2589.636897] FAT-fs (loop0): Can't find a valid FAT filesystem [ 2589.644036] loop2: detected capacity change from 0 to 256 [ 2589.645082] FAT-fs (loop6): Can't find a valid FAT filesystem [ 2589.661016] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:29:22 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2589.686434] FAULT_INJECTION: forcing a failure. [ 2589.686434] name failslab, interval 1, probability 0, space 0, times 0 [ 2589.687521] CPU: 0 UID: 0 PID: 15724 Comm: syz-executor.4 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2589.687539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2589.687547] Call Trace: [ 2589.687552] [ 2589.687557] dump_stack_lvl+0xfa/0x120 [ 2589.687575] should_fail_ex+0x4d7/0x5e0 [ 2589.687601] should_failslab+0xc2/0x120 [ 2589.687620] __kmalloc_cache_noprof+0x73/0x470 [ 2589.687636] ? __ext4_journal_stop+0xe2/0x1f0 [ 2589.687653] ? ext4_file_write_iter+0xdbd/0x1990 [ 2589.687670] ? iter_file_splice_write+0x927/0x10c0 [ 2589.687685] ? direct_splice_actor+0x192/0x7b0 [ 2589.687698] ? splice_direct_to_actor+0x347/0x9d0 [ 2589.687711] ? __iomap_dio_rw+0x270/0x1cf0 [ 2589.687726] ? do_sendfile+0xa8e/0xdc0 [ 2589.687742] ? do_syscall_64+0xbf/0x360 [ 2589.687759] ? __iomap_dio_rw+0x270/0x1cf0 [ 2589.687775] __iomap_dio_rw+0x270/0x1cf0 [ 2589.687790] ? __pfx_perf_trace_lock+0x10/0x10 [ 2589.687809] ? lock_acquire+0x15e/0x2f0 [ 2589.687822] ? __virt_addr_valid+0x1c6/0x5d0 [ 2589.687843] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2589.687862] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2589.687884] ? lock_release+0xc8/0x290 [ 2589.687897] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2589.687918] ? mark_held_locks+0x49/0x80 [ 2589.687933] ? kasan_quarantine_put+0x84/0x1e0 [ 2589.687968] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2589.687983] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2589.688007] iomap_dio_rw+0x40/0xa0 [ 2589.688026] ext4_file_write_iter+0xe0b/0x1990 [ 2589.688051] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2589.688066] ? __kasan_kmalloc+0x7f/0x90 [ 2589.688078] ? trace_kmalloc+0x1f/0xb0 [ 2589.688089] ? __kmalloc_noprof+0x215/0x4b0 [ 2589.688105] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2589.688121] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2589.688142] iter_file_splice_write+0x927/0x10c0 [ 2589.688168] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2589.688202] ? lock_is_held_type+0x9e/0x120 [ 2589.688214] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2589.688231] direct_splice_actor+0x192/0x7b0 [ 2589.688248] splice_direct_to_actor+0x347/0x9d0 [ 2589.688265] ? __pfx_direct_splice_actor+0x10/0x10 [ 2589.688285] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2589.688304] ? lock_acquire+0x15e/0x2f0 [ 2589.688322] do_splice_direct+0x179/0x250 [ 2589.688336] ? __pfx_do_splice_direct+0x10/0x10 [ 2589.688351] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2589.688369] ? security_file_permission+0x22/0x90 [ 2589.688387] do_sendfile+0xa8e/0xdc0 [ 2589.688408] ? __pfx_do_sendfile+0x10/0x10 [ 2589.688425] ? __fget_files+0x20d/0x3b0 [ 2589.688450] __x64_sys_sendfile64+0x1d3/0x210 [ 2589.688464] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2589.688484] do_syscall_64+0xbf/0x360 [ 2589.688498] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2589.688511] RIP: 0033:0x7f1a763a9b19 [ 2589.688521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2589.688533] RSP: 002b:00007f1a7391f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2589.688545] RAX: ffffffffffffffda RBX: 00007f1a764bcf60 RCX: 00007f1a763a9b19 [ 2589.688553] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2589.688561] RBP: 00007f1a7391f1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2589.688568] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2589.688576] R13: 00007ffd1680876f R14: 00007f1a7391f300 R15: 0000000000022000 [ 2589.688596] 09:29:22 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 15) 09:29:22 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 15) [ 2589.896568] loop2: detected capacity change from 0 to 256 [ 2589.933597] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:29:33 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 16) 09:29:33 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {0x0, 0x0, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:33 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x10000000) 09:29:33 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 15) 09:29:33 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b3000808200004000080", 0x14}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:33 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 16) 09:29:33 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 12) 09:29:34 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b3000808200004000080", 0x14}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2601.611335] loop0: detected capacity change from 0 to 256 [ 2601.617195] loop6: detected capacity change from 0 to 256 [ 2601.619766] FAULT_INJECTION: forcing a failure. [ 2601.619766] name failslab, interval 1, probability 0, space 0, times 0 [ 2601.621789] CPU: 0 UID: 0 PID: 15748 Comm: syz-executor.4 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2601.621820] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2601.621835] Call Trace: [ 2601.621843] [ 2601.621852] dump_stack_lvl+0xfa/0x120 [ 2601.621893] should_fail_ex+0x4d7/0x5e0 [ 2601.621938] ? ext4_init_io_end+0x27/0x180 [ 2601.621962] should_failslab+0xc2/0x120 [ 2601.621998] kmem_cache_alloc_noprof+0x5f/0x470 [ 2601.622031] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 2601.622063] ext4_init_io_end+0x27/0x180 [ 2601.622087] ext4_do_writepages+0xaa4/0x3230 [ 2601.622155] ? __pfx_ext4_do_writepages+0x10/0x10 [ 2601.622202] ? lock_is_held_type+0x9e/0x120 [ 2601.622231] ext4_writepages+0x369/0x7a0 [ 2601.622265] ? __pfx_ext4_writepages+0x10/0x10 [ 2601.622297] ? __pfx_perf_trace_lock+0x10/0x10 [ 2601.622339] ? do_writepages+0x469/0x5c0 [ 2601.622365] ? lock_release+0xc8/0x290 [ 2601.622394] ? __pfx_ext4_writepages+0x10/0x10 [ 2601.622428] do_writepages+0x244/0x5c0 [ 2601.622460] filemap_fdatawrite_wbc+0x10b/0x150 [ 2601.622491] __filemap_fdatawrite_range+0xb9/0x100 [ 2601.622524] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 2601.622557] ? kasan_save_stack+0x34/0x50 [ 2601.622629] ? __create_object+0x59/0x80 [ 2601.622659] ? __kmalloc_cache_noprof+0x369/0x470 [ 2601.622685] ? __ext4_journal_stop+0xe2/0x1f0 [ 2601.622722] filemap_write_and_wait_range.part.0+0x89/0x110 [ 2601.622760] kiocb_invalidate_pages+0xe4/0x180 [ 2601.622795] __iomap_dio_rw+0xf9f/0x1cf0 [ 2601.622845] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2601.622878] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2601.622909] ? lock_release+0xc8/0x290 [ 2601.622933] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2601.622970] ? mark_held_locks+0x49/0x80 [ 2601.622998] ? kasan_quarantine_put+0x84/0x1e0 [ 2601.623064] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2601.623090] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2601.623134] iomap_dio_rw+0x40/0xa0 [ 2601.623169] ext4_file_write_iter+0xe0b/0x1990 [ 2601.623215] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2601.623242] ? __kasan_kmalloc+0x7f/0x90 [ 2601.623264] ? trace_kmalloc+0x1f/0xb0 [ 2601.623283] ? __kmalloc_noprof+0x215/0x4b0 [ 2601.623312] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2601.623349] iter_file_splice_write+0x927/0x10c0 [ 2601.623398] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2601.623460] ? lock_is_held_type+0x9e/0x120 [ 2601.623481] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2601.623523] direct_splice_actor+0x192/0x7b0 [ 2601.623555] splice_direct_to_actor+0x347/0x9d0 [ 2601.623584] ? __pfx_direct_splice_actor+0x10/0x10 [ 2601.623620] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2601.623650] ? lock_acquire+0x15e/0x2f0 [ 2601.623680] do_splice_direct+0x179/0x250 [ 2601.623706] ? __pfx_do_splice_direct+0x10/0x10 [ 2601.623733] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2601.623765] ? security_file_permission+0x22/0x90 [ 2601.623797] do_sendfile+0xa8e/0xdc0 [ 2601.623837] ? __pfx_do_sendfile+0x10/0x10 [ 2601.623868] ? __fget_files+0x20d/0x3b0 [ 2601.623912] __x64_sys_sendfile64+0x1d3/0x210 [ 2601.623937] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2601.623973] do_syscall_64+0xbf/0x360 [ 2601.624001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2601.624025] RIP: 0033:0x7f1a763a9b19 [ 2601.624043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2601.624065] RSP: 002b:00007f1a7391f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2601.624086] RAX: ffffffffffffffda RBX: 00007f1a764bcf60 RCX: 00007f1a763a9b19 [ 2601.624102] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2601.624115] RBP: 00007f1a7391f1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2601.624129] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2601.624143] R13: 00007ffd1680876f R14: 00007f1a7391f300 R15: 0000000000022000 [ 2601.624180] [ 2601.634393] FAT-fs (loop0): invalid media value (0x00) [ 2601.636837] FAULT_INJECTION: forcing a failure. [ 2601.636837] name failslab, interval 1, probability 0, space 0, times 0 [ 2601.637525] FAT-fs (loop0): Can't find a valid FAT filesystem [ 2601.643001] FAT-fs (loop6): invalid media value (0x00) [ 2601.643453] CPU: 0 UID: 0 PID: 15749 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2601.643484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2601.643496] Call Trace: [ 2601.643505] [ 2601.643524] dump_stack_lvl+0xfa/0x120 [ 2601.643554] should_fail_ex+0x4d7/0x5e0 [ 2601.643597] ? ext4_init_io_end+0x27/0x180 [ 2601.643620] should_failslab+0xc2/0x120 [ 2601.643656] kmem_cache_alloc_noprof+0x5f/0x470 [ 2601.643688] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 2601.643719] ext4_init_io_end+0x27/0x180 [ 2601.643744] ext4_do_writepages+0xaa4/0x3230 [ 2601.643811] ? __pfx_ext4_do_writepages+0x10/0x10 [ 2601.643858] ? lock_is_held_type+0x9e/0x120 [ 2601.643893] ext4_writepages+0x369/0x7a0 [ 2601.643928] ? __pfx_ext4_writepages+0x10/0x10 [ 2601.643958] ? __pfx_perf_trace_lock+0x10/0x10 [ 2601.644000] ? do_writepages+0x469/0x5c0 [ 2601.644023] ? lock_release+0xc8/0x290 [ 2601.644051] ? __pfx_ext4_writepages+0x10/0x10 [ 2601.644085] do_writepages+0x244/0x5c0 [ 2601.644119] filemap_fdatawrite_wbc+0x10b/0x150 [ 2601.644149] __filemap_fdatawrite_range+0xb9/0x100 [ 2601.644182] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 2601.644215] ? kasan_save_stack+0x34/0x50 [ 2601.644287] ? __create_object+0x59/0x80 [ 2601.644316] ? __kmalloc_cache_noprof+0x369/0x470 [ 2601.644342] ? __ext4_journal_stop+0xe2/0x1f0 [ 2601.644379] filemap_write_and_wait_range.part.0+0x89/0x110 [ 2601.644416] kiocb_invalidate_pages+0xe4/0x180 [ 2601.644450] __iomap_dio_rw+0xf9f/0x1cf0 [ 2601.644500] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2601.644533] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2601.644564] ? lock_release+0xc8/0x290 [ 2601.644588] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2601.644625] ? mark_held_locks+0x49/0x80 [ 2601.644653] ? kasan_quarantine_put+0x84/0x1e0 [ 2601.644719] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2601.644746] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2601.644790] iomap_dio_rw+0x40/0xa0 [ 2601.644825] ext4_file_write_iter+0xe0b/0x1990 [ 2601.644871] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2601.644899] ? __kasan_kmalloc+0x7f/0x90 [ 2601.644921] ? trace_kmalloc+0x1f/0xb0 [ 2601.644941] ? __kmalloc_noprof+0x215/0x4b0 [ 2601.644969] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2601.645007] iter_file_splice_write+0x927/0x10c0 [ 2601.645056] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2601.645118] ? lock_is_held_type+0x9e/0x120 [ 2601.645140] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2601.645170] direct_splice_actor+0x192/0x7b0 [ 2601.645203] splice_direct_to_actor+0x347/0x9d0 [ 2601.645232] ? __pfx_direct_splice_actor+0x10/0x10 [ 2601.645267] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2601.645298] ? lock_acquire+0x15e/0x2f0 [ 2601.645327] do_splice_direct+0x179/0x250 [ 2601.645353] ? __pfx_do_splice_direct+0x10/0x10 [ 2601.645381] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2601.645412] ? security_file_permission+0x22/0x90 [ 2601.645444] do_sendfile+0xa8e/0xdc0 [ 2601.645483] ? __pfx_do_sendfile+0x10/0x10 [ 2601.645518] ? perf_trace_preemptirq_template+0x259/0x430 [ 2601.645561] __x64_sys_sendfile64+0x1d3/0x210 [ 2601.645585] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2601.645622] do_syscall_64+0xbf/0x360 [ 2601.645650] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2601.645672] RIP: 0033:0x7f7b6ab9db19 [ 2601.645689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2601.645711] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2601.645732] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2601.645747] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 09:29:34 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x20000000) [ 2601.645760] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2601.645773] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2601.645786] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2601.645823] [ 2601.647832] FAULT_INJECTION: forcing a failure. [ 2601.647832] name failslab, interval 1, probability 0, space 0, times 0 [ 2601.648399] FAT-fs (loop6): Can't find a valid FAT filesystem [ 2601.740712] CPU: 0 UID: 0 PID: 15752 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2601.740746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2601.740760] Call Trace: [ 2601.740769] [ 2601.740778] dump_stack_lvl+0xfa/0x120 [ 2601.740810] should_fail_ex+0x4d7/0x5e0 [ 2601.740853] ? jbd2__journal_start+0x193/0x6b0 [ 2601.740883] should_failslab+0xc2/0x120 [ 2601.740921] kmem_cache_alloc_noprof+0x5f/0x470 [ 2601.740951] ? lock_is_held_type+0x9e/0x120 [ 2601.740982] jbd2__journal_start+0x193/0x6b0 [ 2601.741012] __ext4_journal_start_sb+0x325/0x5d0 [ 2601.741046] ? ext4_file_write_iter+0xd74/0x1990 [ 2601.741081] ext4_file_write_iter+0xd74/0x1990 [ 2601.741127] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2601.741155] ? __kasan_kmalloc+0x7f/0x90 [ 2601.741177] ? trace_kmalloc+0x1f/0xb0 [ 2601.741197] ? __kmalloc_noprof+0x215/0x4b0 [ 2601.741226] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2601.741263] iter_file_splice_write+0x927/0x10c0 [ 2601.741312] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2601.741374] ? lock_is_held_type+0x9e/0x120 [ 2601.741394] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2601.741425] direct_splice_actor+0x192/0x7b0 [ 2601.741456] splice_direct_to_actor+0x347/0x9d0 09:29:34 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300", 0x1e}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2601.741485] ? __pfx_direct_splice_actor+0x10/0x10 [ 2601.741520] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2601.741551] ? lock_acquire+0x15e/0x2f0 [ 2601.741581] do_splice_direct+0x179/0x250 [ 2601.741607] ? __pfx_do_splice_direct+0x10/0x10 [ 2601.741635] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2601.741666] ? security_file_permission+0x22/0x90 [ 2601.741698] do_sendfile+0xa8e/0xdc0 [ 2601.741738] ? __pfx_do_sendfile+0x10/0x10 [ 2601.741769] ? __fget_files+0x20d/0x3b0 [ 2601.741812] __x64_sys_sendfile64+0x1d3/0x210 [ 2601.741836] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2601.741873] do_syscall_64+0xbf/0x360 [ 2601.741901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2601.741923] RIP: 0033:0x7fe5d2196b19 [ 2601.741942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2601.741963] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2601.741985] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2601.742000] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2601.742013] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2601.742026] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2601.742040] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2601.742077] 09:29:34 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b3000808200004000080", 0x14}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2601.779331] loop2: detected capacity change from 0 to 288 [ 2601.785553] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:29:34 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {0x0, 0x0, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2601.918085] loop6: detected capacity change from 0 to 256 [ 2601.922652] FAT-fs (loop6): invalid media value (0x00) [ 2601.923639] FAT-fs (loop6): Can't find a valid FAT filesystem [ 2602.057538] loop0: detected capacity change from 0 to 256 [ 2602.076978] FAT-fs (loop0): bogus number of FAT sectors [ 2602.077859] FAT-fs (loop0): Can't find a valid FAT filesystem [ 2602.087734] loop2: detected capacity change from 0 to 288 [ 2602.101391] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:29:45 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 17) 09:29:45 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300", 0x1e}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:45 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b3000808200004000080", 0x14}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:45 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 17) 09:29:45 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 13) 09:29:45 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x21030000) 09:29:45 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 16) 09:29:45 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {0x0, 0x0, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:45 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x38000000) [ 2612.878807] loop0: detected capacity change from 0 to 256 [ 2612.882969] loop6: detected capacity change from 0 to 256 [ 2612.895141] FAT-fs (loop0): bogus number of FAT sectors [ 2612.895814] FAT-fs (loop0): Can't find a valid FAT filesystem [ 2612.898699] FAULT_INJECTION: forcing a failure. [ 2612.898699] name failslab, interval 1, probability 0, space 0, times 0 [ 2612.899863] CPU: 0 UID: 0 PID: 15784 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2612.899884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2612.899892] Call Trace: [ 2612.899897] [ 2612.899902] dump_stack_lvl+0xfa/0x120 [ 2612.899923] should_fail_ex+0x4d7/0x5e0 [ 2612.899949] ? ext4_init_io_end+0x27/0x180 [ 2612.899963] should_failslab+0xc2/0x120 [ 2612.899984] kmem_cache_alloc_noprof+0x5f/0x470 [ 2612.900002] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 2612.900020] ext4_init_io_end+0x27/0x180 [ 2612.900033] ext4_do_writepages+0xaa4/0x3230 [ 2612.900070] ? __pfx_ext4_do_writepages+0x10/0x10 [ 2612.900095] ? lock_is_held_type+0x9e/0x120 [ 2612.900111] ext4_writepages+0x369/0x7a0 [ 2612.900129] ? __pfx_ext4_writepages+0x10/0x10 [ 2612.900146] ? __pfx_perf_trace_lock+0x10/0x10 [ 2612.900169] ? do_writepages+0x469/0x5c0 [ 2612.900183] ? lock_release+0xc8/0x290 [ 2612.900199] ? __pfx_ext4_writepages+0x10/0x10 [ 2612.900217] do_writepages+0x244/0x5c0 [ 2612.900235] filemap_fdatawrite_wbc+0x10b/0x150 [ 2612.900252] __filemap_fdatawrite_range+0xb9/0x100 [ 2612.900270] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 2612.900288] ? kasan_save_stack+0x34/0x50 [ 2612.900327] ? __create_object+0x59/0x80 [ 2612.900344] ? __kmalloc_cache_noprof+0x369/0x470 [ 2612.900359] ? __ext4_journal_stop+0xe2/0x1f0 [ 2612.900379] filemap_write_and_wait_range.part.0+0x89/0x110 [ 2612.900400] kiocb_invalidate_pages+0xe4/0x180 [ 2612.900418] __iomap_dio_rw+0xf9f/0x1cf0 [ 2612.900445] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2612.900464] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2612.900481] ? lock_release+0xc8/0x290 [ 2612.900494] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2612.900514] ? mark_held_locks+0x49/0x80 [ 2612.900529] ? kasan_quarantine_put+0x84/0x1e0 [ 2612.900565] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2612.900579] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2612.900604] iomap_dio_rw+0x40/0xa0 [ 2612.900623] ext4_file_write_iter+0xe0b/0x1990 [ 2612.900649] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2612.900664] ? __kasan_kmalloc+0x7f/0x90 [ 2612.900675] ? trace_kmalloc+0x1f/0xb0 [ 2612.900686] ? __kmalloc_noprof+0x215/0x4b0 [ 2612.900701] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2612.900722] iter_file_splice_write+0x927/0x10c0 [ 2612.900748] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2612.900782] ? lock_is_held_type+0x9e/0x120 [ 2612.900793] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2612.900809] direct_splice_actor+0x192/0x7b0 [ 2612.900826] splice_direct_to_actor+0x347/0x9d0 [ 2612.900842] ? __pfx_direct_splice_actor+0x10/0x10 [ 2612.900861] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2612.900878] ? lock_acquire+0x15e/0x2f0 [ 2612.900893] do_splice_direct+0x179/0x250 [ 2612.900908] ? __pfx_do_splice_direct+0x10/0x10 [ 2612.900923] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2612.900939] ? security_file_permission+0x22/0x90 [ 2612.900957] do_sendfile+0xa8e/0xdc0 [ 2612.900979] ? __pfx_do_sendfile+0x10/0x10 [ 2612.900998] ? perf_trace_preemptirq_template+0x259/0x430 [ 2612.901021] __x64_sys_sendfile64+0x1d3/0x210 [ 2612.901034] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2612.901057] do_syscall_64+0xbf/0x360 [ 2612.901074] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2612.901087] RIP: 0033:0x7f85c6477b19 [ 2612.901097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2612.901109] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2612.901121] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2612.901129] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2612.901136] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2612.901143] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2612.901151] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2612.901171] [ 2612.931903] FAT-fs (loop6): invalid media value (0x00) [ 2612.932359] FAT-fs (loop6): Can't find a valid FAT filesystem [ 2612.941266] loop2: detected capacity change from 0 to 288 [ 2612.972806] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:29:45 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300", 0x1e}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:45 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300", 0x1e}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:45 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x9f0a0000) [ 2613.035671] loop6: detected capacity change from 0 to 256 [ 2613.065586] FAT-fs (loop6): bogus number of FAT sectors [ 2613.066059] FAT-fs (loop6): Can't find a valid FAT filesystem 09:29:45 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800), 0x0, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2613.090419] loop0: detected capacity change from 0 to 256 09:29:45 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 18) [ 2613.110360] FAT-fs (loop0): bogus number of FAT sectors [ 2613.110869] FAT-fs (loop0): Can't find a valid FAT filesystem 09:29:45 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 17) [ 2613.215152] loop2: detected capacity change from 0 to 288 09:29:45 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300", 0x1e}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2613.224129] FAULT_INJECTION: forcing a failure. [ 2613.224129] name failslab, interval 1, probability 0, space 0, times 0 [ 2613.225989] CPU: 1 UID: 0 PID: 15799 Comm: syz-executor.4 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2613.226021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2613.226034] Call Trace: [ 2613.226042] [ 2613.226050] dump_stack_lvl+0xfa/0x120 [ 2613.226083] should_fail_ex+0x4d7/0x5e0 [ 2613.226125] ? jbd2__journal_start+0x193/0x6b0 [ 2613.226149] should_failslab+0xc2/0x120 [ 2613.226186] kmem_cache_alloc_noprof+0x5f/0x470 [ 2613.226219] ? lock_is_held_type+0x9e/0x120 [ 2613.226250] jbd2__journal_start+0x193/0x6b0 [ 2613.226280] __ext4_journal_start_sb+0x325/0x5d0 [ 2613.226313] ? ext4_iomap_begin+0x5b8/0xe80 [ 2613.226350] ext4_iomap_begin+0x5b8/0xe80 [ 2613.226400] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2613.226444] ? __create_object+0x59/0x80 [ 2613.226471] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2613.226505] iomap_iter+0x54a/0xdb0 [ 2613.226543] __iomap_dio_rw+0x6ac/0x1cf0 [ 2613.226591] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2613.226625] ? lock_release+0xc8/0x290 [ 2613.226650] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2613.226696] ? kasan_quarantine_put+0x84/0x1e0 09:29:45 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xf4ffffff) 09:29:45 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 18) 09:29:45 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f800002000400003000000000000", 0x23}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2613.226761] ? __pfx_jbd2_journal_stop+0x10/0x10 09:29:45 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 14) [ 2613.226786] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2613.226829] iomap_dio_rw+0x40/0xa0 [ 2613.226863] ext4_file_write_iter+0xe0b/0x1990 [ 2613.226917] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2613.226944] ? __kasan_kmalloc+0x7f/0x90 [ 2613.226966] ? trace_kmalloc+0x1f/0xb0 [ 2613.226986] ? __kmalloc_noprof+0x215/0x4b0 [ 2613.227017] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2613.227055] iter_file_splice_write+0x927/0x10c0 [ 2613.227104] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2613.227165] ? lock_is_held_type+0x9e/0x120 [ 2613.227186] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2613.227216] direct_splice_actor+0x192/0x7b0 [ 2613.227248] splice_direct_to_actor+0x347/0x9d0 [ 2613.227278] ? __pfx_direct_splice_actor+0x10/0x10 [ 2613.227313] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2613.227343] ? lock_acquire+0x15e/0x2f0 [ 2613.227372] do_splice_direct+0x179/0x250 [ 2613.227399] ? __pfx_do_splice_direct+0x10/0x10 [ 2613.227426] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2613.227457] ? security_file_permission+0x22/0x90 [ 2613.227489] do_sendfile+0xa8e/0xdc0 [ 2613.227528] ? __pfx_do_sendfile+0x10/0x10 [ 2613.227559] ? __fget_files+0x20d/0x3b0 [ 2613.227602] __x64_sys_sendfile64+0x1d3/0x210 [ 2613.227626] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2613.227681] do_syscall_64+0xbf/0x360 [ 2613.227709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2613.227732] RIP: 0033:0x7f1a763a9b19 [ 2613.227749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2613.227770] RSP: 002b:00007f1a7391f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2613.227792] RAX: ffffffffffffffda RBX: 00007f1a764bcf60 RCX: 00007f1a763a9b19 [ 2613.227807] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2613.227820] RBP: 00007f1a7391f1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2613.227833] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2613.227847] R13: 00007ffd1680876f R14: 00007f1a7391f300 R15: 0000000000022000 [ 2613.227884] [ 2613.280128] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2613.318764] loop0: detected capacity change from 0 to 256 [ 2613.322717] FAULT_INJECTION: forcing a failure. [ 2613.322717] name failslab, interval 1, probability 0, space 0, times 0 [ 2613.323770] CPU: 0 UID: 0 PID: 15807 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2613.323786] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2613.323795] Call Trace: [ 2613.323800] [ 2613.323805] dump_stack_lvl+0xfa/0x120 [ 2613.323827] should_fail_ex+0x4d7/0x5e0 [ 2613.323855] ? jbd2__journal_start+0x193/0x6b0 [ 2613.323871] should_failslab+0xc2/0x120 [ 2613.323897] kmem_cache_alloc_noprof+0x5f/0x470 [ 2613.323915] ? lock_is_held_type+0x9e/0x120 [ 2613.323932] jbd2__journal_start+0x193/0x6b0 [ 2613.323949] __ext4_journal_start_sb+0x325/0x5d0 [ 2613.323968] ? ext4_iomap_begin+0x5b8/0xe80 [ 2613.323988] ext4_iomap_begin+0x5b8/0xe80 [ 2613.324015] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2613.324039] ? __create_object+0x59/0x80 [ 2613.324055] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2613.324073] iomap_iter+0x54a/0xdb0 [ 2613.324095] __iomap_dio_rw+0x6ac/0x1cf0 [ 2613.324121] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2613.324140] ? lock_release+0xc8/0x290 [ 2613.324156] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2613.324181] ? kasan_quarantine_put+0x84/0x1e0 [ 2613.324216] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2613.324230] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2613.324254] iomap_dio_rw+0x40/0xa0 [ 2613.324272] ext4_file_write_iter+0xe0b/0x1990 [ 2613.324297] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2613.324312] ? __kasan_kmalloc+0x7f/0x90 [ 2613.324325] ? trace_kmalloc+0x1f/0xb0 [ 2613.324336] ? __kmalloc_noprof+0x215/0x4b0 [ 2613.324351] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2613.324372] iter_file_splice_write+0x927/0x10c0 [ 2613.324398] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2613.324431] ? lock_is_held_type+0x9e/0x120 [ 2613.324442] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2613.324459] direct_splice_actor+0x192/0x7b0 [ 2613.324476] splice_direct_to_actor+0x347/0x9d0 [ 2613.324492] ? __pfx_direct_splice_actor+0x10/0x10 [ 2613.324511] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2613.324527] ? lock_acquire+0x15e/0x2f0 [ 2613.324543] do_splice_direct+0x179/0x250 [ 2613.324557] ? __pfx_do_splice_direct+0x10/0x10 [ 2613.324572] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2613.324589] ? security_file_permission+0x22/0x90 [ 2613.324607] do_sendfile+0xa8e/0xdc0 [ 2613.324629] ? __pfx_do_sendfile+0x10/0x10 [ 2613.324647] ? perf_trace_preemptirq_template+0x259/0x430 [ 2613.324671] __x64_sys_sendfile64+0x1d3/0x210 [ 2613.324684] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2613.324703] do_syscall_64+0xbf/0x360 [ 2613.324719] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2613.324732] RIP: 0033:0x7f7b6ab9db19 [ 2613.324742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2613.324753] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2613.324765] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2613.324773] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2613.324781] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2613.324788] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2613.324795] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2613.324815] [ 2613.329134] loop6: detected capacity change from 0 to 256 [ 2613.331735] FAT-fs (loop0): bogus number of FAT sectors [ 2613.351693] FAT-fs (loop0): Can't find a valid FAT filesystem [ 2613.366209] FAULT_INJECTION: forcing a failure. [ 2613.366209] name failslab, interval 1, probability 0, space 0, times 0 [ 2613.368003] CPU: 1 UID: 0 PID: 15810 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2613.368041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2613.368054] Call Trace: [ 2613.368062] [ 2613.368072] dump_stack_lvl+0xfa/0x120 [ 2613.368103] should_fail_ex+0x4d7/0x5e0 [ 2613.368146] should_failslab+0xc2/0x120 [ 2613.368190] __kmalloc_cache_noprof+0x73/0x470 [ 2613.368217] ? __ext4_journal_stop+0xe2/0x1f0 [ 2613.368249] ? ext4_file_write_iter+0xdbd/0x1990 [ 2613.368277] ? iter_file_splice_write+0x927/0x10c0 [ 2613.368303] ? direct_splice_actor+0x192/0x7b0 [ 2613.368327] ? splice_direct_to_actor+0x347/0x9d0 [ 2613.368350] ? __iomap_dio_rw+0x270/0x1cf0 [ 2613.368379] ? do_sendfile+0xa8e/0xdc0 [ 2613.368408] ? do_syscall_64+0xbf/0x360 [ 2613.368438] ? __iomap_dio_rw+0x270/0x1cf0 [ 2613.368466] __iomap_dio_rw+0x270/0x1cf0 [ 2613.368495] ? __pfx_perf_trace_lock+0x10/0x10 [ 2613.368528] ? lock_acquire+0x15e/0x2f0 [ 2613.368551] ? __virt_addr_valid+0x1c6/0x5d0 [ 2613.368589] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2613.368622] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2613.368653] ? lock_release+0xc8/0x290 [ 2613.368677] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2613.368714] ? mark_held_locks+0x49/0x80 [ 2613.368742] ? kasan_quarantine_put+0x84/0x1e0 [ 2613.368808] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2613.368834] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2613.368879] iomap_dio_rw+0x40/0xa0 [ 2613.368913] ext4_file_write_iter+0xe0b/0x1990 [ 2613.368959] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2613.368986] ? __kasan_kmalloc+0x7f/0x90 [ 2613.369008] ? trace_kmalloc+0x1f/0xb0 [ 2613.369028] ? __kmalloc_noprof+0x215/0x4b0 [ 2613.369056] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2613.369087] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2613.369123] iter_file_splice_write+0x927/0x10c0 [ 2613.369172] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2613.369233] ? lock_is_held_type+0x9e/0x120 [ 2613.369256] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2613.369286] direct_splice_actor+0x192/0x7b0 [ 2613.369318] splice_direct_to_actor+0x347/0x9d0 [ 2613.369347] ? __pfx_direct_splice_actor+0x10/0x10 [ 2613.369382] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2613.369412] ? lock_acquire+0x15e/0x2f0 [ 2613.369442] do_splice_direct+0x179/0x250 [ 2613.369468] ? __pfx_do_splice_direct+0x10/0x10 [ 2613.369495] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2613.369527] ? security_file_permission+0x22/0x90 [ 2613.369559] do_sendfile+0xa8e/0xdc0 [ 2613.369598] ? __pfx_do_sendfile+0x10/0x10 [ 2613.369628] ? __fget_files+0x20d/0x3b0 [ 2613.369673] __x64_sys_sendfile64+0x1d3/0x210 [ 2613.369697] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2613.369733] do_syscall_64+0xbf/0x360 [ 2613.369759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2613.369782] RIP: 0033:0x7fe5d2196b19 [ 2613.369800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2613.369822] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2613.369844] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2613.369858] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2613.369872] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2613.369885] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2613.369899] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2613.369936] [ 2613.455928] FAT-fs (loop6): bogus number of FAT sectors [ 2613.456743] FAT-fs (loop6): Can't find a valid FAT filesystem 09:29:45 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800), 0x0, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:45 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 19) 09:29:45 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 19) 09:29:45 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xf5ffffff) 09:29:45 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 15) 09:29:46 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f800002000400003000000000000", 0x23}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:46 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300", 0x1e}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2613.624706] loop2: detected capacity change from 0 to 288 [ 2613.645465] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2613.646786] loop0: detected capacity change from 0 to 256 [ 2613.666260] FAT-fs (loop0): bogus number of FAT sectors [ 2613.666721] FAT-fs (loop0): Can't find a valid FAT filesystem [ 2613.674212] loop6: detected capacity change from 0 to 256 [ 2613.698714] FAT-fs (loop6): bogus number of FAT sectors [ 2613.699606] FAT-fs (loop6): Can't find a valid FAT filesystem 09:29:46 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xfbffffff) 09:29:56 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 20) 09:29:56 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 18) 09:29:56 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xfeffffff) 09:29:56 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 16) 09:29:56 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f800002000400003000000000000", 0x23}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:56 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 20) 09:29:56 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f800002000400003000000000000", 0x23}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:29:56 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800), 0x0, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2623.907377] loop0: detected capacity change from 0 to 256 [ 2623.919156] FAT-fs (loop0): bogus number of FAT sectors [ 2623.919585] FAT-fs (loop0): Can't find a valid FAT filesystem [ 2623.928781] FAULT_INJECTION: forcing a failure. [ 2623.928781] name failslab, interval 1, probability 0, space 0, times 0 [ 2623.929732] CPU: 0 UID: 0 PID: 15843 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2623.929749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2623.929757] Call Trace: [ 2623.929763] [ 2623.929768] dump_stack_lvl+0xfa/0x120 [ 2623.929788] should_fail_ex+0x4d7/0x5e0 [ 2623.929817] ? jbd2__journal_start+0x193/0x6b0 [ 2623.929831] should_failslab+0xc2/0x120 [ 2623.929851] kmem_cache_alloc_noprof+0x5f/0x470 [ 2623.929869] ? lock_is_held_type+0x9e/0x120 [ 2623.929886] jbd2__journal_start+0x193/0x6b0 [ 2623.929903] __ext4_journal_start_sb+0x325/0x5d0 [ 2623.929922] ? ext4_iomap_begin+0x5b8/0xe80 [ 2623.929943] ext4_iomap_begin+0x5b8/0xe80 [ 2623.929970] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2623.929994] ? __create_object+0x59/0x80 [ 2623.930011] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2623.930029] iomap_iter+0x54a/0xdb0 [ 2623.930051] __iomap_dio_rw+0x6ac/0x1cf0 [ 2623.930077] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2623.930096] ? lock_release+0xc8/0x290 [ 2623.930110] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2623.930135] ? kasan_quarantine_put+0x84/0x1e0 [ 2623.930170] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2623.930184] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2623.930212] iomap_dio_rw+0x40/0xa0 [ 2623.930231] ext4_file_write_iter+0xe0b/0x1990 [ 2623.930256] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2623.930271] ? __kasan_kmalloc+0x7f/0x90 [ 2623.930283] ? trace_kmalloc+0x1f/0xb0 [ 2623.930295] ? __kmalloc_noprof+0x215/0x4b0 [ 2623.930310] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2623.930330] iter_file_splice_write+0x927/0x10c0 [ 2623.930357] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2623.930390] ? lock_is_held_type+0x9e/0x120 [ 2623.930401] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2623.930418] direct_splice_actor+0x192/0x7b0 [ 2623.930436] splice_direct_to_actor+0x347/0x9d0 [ 2623.930452] ? __pfx_direct_splice_actor+0x10/0x10 [ 2623.930471] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2623.930487] ? lock_acquire+0x15e/0x2f0 [ 2623.930503] do_splice_direct+0x179/0x250 [ 2623.930517] ? __pfx_do_splice_direct+0x10/0x10 [ 2623.930532] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2623.930549] ? security_file_permission+0x22/0x90 [ 2623.930566] do_sendfile+0xa8e/0xdc0 [ 2623.930598] ? __pfx_do_sendfile+0x10/0x10 [ 2623.930619] ? perf_trace_preemptirq_template+0x259/0x430 [ 2623.930642] __x64_sys_sendfile64+0x1d3/0x210 [ 2623.930655] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2623.930674] do_syscall_64+0xbf/0x360 [ 2623.930690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2623.930703] RIP: 0033:0x7f85c6477b19 [ 2623.930712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2623.930724] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2623.930736] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2623.930744] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2623.930751] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2623.930759] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2623.930766] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2623.930785] [ 2623.933685] loop6: detected capacity change from 0 to 256 [ 2623.945072] FAULT_INJECTION: forcing a failure. [ 2623.945072] name failslab, interval 1, probability 0, space 0, times 0 [ 2623.946247] loop2: detected capacity change from 0 to 288 [ 2623.948390] FAULT_INJECTION: forcing a failure. [ 2623.948390] name failslab, interval 1, probability 0, space 0, times 0 [ 2623.948555] CPU: 0 UID: 0 PID: 15851 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2623.948572] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2623.948580] Call Trace: [ 2623.948584] [ 2623.948589] dump_stack_lvl+0xfa/0x120 [ 2623.948604] should_fail_ex+0x4d7/0x5e0 [ 2623.948625] ? ext4_find_extent+0x7f5/0xa00 [ 2623.948636] should_failslab+0xc2/0x120 [ 2623.948655] __kmalloc_noprof+0xb4/0x4b0 [ 2623.948677] ext4_find_extent+0x7f5/0xa00 [ 2623.948694] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2623.948718] ? unwind_next_frame+0x3bc/0x2540 [ 2623.948740] ? do_syscall_64+0xbf/0x360 [ 2623.948754] ? perf_trace_lock_acquire+0xc9/0x700 [ 2623.948770] ? perf_trace_lock_acquire+0xc9/0x700 [ 2623.948787] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2623.948809] ? lock_acquire+0x15e/0x2f0 [ 2623.948821] ? ext4_map_blocks+0x569/0x15a0 [ 2623.948845] ? down_write+0x119/0x1f0 [ 2623.948860] ? __pfx_down_write+0x10/0x10 [ 2623.948877] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2623.948898] ext4_map_blocks+0x630/0x15a0 [ 2623.948920] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2623.948934] ? lock_is_held_type+0x9e/0x120 [ 2623.948950] ? jbd2__journal_start+0xf6/0x6b0 [ 2623.948967] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2623.948984] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2623.949000] ? ext4_iomap_begin+0x5b8/0xe80 [ 2623.949021] ext4_iomap_begin+0xa62/0xe80 [ 2623.949048] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2623.949072] ? __create_object+0x59/0x80 [ 2623.949086] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2623.949105] iomap_iter+0x54a/0xdb0 [ 2623.949126] __iomap_dio_rw+0x6ac/0x1cf0 [ 2623.949152] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2623.949170] ? lock_release+0xc8/0x290 [ 2623.949183] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2623.949208] ? kasan_quarantine_put+0x84/0x1e0 [ 2623.949243] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2623.949257] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2623.949280] iomap_dio_rw+0x40/0xa0 [ 2623.949299] ext4_file_write_iter+0xe0b/0x1990 [ 2623.949324] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2623.949339] ? __kasan_kmalloc+0x7f/0x90 [ 2623.949351] ? trace_kmalloc+0x1f/0xb0 [ 2623.949362] ? __kmalloc_noprof+0x215/0x4b0 [ 2623.949377] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2623.949397] iter_file_splice_write+0x927/0x10c0 [ 2623.949423] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2623.949457] ? lock_is_held_type+0x9e/0x120 09:29:56 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f800002000400003000000000000000100", 0x26}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2623.949468] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2623.949485] direct_splice_actor+0x192/0x7b0 [ 2623.949502] splice_direct_to_actor+0x347/0x9d0 [ 2623.949517] ? __pfx_direct_splice_actor+0x10/0x10 [ 2623.949537] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2623.949553] ? lock_acquire+0x15e/0x2f0 [ 2623.949569] do_splice_direct+0x179/0x250 [ 2623.949583] ? __pfx_do_splice_direct+0x10/0x10 [ 2623.949598] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2623.949615] ? security_file_permission+0x22/0x90 [ 2623.949632] do_sendfile+0xa8e/0xdc0 [ 2623.949653] ? __pfx_do_sendfile+0x10/0x10 [ 2623.949672] ? perf_trace_preemptirq_template+0x259/0x430 [ 2623.949696] __x64_sys_sendfile64+0x1d3/0x210 [ 2623.949709] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2623.949729] do_syscall_64+0xbf/0x360 [ 2623.949744] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2623.949756] RIP: 0033:0x7f7b6ab9db19 [ 2623.949764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2623.949776] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2623.949787] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2623.949795] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2623.949802] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2623.949810] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2623.949817] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2623.949837] [ 2624.010675] CPU: 1 UID: 0 PID: 15848 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2624.010699] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2624.010710] Call Trace: [ 2624.010718] [ 2624.010725] dump_stack_lvl+0xfa/0x120 09:29:56 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 19) [ 2624.010752] should_fail_ex+0x4d7/0x5e0 [ 2624.010786] ? ext4_init_io_end+0x27/0x180 [ 2624.010805] should_failslab+0xc2/0x120 [ 2624.010834] kmem_cache_alloc_noprof+0x5f/0x470 [ 2624.010859] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 2624.010890] ext4_init_io_end+0x27/0x180 [ 2624.010909] ext4_do_writepages+0xaa4/0x3230 [ 2624.010961] ? __pfx_ext4_do_writepages+0x10/0x10 [ 2624.010997] ? lock_is_held_type+0x9e/0x120 [ 2624.011020] ext4_writepages+0x369/0x7a0 [ 2624.011047] ? __pfx_ext4_writepages+0x10/0x10 [ 2624.011070] ? __pfx_perf_trace_lock+0x10/0x10 [ 2624.011103] ? do_writepages+0x469/0x5c0 [ 2624.011123] ? lock_release+0xc8/0x290 [ 2624.011144] ? __pfx_ext4_writepages+0x10/0x10 [ 2624.011170] do_writepages+0x244/0x5c0 [ 2624.011196] filemap_fdatawrite_wbc+0x10b/0x150 [ 2624.011220] __filemap_fdatawrite_range+0xb9/0x100 [ 2624.011246] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 2624.011271] ? kasan_save_stack+0x34/0x50 [ 2624.011327] ? __create_object+0x59/0x80 09:29:56 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 21) [ 2624.011349] ? __kmalloc_cache_noprof+0x369/0x470 [ 2624.011369] ? __ext4_journal_stop+0xe2/0x1f0 [ 2624.011397] filemap_write_and_wait_range.part.0+0x89/0x110 [ 2624.011426] kiocb_invalidate_pages+0xe4/0x180 [ 2624.011453] __iomap_dio_rw+0xf9f/0x1cf0 [ 2624.011492] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2624.011518] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2624.011542] ? lock_release+0xc8/0x290 [ 2624.011560] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2624.011588] ? mark_held_locks+0x49/0x80 [ 2624.011610] ? kasan_quarantine_put+0x84/0x1e0 [ 2624.011661] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2624.011682] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2624.011715] iomap_dio_rw+0x40/0xa0 [ 2624.011752] ext4_file_write_iter+0xe0b/0x1990 [ 2624.011788] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2624.011809] ? __kasan_kmalloc+0x7f/0x90 [ 2624.011826] ? trace_kmalloc+0x1f/0xb0 [ 2624.011841] ? __kmalloc_noprof+0x215/0x4b0 [ 2624.011863] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2624.011892] iter_file_splice_write+0x927/0x10c0 [ 2624.011930] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2624.011977] ? lock_is_held_type+0x9e/0x120 [ 2624.011993] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2624.012016] direct_splice_actor+0x192/0x7b0 [ 2624.012041] splice_direct_to_actor+0x347/0x9d0 [ 2624.012063] ? __pfx_direct_splice_actor+0x10/0x10 [ 2624.012090] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2624.012113] ? lock_acquire+0x15e/0x2f0 [ 2624.012136] do_splice_direct+0x179/0x250 [ 2624.012156] ? __pfx_do_splice_direct+0x10/0x10 [ 2624.012177] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2624.012201] ? security_file_permission+0x22/0x90 [ 2624.012226] do_sendfile+0xa8e/0xdc0 [ 2624.012257] ? __pfx_do_sendfile+0x10/0x10 [ 2624.012280] ? __fget_files+0x20d/0x3b0 [ 2624.012314] __x64_sys_sendfile64+0x1d3/0x210 [ 2624.012332] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2624.012360] do_syscall_64+0xbf/0x360 [ 2624.012382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2624.012400] RIP: 0033:0x7fe5d2196b19 [ 2624.012414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2624.012431] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2624.012448] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2624.012459] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2624.012469] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2624.012480] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2624.012490] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2624.012518] [ 2624.044811] loop0: detected capacity change from 0 to 256 [ 2624.053763] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2624.065100] FAT-fs (loop6): bogus number of FAT sectors [ 2624.065697] FAT-fs (loop6): Can't find a valid FAT filesystem 09:29:56 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) [ 2624.112705] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2624.154624] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2639.416618] loop2: detected capacity change from 0 to 288 [ 2639.419847] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:30:11 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xffffff7f) 09:30:11 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x2) 09:30:11 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 20) 09:30:11 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000", 0x24}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:11 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c", 0x26, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:11 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f800002000400003000000000000", 0x23}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:11 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 22) 09:30:11 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 17) 09:30:11 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c", 0x26, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2639.462005] FAULT_INJECTION: forcing a failure. [ 2639.462005] name failslab, interval 1, probability 0, space 0, times 0 [ 2639.462943] CPU: 1 UID: 0 PID: 15874 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2639.462959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2639.462967] Call Trace: [ 2639.462972] [ 2639.462977] dump_stack_lvl+0xfa/0x120 [ 2639.463000] should_fail_ex+0x4d7/0x5e0 [ 2639.463024] ? ext4_mb_new_blocks+0x64e/0x4570 [ 2639.463041] should_failslab+0xc2/0x120 [ 2639.463061] kmem_cache_alloc_noprof+0x5f/0x470 [ 2639.463079] ? _raw_spin_unlock+0x1e/0x40 [ 2639.463096] ? __mark_inode_dirty+0x646/0xd00 [ 2639.463119] ext4_mb_new_blocks+0x64e/0x4570 [ 2639.463144] ? kasan_save_track+0x14/0x30 [ 2639.463155] ? __kasan_kmalloc+0x7f/0x90 [ 2639.463167] ? trace_kmalloc+0x1f/0xb0 [ 2639.463178] ? __kmalloc_noprof+0x215/0x4b0 [ 2639.463194] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 2639.463212] ? ext4_ext_search_right+0x2e8/0xbd0 [ 2639.463230] ? ext4_inode_to_goal_block+0x323/0x430 [ 2639.463253] ext4_ext_map_blocks+0x1c55/0x5f30 [ 2639.463276] ? unwind_next_frame+0x3bc/0x2540 [ 2639.463293] ? do_syscall_64+0xbf/0x360 [ 2639.463307] ? perf_trace_lock_acquire+0xc9/0x700 [ 2639.463322] ? perf_trace_lock_acquire+0xc9/0x700 [ 2639.463339] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2639.463361] ? lock_acquire+0x15e/0x2f0 [ 2639.463374] ? ext4_map_blocks+0x569/0x15a0 [ 2639.463399] ? __pfx_down_write+0x10/0x10 [ 2639.463412] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2639.463432] ext4_map_blocks+0x630/0x15a0 [ 2639.463454] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2639.463468] ? lock_is_held_type+0x9e/0x120 [ 2639.463484] ? jbd2__journal_start+0xf6/0x6b0 [ 2639.463501] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2639.463518] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2639.463534] ? ext4_iomap_begin+0x5b8/0xe80 [ 2639.463555] ext4_iomap_begin+0xa62/0xe80 [ 2639.463581] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2639.463605] ? __create_object+0x59/0x80 [ 2639.463620] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2639.463639] iomap_iter+0x54a/0xdb0 [ 2639.463660] __iomap_dio_rw+0x6ac/0x1cf0 [ 2639.463686] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2639.463705] ? lock_release+0xc8/0x290 [ 2639.463718] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2639.463742] ? kasan_quarantine_put+0x84/0x1e0 [ 2639.463778] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2639.463791] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2639.463815] iomap_dio_rw+0x40/0xa0 [ 2639.463834] ext4_file_write_iter+0xe0b/0x1990 [ 2639.463859] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2639.463873] ? __kasan_kmalloc+0x7f/0x90 [ 2639.463885] ? trace_kmalloc+0x1f/0xb0 [ 2639.463895] ? __kmalloc_noprof+0x215/0x4b0 [ 2639.463923] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2639.463943] iter_file_splice_write+0x927/0x10c0 [ 2639.463969] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2639.464003] ? lock_is_held_type+0x9e/0x120 [ 2639.464014] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2639.464031] direct_splice_actor+0x192/0x7b0 [ 2639.464048] splice_direct_to_actor+0x347/0x9d0 [ 2639.464064] ? __pfx_direct_splice_actor+0x10/0x10 [ 2639.464083] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2639.464099] ? lock_acquire+0x15e/0x2f0 [ 2639.464115] do_splice_direct+0x179/0x250 [ 2639.464129] ? __pfx_do_splice_direct+0x10/0x10 [ 2639.464144] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2639.464161] ? security_file_permission+0x22/0x90 [ 2639.464178] do_sendfile+0xa8e/0xdc0 [ 2639.464200] ? __pfx_do_sendfile+0x10/0x10 [ 2639.464216] ? __fget_files+0x20d/0x3b0 [ 2639.464241] __x64_sys_sendfile64+0x1d3/0x210 [ 2639.464253] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2639.464273] do_syscall_64+0xbf/0x360 [ 2639.464288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2639.464301] RIP: 0033:0x7f7b6ab9db19 [ 2639.464310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2639.464322] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2639.464334] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2639.464343] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2639.464350] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2639.464357] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2639.464364] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2639.464384] [ 2639.514660] loop0: detected capacity change from 0 to 256 [ 2639.557919] loop2: detected capacity change from 0 to 288 [ 2639.563583] FAT-fs (loop0): bogus number of FAT sectors [ 2639.564226] FAT-fs (loop0): Can't find a valid FAT filesystem [ 2639.567532] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2639.574540] loop6: detected capacity change from 0 to 256 [ 2639.577178] FAT-fs (loop6): bogus number of FAT sectors [ 2639.577610] FAT-fs (loop6): Can't find a valid FAT filesystem [ 2639.580620] FAULT_INJECTION: forcing a failure. [ 2639.580620] name failslab, interval 1, probability 0, space 0, times 0 [ 2639.582405] CPU: 0 UID: 0 PID: 15885 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2639.582439] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2639.582454] Call Trace: [ 2639.582463] [ 2639.582473] dump_stack_lvl+0xfa/0x120 [ 2639.582509] should_fail_ex+0x4d7/0x5e0 [ 2639.582563] ? ext4_find_extent+0x7f5/0xa00 [ 2639.582587] should_failslab+0xc2/0x120 [ 2639.582629] __kmalloc_noprof+0xb4/0x4b0 [ 2639.582676] ext4_find_extent+0x7f5/0xa00 [ 2639.582712] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2639.582760] ? unwind_next_frame+0x3bc/0x2540 [ 2639.582796] ? do_syscall_64+0xbf/0x360 [ 2639.582826] ? perf_trace_lock_acquire+0xc9/0x700 [ 2639.582857] ? perf_trace_lock_acquire+0xc9/0x700 [ 2639.582893] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2639.582940] ? lock_acquire+0x15e/0x2f0 [ 2639.582966] ? ext4_map_blocks+0x569/0x15a0 [ 2639.583017] ? down_write+0x119/0x1f0 [ 2639.583045] ? __pfx_down_write+0x10/0x10 [ 2639.583071] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2639.583115] ext4_map_blocks+0x630/0x15a0 [ 2639.583161] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2639.583192] ? lock_is_held_type+0x9e/0x120 [ 2639.583226] ? jbd2__journal_start+0xf6/0x6b0 [ 2639.583261] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2639.583298] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2639.583333] ? ext4_iomap_begin+0x5b8/0xe80 [ 2639.583378] ext4_iomap_begin+0xa62/0xe80 [ 2639.583434] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2639.583485] ? __create_object+0x59/0x80 [ 2639.583515] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2639.583555] iomap_iter+0x54a/0xdb0 [ 2639.583599] __iomap_dio_rw+0x6ac/0x1cf0 [ 2639.583653] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2639.583693] ? lock_release+0xc8/0x290 [ 2639.583720] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2639.583772] ? kasan_quarantine_put+0x84/0x1e0 [ 2639.583848] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2639.583876] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2639.583942] iomap_dio_rw+0x40/0xa0 [ 2639.583982] ext4_file_write_iter+0xe0b/0x1990 [ 2639.584035] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2639.584067] ? __kasan_kmalloc+0x7f/0x90 [ 2639.584092] ? trace_kmalloc+0x1f/0xb0 [ 2639.584115] ? __kmalloc_noprof+0x215/0x4b0 [ 2639.584149] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2639.584191] iter_file_splice_write+0x927/0x10c0 [ 2639.584246] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2639.584317] ? lock_is_held_type+0x9e/0x120 [ 2639.584341] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2639.584377] direct_splice_actor+0x192/0x7b0 [ 2639.584413] splice_direct_to_actor+0x347/0x9d0 [ 2639.584447] ? __pfx_direct_splice_actor+0x10/0x10 [ 2639.584488] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2639.584523] ? lock_acquire+0x15e/0x2f0 [ 2639.584557] do_splice_direct+0x179/0x250 [ 2639.584588] ? __pfx_do_splice_direct+0x10/0x10 [ 2639.584620] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2639.584656] ? security_file_permission+0x22/0x90 [ 2639.584693] do_sendfile+0xa8e/0xdc0 [ 2639.584739] ? __pfx_do_sendfile+0x10/0x10 [ 2639.584779] ? perf_trace_preemptirq_template+0x259/0x430 [ 2639.584828] __x64_sys_sendfile64+0x1d3/0x210 [ 2639.584856] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2639.584897] do_syscall_64+0xbf/0x360 [ 2639.584928] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2639.584955] RIP: 0033:0x7f85c6477b19 [ 2639.584975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2639.585000] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2639.585025] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2639.585042] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2639.585057] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2639.585072] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2639.585087] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2639.585129] 09:30:22 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f800002000400003000000000000", 0x23}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:22 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 18) 09:30:22 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 23) 09:30:22 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 21) 09:30:22 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000", 0x24}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:22 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x3) 09:30:22 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xfffffff4) 09:30:22 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c", 0x26, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2650.513632] loop0: detected capacity change from 0 to 256 [ 2650.516119] FAT-fs (loop0): bogus number of FAT sectors [ 2650.516584] FAT-fs (loop0): Can't find a valid FAT filesystem 09:30:23 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000", 0x24}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2650.566220] loop6: detected capacity change from 0 to 256 [ 2650.566383] loop0: detected capacity change from 0 to 256 [ 2650.572495] FAT-fs (loop0): bogus number of FAT sectors [ 2650.572960] FAT-fs (loop0): Can't find a valid FAT filesystem 09:30:23 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7) [ 2650.605133] FAT-fs (loop6): bogus number of FAT sectors [ 2650.606431] FAT-fs (loop6): Can't find a valid FAT filesystem [ 2650.618759] loop2: detected capacity change from 0 to 288 09:30:23 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xfffffff5) 09:30:23 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2650.639706] FAULT_INJECTION: forcing a failure. [ 2650.639706] name failslab, interval 1, probability 0, space 0, times 0 [ 2650.640649] CPU: 1 UID: 0 PID: 15914 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2650.640665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2650.640673] Call Trace: [ 2650.640678] [ 2650.640684] dump_stack_lvl+0xfa/0x120 [ 2650.640705] should_fail_ex+0x4d7/0x5e0 [ 2650.640731] ? ext4_find_extent+0x7f5/0xa00 [ 2650.640744] should_failslab+0xc2/0x120 [ 2650.640765] __kmalloc_noprof+0xb4/0x4b0 [ 2650.640788] ext4_find_extent+0x7f5/0xa00 [ 2650.640805] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2650.640828] ? unwind_next_frame+0x3bc/0x2540 [ 2650.640846] ? do_syscall_64+0xbf/0x360 [ 2650.640861] ? perf_trace_lock_acquire+0xc9/0x700 [ 2650.640880] ? perf_trace_lock_acquire+0xc9/0x700 [ 2650.640897] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2650.640920] ? lock_acquire+0x15e/0x2f0 [ 2650.640933] ? ext4_map_blocks+0x569/0x15a0 [ 2650.640958] ? down_write+0x119/0x1f0 [ 2650.640972] ? __pfx_down_write+0x10/0x10 [ 2650.640984] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2650.641005] ext4_map_blocks+0x630/0x15a0 [ 2650.641027] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2650.641041] ? lock_is_held_type+0x9e/0x120 [ 2650.641058] ? jbd2__journal_start+0xf6/0x6b0 [ 2650.641076] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2650.641096] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2650.641113] ? ext4_iomap_begin+0x5b8/0xe80 [ 2650.641134] ext4_iomap_begin+0xa62/0xe80 [ 2650.641161] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2650.641185] ? __create_object+0x59/0x80 [ 2650.641203] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2650.641221] iomap_iter+0x54a/0xdb0 [ 2650.641243] __iomap_dio_rw+0x6ac/0x1cf0 [ 2650.641270] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2650.641289] ? lock_release+0xc8/0x290 [ 2650.641302] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2650.641327] ? kasan_quarantine_put+0x84/0x1e0 [ 2650.641363] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2650.641377] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2650.641401] iomap_dio_rw+0x40/0xa0 [ 2650.641420] ext4_file_write_iter+0xe0b/0x1990 [ 2650.641445] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2650.641461] ? __kasan_kmalloc+0x7f/0x90 [ 2650.641473] ? trace_kmalloc+0x1f/0xb0 [ 2650.641484] ? __kmalloc_noprof+0x215/0x4b0 [ 2650.641499] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2650.641520] iter_file_splice_write+0x927/0x10c0 [ 2650.641546] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2650.641580] ? lock_is_held_type+0x9e/0x120 [ 2650.641592] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2650.641608] direct_splice_actor+0x192/0x7b0 [ 2650.641625] splice_direct_to_actor+0x347/0x9d0 [ 2650.641641] ? __pfx_direct_splice_actor+0x10/0x10 [ 2650.641660] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2650.641677] ? lock_acquire+0x15e/0x2f0 [ 2650.641693] do_splice_direct+0x179/0x250 [ 2650.641707] ? __pfx_do_splice_direct+0x10/0x10 [ 2650.641722] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2650.641740] ? security_file_permission+0x22/0x90 [ 2650.641757] do_sendfile+0xa8e/0xdc0 [ 2650.641780] ? __pfx_do_sendfile+0x10/0x10 [ 2650.641796] ? __fget_files+0x20d/0x3b0 [ 2650.641821] __x64_sys_sendfile64+0x1d3/0x210 [ 2650.641835] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2650.641854] do_syscall_64+0xbf/0x360 [ 2650.641869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2650.641881] RIP: 0033:0x7f85c6477b19 [ 2650.641891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2650.641904] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2650.641916] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2650.641924] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2650.641931] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2650.641938] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2650.641946] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2650.641966] [ 2650.672069] FAULT_INJECTION: forcing a failure. [ 2650.672069] name failslab, interval 1, probability 0, space 0, times 0 [ 2650.673924] CPU: 0 UID: 0 PID: 15915 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2650.673958] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2650.673972] Call Trace: [ 2650.673981] [ 2650.673991] dump_stack_lvl+0xfa/0x120 [ 2650.674025] should_fail_ex+0x4d7/0x5e0 [ 2650.674072] ? jbd2__journal_start+0x193/0x6b0 [ 2650.674097] should_failslab+0xc2/0x120 [ 2650.674137] kmem_cache_alloc_noprof+0x5f/0x470 [ 2650.674171] ? lock_is_held_type+0x9e/0x120 [ 2650.674203] jbd2__journal_start+0x193/0x6b0 [ 2650.674235] __ext4_journal_start_sb+0x325/0x5d0 [ 2650.674272] ? ext4_iomap_begin+0x5b8/0xe80 [ 2650.674312] ext4_iomap_begin+0x5b8/0xe80 [ 2650.674371] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2650.674419] ? __create_object+0x59/0x80 [ 2650.674459] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2650.674515] iomap_iter+0x54a/0xdb0 [ 2650.674561] __iomap_dio_rw+0x6ac/0x1cf0 [ 2650.674612] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2650.674648] ? lock_release+0xc8/0x290 [ 2650.674676] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2650.674724] ? kasan_quarantine_put+0x84/0x1e0 [ 2650.674792] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2650.674820] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2650.674866] iomap_dio_rw+0x40/0xa0 [ 2650.674912] ext4_file_write_iter+0xe0b/0x1990 [ 2650.674960] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2650.674991] ? __kasan_kmalloc+0x7f/0x90 [ 2650.675015] ? trace_kmalloc+0x1f/0xb0 [ 2650.675037] ? __kmalloc_noprof+0x215/0x4b0 [ 2650.675068] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2650.675108] iter_file_splice_write+0x927/0x10c0 [ 2650.675159] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2650.675224] ? lock_is_held_type+0x9e/0x120 [ 2650.675246] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2650.675280] direct_splice_actor+0x192/0x7b0 [ 2650.675315] splice_direct_to_actor+0x347/0x9d0 [ 2650.675347] ? __pfx_direct_splice_actor+0x10/0x10 [ 2650.675389] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2650.675422] ? lock_acquire+0x15e/0x2f0 [ 2650.675468] do_splice_direct+0x179/0x250 [ 2650.675501] ? __pfx_do_splice_direct+0x10/0x10 [ 2650.675530] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2650.675564] ? security_file_permission+0x22/0x90 [ 2650.675597] do_sendfile+0xa8e/0xdc0 [ 2650.675639] ? __pfx_do_sendfile+0x10/0x10 [ 2650.675672] ? __fget_files+0x20d/0x3b0 [ 2650.675719] __x64_sys_sendfile64+0x1d3/0x210 [ 2650.675744] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2650.675782] do_syscall_64+0xbf/0x360 [ 2650.675812] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2650.675837] RIP: 0033:0x7fe5d2196b19 [ 2650.675857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2650.675880] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2650.675903] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2650.675919] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2650.675933] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2650.675948] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2650.675962] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2650.676000] [ 2650.765346] loop0: detected capacity change from 0 to 256 [ 2650.777944] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2650.794651] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:30:23 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 22) 09:30:23 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f800002000400003000000000000000100", 0x26}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:23 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 19) 09:30:23 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xfffffffb) [ 2650.909719] FAULT_INJECTION: forcing a failure. [ 2650.909719] name failslab, interval 1, probability 0, space 0, times 0 [ 2650.910690] CPU: 1 UID: 0 PID: 15930 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2650.910707] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2650.910715] Call Trace: [ 2650.910720] [ 2650.910725] dump_stack_lvl+0xfa/0x120 [ 2650.910746] should_fail_ex+0x4d7/0x5e0 [ 2650.910775] ? ext4_mb_new_blocks+0x64e/0x4570 [ 2650.910793] should_failslab+0xc2/0x120 [ 2650.910814] kmem_cache_alloc_noprof+0x5f/0x470 [ 2650.910831] ? _raw_spin_unlock+0x1e/0x40 [ 2650.910849] ? __mark_inode_dirty+0x646/0xd00 [ 2650.910876] ext4_mb_new_blocks+0x64e/0x4570 [ 2650.910901] ? kasan_save_track+0x14/0x30 [ 2650.910913] ? __kasan_kmalloc+0x7f/0x90 [ 2650.910926] ? trace_kmalloc+0x1f/0xb0 [ 2650.910937] ? __kmalloc_noprof+0x215/0x4b0 [ 2650.910954] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 2650.910972] ? ext4_ext_search_right+0x2e8/0xbd0 [ 2650.910992] ? ext4_inode_to_goal_block+0x323/0x430 [ 2650.911015] ext4_ext_map_blocks+0x1c55/0x5f30 [ 2650.911039] ? unwind_next_frame+0x3bc/0x2540 [ 2650.911057] ? do_syscall_64+0xbf/0x360 [ 2650.911072] ? perf_trace_lock_acquire+0xc9/0x700 [ 2650.911087] ? perf_trace_lock_acquire+0xc9/0x700 [ 2650.911104] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2650.911127] ? lock_acquire+0x15e/0x2f0 [ 2650.911139] ? ext4_map_blocks+0x569/0x15a0 [ 2650.911166] ? __pfx_down_write+0x10/0x10 [ 2650.911178] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2650.911200] ext4_map_blocks+0x630/0x15a0 [ 2650.911222] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2650.911236] ? lock_is_held_type+0x9e/0x120 [ 2650.911253] ? jbd2__journal_start+0xf6/0x6b0 [ 2650.911270] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2650.911287] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2650.911303] ? ext4_iomap_begin+0x5b8/0xe80 [ 2650.911324] ext4_iomap_begin+0xa62/0xe80 [ 2650.911351] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2650.911375] ? __create_object+0x59/0x80 [ 2650.911395] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2650.911414] iomap_iter+0x54a/0xdb0 [ 2650.911435] __iomap_dio_rw+0x6ac/0x1cf0 [ 2650.911461] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2650.911481] ? lock_release+0xc8/0x290 [ 2650.911494] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2650.911519] ? kasan_quarantine_put+0x84/0x1e0 [ 2650.911555] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2650.911569] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2650.911593] iomap_dio_rw+0x40/0xa0 [ 2650.911611] ext4_file_write_iter+0xe0b/0x1990 [ 2650.911637] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2650.911652] ? __kasan_kmalloc+0x7f/0x90 [ 2650.911664] ? trace_kmalloc+0x1f/0xb0 [ 2650.911674] ? __kmalloc_noprof+0x215/0x4b0 [ 2650.911690] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2650.911710] iter_file_splice_write+0x927/0x10c0 [ 2650.911737] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2650.911771] ? lock_is_held_type+0x9e/0x120 [ 2650.911782] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2650.911799] direct_splice_actor+0x192/0x7b0 [ 2650.911816] splice_direct_to_actor+0x347/0x9d0 [ 2650.911833] ? __pfx_direct_splice_actor+0x10/0x10 [ 2650.911852] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2650.911869] ? lock_acquire+0x15e/0x2f0 [ 2650.911885] do_splice_direct+0x179/0x250 [ 2650.911899] ? __pfx_do_splice_direct+0x10/0x10 [ 2650.911914] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2650.911931] ? security_file_permission+0x22/0x90 [ 2650.911949] do_sendfile+0xa8e/0xdc0 [ 2650.911971] ? __pfx_do_sendfile+0x10/0x10 [ 2650.911988] ? __fget_files+0x20d/0x3b0 [ 2650.912012] __x64_sys_sendfile64+0x1d3/0x210 [ 2650.912100] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2650.912119] do_syscall_64+0xbf/0x360 [ 2650.912133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2650.912145] RIP: 0033:0x7f85c6477b19 [ 2650.912153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2650.912166] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2650.912177] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2650.912185] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2650.912192] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2650.912199] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2650.912206] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2650.912225] 09:30:23 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 24) 09:30:23 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffff", 0x39, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:23 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000", 0x24}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2650.990218] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2651.050771] loop6: detected capacity change from 0 to 256 09:30:23 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8) 09:30:23 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 23) 09:30:23 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 20) [ 2651.107420] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2651.126604] FAULT_INJECTION: forcing a failure. [ 2651.126604] name failslab, interval 1, probability 0, space 0, times 0 [ 2651.127638] CPU: 1 UID: 0 PID: 15937 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2651.127655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2651.127663] Call Trace: [ 2651.127667] [ 2651.127673] dump_stack_lvl+0xfa/0x120 [ 2651.127693] should_fail_ex+0x4d7/0x5e0 [ 2651.127719] ? ext4_find_extent+0x7f5/0xa00 [ 2651.127732] should_failslab+0xc2/0x120 [ 2651.127752] __kmalloc_noprof+0xb4/0x4b0 [ 2651.127775] ext4_find_extent+0x7f5/0xa00 [ 2651.127792] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2651.127815] ? unwind_next_frame+0x3bc/0x2540 [ 2651.127833] ? do_syscall_64+0xbf/0x360 [ 2651.127848] ? perf_trace_lock_acquire+0xc9/0x700 [ 2651.127863] ? perf_trace_lock_acquire+0xc9/0x700 [ 2651.127884] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2651.127907] ? lock_acquire+0x15e/0x2f0 [ 2651.127920] ? ext4_map_blocks+0x569/0x15a0 [ 2651.127945] ? down_write+0x119/0x1f0 [ 2651.127959] ? __pfx_down_write+0x10/0x10 [ 2651.127970] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2651.127992] ext4_map_blocks+0x630/0x15a0 [ 2651.128014] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2651.128034] ? lock_is_held_type+0x9e/0x120 [ 2651.128051] ? jbd2__journal_start+0xf6/0x6b0 [ 2651.128069] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2651.128086] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2651.128103] ? ext4_iomap_begin+0x5b8/0xe80 [ 2651.128124] ext4_iomap_begin+0xa62/0xe80 [ 2651.128151] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2651.128175] ? __create_object+0x59/0x80 [ 2651.128192] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2651.128210] iomap_iter+0x54a/0xdb0 [ 2651.128232] __iomap_dio_rw+0x6ac/0x1cf0 [ 2651.128258] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2651.128277] ? lock_release+0xc8/0x290 [ 2651.128290] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2651.128315] ? kasan_quarantine_put+0x84/0x1e0 [ 2651.128351] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2651.128365] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2651.128389] iomap_dio_rw+0x40/0xa0 [ 2651.128408] ext4_file_write_iter+0xe0b/0x1990 [ 2651.128433] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2651.128448] ? __kasan_kmalloc+0x7f/0x90 [ 2651.128460] ? trace_kmalloc+0x1f/0xb0 [ 2651.128471] ? __kmalloc_noprof+0x215/0x4b0 [ 2651.128486] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2651.128507] iter_file_splice_write+0x927/0x10c0 [ 2651.128534] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2651.128568] ? lock_is_held_type+0x9e/0x120 [ 2651.128579] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2651.128596] direct_splice_actor+0x192/0x7b0 [ 2651.128613] splice_direct_to_actor+0x347/0x9d0 [ 2651.128629] ? __pfx_direct_splice_actor+0x10/0x10 [ 2651.128648] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2651.128664] ? lock_acquire+0x15e/0x2f0 [ 2651.128680] do_splice_direct+0x179/0x250 [ 2651.128694] ? __pfx_do_splice_direct+0x10/0x10 [ 2651.128709] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2651.128726] ? security_file_permission+0x22/0x90 [ 2651.128744] do_sendfile+0xa8e/0xdc0 [ 2651.128766] ? __pfx_do_sendfile+0x10/0x10 [ 2651.128783] ? __fget_files+0x20d/0x3b0 [ 2651.128808] __x64_sys_sendfile64+0x1d3/0x210 [ 2651.128821] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2651.128841] do_syscall_64+0xbf/0x360 [ 2651.128855] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2651.128868] RIP: 0033:0x7fe5d2196b19 [ 2651.128877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2651.128889] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2651.128901] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2651.128909] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2651.128916] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2651.128923] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2651.128930] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2651.128951] 09:30:23 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xfffffffe) [ 2651.188732] FAULT_INJECTION: forcing a failure. [ 2651.188732] name failslab, interval 1, probability 0, space 0, times 0 [ 2651.189683] CPU: 1 UID: 0 PID: 15938 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2651.189699] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2651.189706] Call Trace: [ 2651.189710] [ 2651.189715] dump_stack_lvl+0xfa/0x120 [ 2651.189731] should_fail_ex+0x4d7/0x5e0 [ 2651.189753] ? ext4_mb_new_blocks+0x244c/0x4570 [ 2651.189770] should_failslab+0xc2/0x120 [ 2651.189789] kmem_cache_alloc_noprof+0x5f/0x470 [ 2651.189805] ? _raw_spin_unlock+0x1e/0x40 [ 2651.189827] ext4_mb_new_blocks+0x244c/0x4570 [ 2651.189852] ? kasan_save_track+0x14/0x30 [ 2651.189863] ? __kasan_kmalloc+0x7f/0x90 [ 2651.189879] ? trace_kmalloc+0x1f/0xb0 [ 2651.189890] ? __kmalloc_noprof+0x215/0x4b0 [ 2651.189907] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 2651.189925] ? ext4_ext_search_right+0x2e8/0xbd0 [ 2651.189943] ? ext4_inode_to_goal_block+0x323/0x430 [ 2651.189967] ext4_ext_map_blocks+0x1c55/0x5f30 [ 2651.189990] ? unwind_next_frame+0x3bc/0x2540 [ 2651.190007] ? do_syscall_64+0xbf/0x360 [ 2651.190021] ? perf_trace_lock_acquire+0xc9/0x700 [ 2651.190035] ? perf_trace_lock_acquire+0xc9/0x700 [ 2651.190051] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2651.190074] ? lock_acquire+0x15e/0x2f0 [ 2651.190086] ? ext4_map_blocks+0x569/0x15a0 [ 2651.190112] ? __pfx_down_write+0x10/0x10 [ 2651.190124] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2651.190145] ext4_map_blocks+0x630/0x15a0 [ 2651.190167] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2651.190181] ? lock_is_held_type+0x9e/0x120 [ 2651.190197] ? jbd2__journal_start+0xf6/0x6b0 [ 2651.190213] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2651.190230] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2651.190246] ? ext4_iomap_begin+0x5b8/0xe80 [ 2651.190267] ext4_iomap_begin+0xa62/0xe80 [ 2651.190294] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2651.190318] ? __create_object+0x59/0x80 [ 2651.190333] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2651.190351] iomap_iter+0x54a/0xdb0 [ 2651.190372] __iomap_dio_rw+0x6ac/0x1cf0 [ 2651.190398] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2651.190416] ? lock_release+0xc8/0x290 [ 2651.190429] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2651.190453] ? kasan_quarantine_put+0x84/0x1e0 [ 2651.190489] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2651.190503] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2651.190527] iomap_dio_rw+0x40/0xa0 [ 2651.190546] ext4_file_write_iter+0xe0b/0x1990 [ 2651.190571] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2651.190586] ? __kasan_kmalloc+0x7f/0x90 [ 2651.190598] ? trace_kmalloc+0x1f/0xb0 [ 2651.190608] ? __kmalloc_noprof+0x215/0x4b0 [ 2651.190624] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2651.190644] iter_file_splice_write+0x927/0x10c0 [ 2651.190670] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2651.190704] ? lock_is_held_type+0x9e/0x120 [ 2651.190715] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2651.190732] direct_splice_actor+0x192/0x7b0 [ 2651.190749] splice_direct_to_actor+0x347/0x9d0 [ 2651.190765] ? __pfx_direct_splice_actor+0x10/0x10 [ 2651.190784] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2651.190800] ? lock_acquire+0x15e/0x2f0 [ 2651.190816] do_splice_direct+0x179/0x250 [ 2651.190830] ? __pfx_do_splice_direct+0x10/0x10 [ 2651.190845] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2651.190862] ? security_file_permission+0x22/0x90 [ 2651.190879] do_sendfile+0xa8e/0xdc0 [ 2651.190900] ? __pfx_do_sendfile+0x10/0x10 [ 2651.190917] ? __fget_files+0x20d/0x3b0 [ 2651.190941] __x64_sys_sendfile64+0x1d3/0x210 [ 2651.190954] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2651.190974] do_syscall_64+0xbf/0x360 [ 2651.190988] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2651.191000] RIP: 0033:0x7f7b6ab9db19 [ 2651.191010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2651.191021] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2651.191033] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2651.191041] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2651.191048] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2651.191056] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2651.191063] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2651.191083] [ 2651.204135] loop0: detected capacity change from 0 to 256 [ 2651.217649] loop2: detected capacity change from 0 to 288 [ 2651.235209] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2651.282832] FAT-fs (loop0): bogus number of FAT sectors [ 2651.283434] FAT-fs (loop0): Can't find a valid FAT filesystem [ 2651.295202] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:30:35 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 24) 09:30:35 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000", 0x24}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:35 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x102) 09:30:35 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x8000000000000) 09:30:35 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 25) 09:30:35 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 21) 09:30:35 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffff", 0x39, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:35 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000", 0x24}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2663.590453] loop0: detected capacity change from 0 to 256 [ 2663.593130] loop2: detected capacity change from 0 to 288 [ 2663.598499] loop6: detected capacity change from 0 to 256 [ 2663.608733] FAT-fs (loop0): bogus number of FAT sectors [ 2663.609638] FAT-fs (loop0): Can't find a valid FAT filesystem [ 2663.611302] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2663.645053] FAULT_INJECTION: forcing a failure. [ 2663.645053] name failslab, interval 1, probability 0, space 0, times 0 [ 2663.649860] CPU: 1 UID: 0 PID: 15972 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2663.649904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2663.649919] Call Trace: [ 2663.649929] [ 2663.649939] dump_stack_lvl+0xfa/0x120 [ 2663.649975] should_fail_ex+0x4d7/0x5e0 [ 2663.650023] ? ext4_mb_new_blocks+0x244c/0x4570 [ 2663.650057] should_failslab+0xc2/0x120 [ 2663.650097] kmem_cache_alloc_noprof+0x5f/0x470 [ 2663.650132] ? _raw_spin_unlock+0x1e/0x40 [ 2663.650177] ext4_mb_new_blocks+0x244c/0x4570 [ 2663.650231] ? kasan_save_track+0x14/0x30 [ 2663.650255] ? __kasan_kmalloc+0x7f/0x90 [ 2663.650279] ? trace_kmalloc+0x1f/0xb0 [ 2663.650301] ? __kmalloc_noprof+0x215/0x4b0 [ 2663.650336] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 2663.650373] ? ext4_ext_search_right+0x2e8/0xbd0 [ 2663.650411] ? ext4_inode_to_goal_block+0x323/0x430 [ 2663.650458] ext4_ext_map_blocks+0x1c55/0x5f30 [ 2663.650506] ? unwind_next_frame+0x3bc/0x2540 [ 2663.650540] ? do_syscall_64+0xbf/0x360 [ 2663.650570] ? perf_trace_lock_acquire+0xc9/0x700 [ 2663.650600] ? perf_trace_lock_acquire+0xc9/0x700 [ 2663.650635] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2663.650682] ? lock_acquire+0x15e/0x2f0 [ 2663.650706] ? ext4_map_blocks+0x569/0x15a0 [ 2663.650760] ? __pfx_down_write+0x10/0x10 [ 2663.650786] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2663.650829] ext4_map_blocks+0x630/0x15a0 [ 2663.650874] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2663.650903] ? lock_is_held_type+0x9e/0x120 [ 2663.650937] ? jbd2__journal_start+0xf6/0x6b0 [ 2663.650972] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2663.651006] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2663.651040] ? ext4_iomap_begin+0x5b8/0xe80 [ 2663.651084] ext4_iomap_begin+0xa62/0xe80 [ 2663.651140] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2663.651190] ? __create_object+0x59/0x80 [ 2663.651221] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2663.651260] iomap_iter+0x54a/0xdb0 [ 2663.651303] __iomap_dio_rw+0x6ac/0x1cf0 [ 2663.651358] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2663.651396] ? lock_release+0xc8/0x290 [ 2663.651422] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2663.651474] ? kasan_quarantine_put+0x84/0x1e0 [ 2663.651547] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2663.651575] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2663.651624] iomap_dio_rw+0x40/0xa0 [ 2663.651663] ext4_file_write_iter+0xe0b/0x1990 [ 2663.651715] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2663.651745] ? __kasan_kmalloc+0x7f/0x90 [ 2663.651770] ? trace_kmalloc+0x1f/0xb0 [ 2663.651791] ? __kmalloc_noprof+0x215/0x4b0 [ 2663.651824] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2663.651865] iter_file_splice_write+0x927/0x10c0 [ 2663.651920] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2663.651990] ? lock_is_held_type+0x9e/0x120 [ 2663.652013] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2663.652048] direct_splice_actor+0x192/0x7b0 [ 2663.652085] splice_direct_to_actor+0x347/0x9d0 [ 2663.652117] ? __pfx_direct_splice_actor+0x10/0x10 [ 2663.652170] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2663.652204] ? lock_acquire+0x15e/0x2f0 [ 2663.652237] do_splice_direct+0x179/0x250 [ 2663.652266] ? __pfx_do_splice_direct+0x10/0x10 [ 2663.652297] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2663.652332] ? security_file_permission+0x22/0x90 [ 2663.652368] do_sendfile+0xa8e/0xdc0 [ 2663.652412] ? __pfx_do_sendfile+0x10/0x10 [ 2663.652446] ? __fget_files+0x20d/0x3b0 [ 2663.652496] __x64_sys_sendfile64+0x1d3/0x210 [ 2663.652522] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2663.652564] do_syscall_64+0xbf/0x360 [ 2663.652594] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2663.652619] RIP: 0033:0x7f85c6477b19 [ 2663.652639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2663.652663] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2663.652687] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2663.652704] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2663.652720] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2663.652736] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2663.652753] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2663.652795] 09:30:36 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000", 0x24}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2663.735000] FAT-fs (loop6): bogus number of FAT sectors [ 2663.737077] FAT-fs (loop6): Can't find a valid FAT filesystem [ 2663.832628] loop0: detected capacity change from 0 to 256 [ 2663.854073] FAT-fs (loop0): bogus number of FAT sectors [ 2663.854684] FAT-fs (loop0): Can't find a valid FAT filesystem 09:30:48 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x321) 09:30:48 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffff", 0x39, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:48 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 22) 09:30:48 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 26) 09:30:48 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000", 0x24}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:48 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 25) 09:30:48 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:48 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x100000000000000) [ 2675.856938] loop6: detected capacity change from 0 to 256 [ 2675.859237] loop0: detected capacity change from 0 to 256 [ 2675.869371] FAULT_INJECTION: forcing a failure. [ 2675.869371] name failslab, interval 1, probability 0, space 0, times 0 [ 2675.870461] CPU: 0 UID: 0 PID: 15999 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2675.870477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2675.870485] Call Trace: [ 2675.870490] [ 2675.870495] dump_stack_lvl+0xfa/0x120 [ 2675.870516] should_fail_ex+0x4d7/0x5e0 [ 2675.870542] ? __es_insert_extent+0xed2/0x1370 [ 2675.870556] should_failslab+0xc2/0x120 [ 2675.870577] kmem_cache_alloc_noprof+0x5f/0x470 [ 2675.870594] ? __pfx___es_remove_extent+0x10/0x10 [ 2675.870608] ? ext4_es_can_be_merged.isra.0+0x13b/0x160 [ 2675.870627] __es_insert_extent+0xed2/0x1370 [ 2675.870652] ext4_es_insert_extent+0x4d0/0x1100 [ 2675.870674] ? __pfx_ext4_es_insert_extent+0x10/0x10 [ 2675.870688] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 2675.870708] ? percpu_counter_add_batch+0x126/0x240 [ 2675.870728] ? find_held_lock+0x2b/0x80 [ 2675.870748] ? lock_release+0xc8/0x290 [ 2675.870762] ? do_raw_read_unlock+0x44/0xe0 [ 2675.870779] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2675.870800] ext4_map_blocks+0x815/0x15a0 [ 2675.870823] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2675.870837] ? lock_is_held_type+0x9e/0x120 [ 2675.870853] ? jbd2__journal_start+0xf6/0x6b0 [ 2675.870875] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2675.870895] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2675.870912] ? ext4_iomap_begin+0x5b8/0xe80 [ 2675.870933] ext4_iomap_begin+0xa62/0xe80 [ 2675.870960] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2675.870984] ? __create_object+0x59/0x80 [ 2675.870999] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2675.871018] iomap_iter+0x54a/0xdb0 [ 2675.871040] __iomap_dio_rw+0x6ac/0x1cf0 [ 2675.871066] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2675.871086] ? lock_release+0xc8/0x290 [ 2675.871099] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2675.871124] ? kasan_quarantine_put+0x84/0x1e0 [ 2675.871159] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2675.871173] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2675.871197] iomap_dio_rw+0x40/0xa0 [ 2675.871216] ext4_file_write_iter+0xe0b/0x1990 [ 2675.871241] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2675.871256] ? __kasan_kmalloc+0x7f/0x90 [ 2675.871269] ? trace_kmalloc+0x1f/0xb0 [ 2675.871280] ? __kmalloc_noprof+0x215/0x4b0 [ 2675.871295] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2675.871316] iter_file_splice_write+0x927/0x10c0 [ 2675.871342] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2675.871376] ? lock_is_held_type+0x9e/0x120 [ 2675.871388] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2675.871404] direct_splice_actor+0x192/0x7b0 [ 2675.871421] splice_direct_to_actor+0x347/0x9d0 [ 2675.871437] ? __pfx_direct_splice_actor+0x10/0x10 [ 2675.871457] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2675.871473] ? lock_acquire+0x15e/0x2f0 [ 2675.871489] do_splice_direct+0x179/0x250 [ 2675.871504] ? __pfx_do_splice_direct+0x10/0x10 [ 2675.871518] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2675.871536] ? security_file_permission+0x22/0x90 [ 2675.871554] do_sendfile+0xa8e/0xdc0 [ 2675.871576] ? __pfx_do_sendfile+0x10/0x10 [ 2675.871595] ? perf_trace_preemptirq_template+0x259/0x430 [ 2675.871618] __x64_sys_sendfile64+0x1d3/0x210 [ 2675.871632] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2675.871652] do_syscall_64+0xbf/0x360 [ 2675.871668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2675.871681] RIP: 0033:0x7f7b6ab9db19 [ 2675.871691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2675.871702] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2675.871714] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2675.871722] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2675.871730] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2675.871737] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2675.871747] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2675.871770] [ 2675.911273] loop2: detected capacity change from 0 to 288 [ 2675.912911] FAT-fs (loop6): bogus number of FAT sectors [ 2675.913329] FAT-fs (loop6): Can't find a valid FAT filesystem 09:30:48 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2675.952779] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:30:48 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000", 0x24}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:48 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x400000000000000) [ 2676.003522] loop0: detected capacity change from 0 to 256 09:30:48 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff4649", 0x42, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2676.086238] loop6: detected capacity change from 0 to 256 [ 2676.103157] FAT-fs (loop6): bogus number of FAT sectors [ 2676.103591] FAT-fs (loop6): Can't find a valid FAT filesystem 09:30:48 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:48 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x4000) [ 2676.157615] loop2: detected capacity change from 0 to 288 [ 2676.173236] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:30:48 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 26) 09:30:48 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x1000000000000000) [ 2676.213765] loop0: detected capacity change from 0 to 256 09:30:48 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 27) 09:30:48 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:48 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 23) 09:30:48 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:48 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff4649", 0x42, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:30:48 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x2000000000000000) [ 2676.349051] loop6: detected capacity change from 0 to 256 [ 2676.353701] loop0: detected capacity change from 0 to 256 [ 2676.361513] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2676.363166] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2676.431822] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2676.464209] loop2: detected capacity change from 0 to 288 [ 2676.488759] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:31:00 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 27) 09:31:00 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 24) 09:31:00 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x2103000000000000) 09:31:00 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:00 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000", 0x24}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:00 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff4649", 0x42, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:00 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 28) 09:31:00 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0xb310) [ 2687.970571] loop6: detected capacity change from 0 to 256 [ 2687.977495] FAT-fs (loop6): bogus number of FAT sectors [ 2687.977975] FAT-fs (loop6): Can't find a valid FAT filesystem [ 2687.994396] loop2: detected capacity change from 0 to 288 09:31:00 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000", 0x24}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2688.008533] loop0: detected capacity change from 0 to 256 [ 2688.016326] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2688.028002] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2688.051605] FAULT_INJECTION: forcing a failure. [ 2688.051605] name failslab, interval 1, probability 0, space 0, times 0 [ 2688.052573] CPU: 0 UID: 0 PID: 16059 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2688.052590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2688.052597] Call Trace: [ 2688.052603] [ 2688.052608] dump_stack_lvl+0xfa/0x120 [ 2688.052629] should_fail_ex+0x4d7/0x5e0 [ 2688.052654] ? ext4_mb_new_blocks+0x244c/0x4570 [ 2688.052672] should_failslab+0xc2/0x120 [ 2688.052693] kmem_cache_alloc_noprof+0x5f/0x470 [ 2688.052713] ? _raw_spin_unlock+0x1e/0x40 [ 2688.052738] ext4_mb_new_blocks+0x244c/0x4570 [ 2688.052763] ? kasan_save_track+0x14/0x30 [ 2688.052775] ? __kasan_kmalloc+0x7f/0x90 [ 2688.052791] ? trace_kmalloc+0x1f/0xb0 [ 2688.052802] ? __kmalloc_noprof+0x215/0x4b0 [ 2688.052819] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 2688.052837] ? ext4_ext_search_right+0x2e8/0xbd0 [ 2688.052856] ? ext4_inode_to_goal_block+0x323/0x430 [ 2688.052883] ext4_ext_map_blocks+0x1c55/0x5f30 [ 2688.052906] ? unwind_next_frame+0x3bc/0x2540 [ 2688.052924] ? do_syscall_64+0xbf/0x360 [ 2688.052938] ? perf_trace_lock_acquire+0xc9/0x700 [ 2688.052953] ? perf_trace_lock_acquire+0xc9/0x700 [ 2688.052970] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2688.052992] ? lock_acquire+0x15e/0x2f0 [ 2688.053005] ? ext4_map_blocks+0x569/0x15a0 [ 2688.053032] ? __pfx_down_write+0x10/0x10 [ 2688.053044] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2688.053065] ext4_map_blocks+0x630/0x15a0 [ 2688.053086] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2688.053101] ? lock_is_held_type+0x9e/0x120 [ 2688.053117] ? jbd2__journal_start+0xf6/0x6b0 [ 2688.053135] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2688.053151] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2688.053167] ? ext4_iomap_begin+0x5b8/0xe80 [ 2688.053188] ext4_iomap_begin+0xa62/0xe80 [ 2688.053215] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2688.053239] ? __create_object+0x59/0x80 [ 2688.053254] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2688.053273] iomap_iter+0x54a/0xdb0 [ 2688.053295] __iomap_dio_rw+0x6ac/0x1cf0 [ 2688.053321] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2688.053340] ? lock_release+0xc8/0x290 [ 2688.053353] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2688.053377] ? kasan_quarantine_put+0x84/0x1e0 [ 2688.053413] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2688.053427] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2688.053451] iomap_dio_rw+0x40/0xa0 [ 2688.053469] ext4_file_write_iter+0xe0b/0x1990 [ 2688.053494] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2688.053509] ? __kasan_kmalloc+0x7f/0x90 [ 2688.053521] ? trace_kmalloc+0x1f/0xb0 [ 2688.053532] ? __kmalloc_noprof+0x215/0x4b0 [ 2688.053547] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2688.053568] iter_file_splice_write+0x927/0x10c0 [ 2688.053594] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2688.053628] ? lock_is_held_type+0x9e/0x120 [ 2688.053640] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2688.053656] direct_splice_actor+0x192/0x7b0 [ 2688.053673] splice_direct_to_actor+0x347/0x9d0 [ 2688.053689] ? __pfx_direct_splice_actor+0x10/0x10 [ 2688.053708] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2688.053724] ? lock_acquire+0x15e/0x2f0 [ 2688.053740] do_splice_direct+0x179/0x250 [ 2688.053755] ? __pfx_do_splice_direct+0x10/0x10 [ 2688.053770] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2688.053786] ? security_file_permission+0x22/0x90 [ 2688.053804] do_sendfile+0xa8e/0xdc0 [ 2688.053826] ? __pfx_do_sendfile+0x10/0x10 [ 2688.053843] ? __fget_files+0x20d/0x3b0 [ 2688.053868] __x64_sys_sendfile64+0x1d3/0x210 [ 2688.053881] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2688.053901] do_syscall_64+0xbf/0x360 [ 2688.053916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2688.053929] RIP: 0033:0x7fe5d2196b19 [ 2688.053939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2688.053951] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2688.053962] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2688.053970] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2688.053978] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2688.053985] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2688.053992] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2688.054012] 09:31:00 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x3800000000000000) 09:31:00 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2688.145983] loop6: detected capacity change from 0 to 256 [ 2688.165442] FAT-fs (loop6): bogus number of FAT sectors [ 2688.166021] FAT-fs (loop6): Can't find a valid FAT filesystem 09:31:00 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020", 0x47, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:00 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 25) 09:31:00 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000", 0x24}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2688.264494] loop2: detected capacity change from 0 to 288 09:31:00 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 28) [ 2688.291068] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2688.316647] loop0: detected capacity change from 0 to 256 09:31:00 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020", 0x47, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2688.353742] loop6: detected capacity change from 0 to 256 [ 2688.356926] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2688.365272] FAT-fs (loop6): bogus number of FAT sectors [ 2688.365711] FAT-fs (loop6): Can't find a valid FAT filesystem [ 2688.368492] loop2: detected capacity change from 0 to 288 [ 2688.373462] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:31:10 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0xb320) 09:31:10 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 29) 09:31:10 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 26) 09:31:10 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x9f0a000000000000) 09:31:10 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 29) 09:31:10 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020", 0x47, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:10 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:10 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, 0x0, 0x80, 0x1) [ 2698.225921] loop2: detected capacity change from 0 to 288 [ 2698.235321] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:31:10 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020", 0x49, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:10 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0xb330) [ 2698.304460] loop0: detected capacity change from 0 to 256 [ 2698.308996] FAULT_INJECTION: forcing a failure. [ 2698.308996] name failslab, interval 1, probability 0, space 0, times 0 [ 2698.310043] CPU: 0 UID: 0 PID: 16098 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2698.310061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2698.310070] Call Trace: [ 2698.310075] [ 2698.310081] dump_stack_lvl+0xfa/0x120 [ 2698.310102] should_fail_ex+0x4d7/0x5e0 [ 2698.310126] ? __es_insert_extent+0xed2/0x1370 [ 2698.310141] should_failslab+0xc2/0x120 [ 2698.310161] kmem_cache_alloc_noprof+0x5f/0x470 [ 2698.310178] ? __pfx___es_remove_extent+0x10/0x10 [ 2698.310192] ? ext4_es_can_be_merged.isra.0+0x13b/0x160 [ 2698.310211] __es_insert_extent+0xed2/0x1370 [ 2698.310236] ext4_es_insert_extent+0x4d0/0x1100 [ 2698.310259] ? __pfx_ext4_es_insert_extent+0x10/0x10 [ 2698.310275] ? percpu_counter_add_batch+0x126/0x240 [ 2698.310295] ? find_held_lock+0x2b/0x80 [ 2698.310315] ? lock_release+0xc8/0x290 [ 2698.310329] ? do_raw_read_unlock+0x44/0xe0 [ 2698.310346] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2698.310367] ext4_map_blocks+0x815/0x15a0 [ 2698.310389] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2698.310403] ? lock_is_held_type+0x9e/0x120 [ 2698.310421] ? jbd2__journal_start+0xf6/0x6b0 [ 2698.310438] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2698.310456] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2698.310472] ? ext4_iomap_begin+0x5b8/0xe80 [ 2698.310493] ext4_iomap_begin+0xa62/0xe80 [ 2698.310520] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2698.310544] ? __create_object+0x59/0x80 [ 2698.310559] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2698.310578] iomap_iter+0x54a/0xdb0 [ 2698.310599] __iomap_dio_rw+0x6ac/0x1cf0 [ 2698.310626] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2698.310645] ? lock_release+0xc8/0x290 [ 2698.310658] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2698.310683] ? kasan_quarantine_put+0x84/0x1e0 [ 2698.310718] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2698.310732] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2698.310756] iomap_dio_rw+0x40/0xa0 [ 2698.310774] ext4_file_write_iter+0xe0b/0x1990 [ 2698.310799] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2698.310814] ? __kasan_kmalloc+0x7f/0x90 [ 2698.310826] ? trace_kmalloc+0x1f/0xb0 [ 2698.310837] ? __kmalloc_noprof+0x215/0x4b0 [ 2698.310853] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2698.310878] iter_file_splice_write+0x927/0x10c0 [ 2698.310905] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2698.310939] ? lock_is_held_type+0x9e/0x120 [ 2698.310950] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2698.310967] direct_splice_actor+0x192/0x7b0 [ 2698.310984] splice_direct_to_actor+0x347/0x9d0 [ 2698.311000] ? __pfx_direct_splice_actor+0x10/0x10 [ 2698.311019] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2698.311036] ? lock_acquire+0x15e/0x2f0 [ 2698.311052] do_splice_direct+0x179/0x250 [ 2698.311066] ? __pfx_do_splice_direct+0x10/0x10 [ 2698.311081] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2698.311098] ? security_file_permission+0x22/0x90 [ 2698.311116] do_sendfile+0xa8e/0xdc0 [ 2698.311138] ? __pfx_do_sendfile+0x10/0x10 [ 2698.311155] ? __fget_files+0x20d/0x3b0 [ 2698.311180] __x64_sys_sendfile64+0x1d3/0x210 [ 2698.311193] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2698.311213] do_syscall_64+0xbf/0x360 [ 2698.311228] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2698.311241] RIP: 0033:0x7fe5d2196b19 [ 2698.311251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2698.311263] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2698.311274] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2698.311283] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2698.311290] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2698.311297] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2698.311304] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2698.311325] [ 2698.341503] loop6: detected capacity change from 0 to 256 [ 2698.363234] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:31:10 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xf4ffffff00000000) [ 2698.418303] loop2: detected capacity change from 0 to 288 [ 2698.489439] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:31:22 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 27) 09:31:22 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020", 0x49, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:22 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0xb340) 09:31:22 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:22 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 30) 09:31:22 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xf5ffffff00000000) 09:31:22 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 30) 09:31:22 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, 0x0, 0x80, 0x1) [ 2709.764567] loop6: detected capacity change from 0 to 256 [ 2709.769351] loop2: detected capacity change from 0 to 288 [ 2709.790714] loop0: detected capacity change from 0 to 256 [ 2709.803657] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2709.835296] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:31:22 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, 0x0, 0x80, 0x1) 09:31:22 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:22 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xfbffffff00000000) 09:31:22 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020", 0x49, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:22 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0xb350) [ 2710.012068] loop0: detected capacity change from 0 to 256 [ 2710.056292] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:31:22 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 28) [ 2710.118156] loop6: detected capacity change from 0 to 256 09:31:22 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 31) 09:31:22 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 31) [ 2710.201027] loop2: detected capacity change from 0 to 288 09:31:22 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) [ 2710.230337] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:31:22 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:22 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xfeffffff00000000) [ 2710.304807] loop0: detected capacity change from 0 to 256 [ 2710.347298] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2710.380546] loop6: detected capacity change from 0 to 256 [ 2710.409564] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2710.425324] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:31:33 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 32) 09:31:33 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 32) 09:31:33 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:33 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020", 0x4a, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:33 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xffffff7f00000000) 09:31:33 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:33 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 29) 09:31:33 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0xb360) 09:31:33 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xffffffff00000000) [ 2720.635262] loop6: detected capacity change from 0 to 256 [ 2720.641436] FAULT_INJECTION: forcing a failure. [ 2720.641436] name failslab, interval 1, probability 0, space 0, times 0 [ 2720.642499] CPU: 0 UID: 0 PID: 16177 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2720.642516] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2720.642524] Call Trace: [ 2720.642529] [ 2720.642535] dump_stack_lvl+0xfa/0x120 [ 2720.642555] should_fail_ex+0x4d7/0x5e0 [ 2720.642579] ? jbd2__journal_start+0x193/0x6b0 [ 2720.642593] should_failslab+0xc2/0x120 [ 2720.642614] kmem_cache_alloc_noprof+0x5f/0x470 [ 2720.642632] ? lock_is_held_type+0x9e/0x120 [ 2720.642649] jbd2__journal_start+0x193/0x6b0 [ 2720.642666] __ext4_journal_start_sb+0x325/0x5d0 [ 2720.642684] ? ext4_convert_unwritten_extents+0x190/0x580 [ 2720.642702] ext4_convert_unwritten_extents+0x190/0x580 [ 2720.642719] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 2720.642743] ext4_dio_write_end_io+0x13a/0x710 [ 2720.642759] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2720.642777] iomap_dio_complete+0x14d/0x9e0 [ 2720.642799] iomap_dio_rw+0x73/0xa0 [ 2720.642817] ext4_file_write_iter+0xe0b/0x1990 [ 2720.642842] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2720.642857] ? __kasan_kmalloc+0x7f/0x90 [ 2720.642873] ? trace_kmalloc+0x1f/0xb0 [ 2720.642884] ? __kmalloc_noprof+0x215/0x4b0 [ 2720.642900] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2720.642921] iter_file_splice_write+0x927/0x10c0 [ 2720.642947] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2720.642980] ? lock_is_held_type+0x9e/0x120 [ 2720.642991] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2720.643009] direct_splice_actor+0x192/0x7b0 [ 2720.643026] splice_direct_to_actor+0x347/0x9d0 [ 2720.643042] ? __pfx_direct_splice_actor+0x10/0x10 [ 2720.643061] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2720.643077] ? lock_acquire+0x15e/0x2f0 [ 2720.643094] do_splice_direct+0x179/0x250 [ 2720.643108] ? __pfx_do_splice_direct+0x10/0x10 [ 2720.643123] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2720.643141] ? security_file_permission+0x22/0x90 [ 2720.643159] do_sendfile+0xa8e/0xdc0 [ 2720.643180] ? __pfx_do_sendfile+0x10/0x10 [ 2720.643199] ? perf_trace_preemptirq_template+0x259/0x430 [ 2720.643223] __x64_sys_sendfile64+0x1d3/0x210 [ 2720.643236] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2720.643256] do_syscall_64+0xbf/0x360 [ 2720.643271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2720.643285] RIP: 0033:0x7f85c6477b19 [ 2720.643295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2720.643307] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2720.643320] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2720.643328] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2720.643335] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2720.643342] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2720.643349] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2720.643369] [ 2720.662055] loop2: detected capacity change from 0 to 288 [ 2720.671382] loop0: detected capacity change from 0 to 256 [ 2720.681777] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2720.685484] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2720.708937] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2720.725679] FAULT_INJECTION: forcing a failure. [ 2720.725679] name failslab, interval 1, probability 0, space 0, times 0 [ 2720.727482] CPU: 1 UID: 0 PID: 16186 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2720.727515] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2720.727529] Call Trace: [ 2720.727538] [ 2720.727551] dump_stack_lvl+0xfa/0x120 [ 2720.727594] should_fail_ex+0x4d7/0x5e0 [ 2720.727647] ? jbd2__journal_start+0x193/0x6b0 [ 2720.727671] should_failslab+0xc2/0x120 [ 2720.727710] kmem_cache_alloc_noprof+0x5f/0x470 [ 2720.727743] ? lock_is_held_type+0x9e/0x120 [ 2720.727775] jbd2__journal_start+0x193/0x6b0 [ 2720.727808] __ext4_journal_start_sb+0x325/0x5d0 [ 2720.727843] ? ext4_convert_unwritten_extents+0x190/0x580 [ 2720.727885] ext4_convert_unwritten_extents+0x190/0x580 [ 2720.727918] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 2720.727966] ext4_dio_write_end_io+0x13a/0x710 [ 2720.727996] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2720.728031] iomap_dio_complete+0x14d/0x9e0 [ 2720.728075] iomap_dio_rw+0x73/0xa0 [ 2720.728110] ext4_file_write_iter+0xe0b/0x1990 [ 2720.728159] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2720.728189] ? __kasan_kmalloc+0x7f/0x90 [ 2720.728212] ? trace_kmalloc+0x1f/0xb0 [ 2720.728233] ? __kmalloc_noprof+0x215/0x4b0 [ 2720.728263] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2720.728303] iter_file_splice_write+0x927/0x10c0 [ 2720.728355] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2720.728421] ? lock_is_held_type+0x9e/0x120 [ 2720.728443] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2720.728476] direct_splice_actor+0x192/0x7b0 [ 2720.728510] splice_direct_to_actor+0x347/0x9d0 [ 2720.728540] ? __pfx_direct_splice_actor+0x10/0x10 [ 2720.728578] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2720.728611] ? lock_acquire+0x15e/0x2f0 [ 2720.728644] do_splice_direct+0x179/0x250 [ 2720.728672] ? __pfx_do_splice_direct+0x10/0x10 [ 2720.728702] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2720.728747] ? security_file_permission+0x22/0x90 [ 2720.728781] do_sendfile+0xa8e/0xdc0 [ 2720.728822] ? __pfx_do_sendfile+0x10/0x10 [ 2720.728860] ? perf_trace_preemptirq_template+0x259/0x430 [ 2720.728908] __x64_sys_sendfile64+0x1d3/0x210 [ 2720.728932] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2720.728971] do_syscall_64+0xbf/0x360 [ 2720.729001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2720.729025] RIP: 0033:0x7f7b6ab9db19 [ 2720.729044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2720.729067] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2720.729090] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2720.729106] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2720.729120] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2720.729134] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2720.729148] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2720.729188] [ 2720.793839] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:31:33 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:33 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0xb370) 09:31:33 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:33 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0xffffffffffffffff) [ 2720.871056] loop6: detected capacity change from 0 to 256 09:31:33 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 33) [ 2720.915075] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:31:33 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020", 0x4a, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2720.933168] loop0: detected capacity change from 0 to 256 [ 2720.940961] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:31:33 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 30) 09:31:33 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 33) [ 2721.026522] loop2: detected capacity change from 0 to 288 [ 2721.040416] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2721.047577] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:31:43 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:43 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 34) 09:31:43 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 31) 09:31:43 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r2 = open_tree(r1, &(0x7f00000001c0)='./file0\x00', 0xc900) r3 = getpgid(0x0) kcmp(0x0, r3, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0xff, 0x84, 0x1a, 0x1, 0x0, 0x0, 0x80c00, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2, @perf_bp={&(0x7f0000000000), 0xc}, 0x11114, 0x2aa4, 0xd8, 0xc, 0x4, 0x10000, 0xfffd, 0x0, 0x8, 0x0, 0x4}, r3, 0xf, r2, 0x8) ftruncate(r1, 0x0) ioctl$BTRFS_IOC_ADD_DEV(r0, 0x5000940a, &(0x7f0000000400)={{}, "74f1341238b49b2f86aeaf5a3bd21e190838d800f56cb3622cec5d3490579e04a110761b7a1f8a6219ee1397f330466802f2e8227dba1479651cedf6460ea85b753e22295507e9ea9e91379d1daf11f9ebc70a40da43f6cc34fc4b1d475bd964771a4a110056f8d20aea6161df161156a8d7b5b4ade71aa225c15b36e8b9f7743444a25caa03e91bb8926ea9be96c7a9e9896fb84053a0dd375aa59991301693f8d0567c105ccffabf87710d3caf7aa54e9c80f8f4ff344270aaeed9898a000747fa1ad0ace70ac19adbf2a13049851481662b25ee2bfc552368128440f9db2b976bfac30a189104700c83898640b4c0b79efe79755bb874e1131f31729497afda221182f5804c402dacb1c73b4ee391a9adaaf63437672540d7be0502bd974d0f522d530762b2a7441d59bd57f42de40d65d65440616355b144fee191effbe185edd34951ed3fa4eea3acf59da91ad32a60cd12866b2cbff9fc6160b0473380a82098be048cdf2e897b4fc994a65c5a5b7f4d901161bd51a775f17ee4b2858d2ed7b3a6bca700eeed832bf6d9438d8542a583d8754f19972a861a3bfdcce7c55ad5f45566af9ddddedc7309598da278faf1786e64d957e4df5b032b1c1ef12d2819aba5d2296cc405bba932a4c6f96298011f05755f9201d09af6363e5b988a430f9be2d1124e6a88e1e11b604343abedc54d5b529c62f9a7ffe048f67a2c46f1d001f541d68650133971d4e066eb59cb9a8d85b6216aff9e1d16040f3ac5c712866d1ae730489a76785cf16837e3e06ff71f9774209ed72ddc69ebc5e388497017292eed64318d70e0d3c0b34f2e6762e4b8fea97fa6b484122d8d39f5998fc45f7305c7219bb26ea8579c33ce603bb881218d2ab8ee0b1ae6afdf2033abfe6bd29bc7b09cc3d740bb0ce5ae2b1a887f16fa3060d121660bda797105819e03c364ced9e05f3ab829622338eb0ec6d28c6416cf985c7cd2d929faba6532f21a92440379c45dab61cf41bde3422e749a04ddcd588cedcb918660f191ec9b3b2da63b5eca085e7a4a943f44b5cc05058213b3c7db3672ef85c52d7a734c77d63b7b43425db822962280180c1df8711f7ae272c9f6f47519f6fb0212fa5fe06d3354e66a3a6cc0e304da91be474e954e462d3eac5b45e4866b0288fc9ceb44637b4b6aba29af05240fe3b065ef2b79a33fe76e909f89a5d813a08f1146554afe09897467ad7ff6c0d46135d968dc1d86423d6f55a73c2e46db8a2dae5a5aca1c708ee6d528f0dd5f332974a407d44d17b8634126db2813f1741b3e9c9dd4a90ca075535f4b1da0760f09b7d0161b2054c863907754450d1f33b58ac2d4801e8f6ff224231b5b778a054e28f38e61c18d4e99dfd515da82ae53d7c1bfa295c8bca371b7848a008ddcb914b157cbd479207dd22914d41922f5a4d1ae7a4182b4cb5f5808092d8bd450ce623837d400efefd02df4b2a6370f06767e8344293be99e47938d179b2061391eb2a435b6c15842063473ecdf99ffc2b39fd1c7fda2e71f9255c8207e6e944e0f4ce3a45de02eef514198c50cc512fecc0ec4f95c6a58c0950fe864d17510f6ec4c1164f2ac40a4caa317fa1dcfe9f55ff17839e9a2a1e499c9aa8a3dd885c8bc53e61e16923daa8c67ad7d49498fb48d0f926069eb5c9688d08d70143f59a06254efff4fed03116f852e5209cbc455fa223745090cb4af1927d6963e75e0bf8ddc0c27f5a3e05a48f013b24dd34983a5ecfd0814c10cbff92035a685b19d59ee0ee4a66dcdb0503cb96be8e55c21f4e7948e235c4c727de4e2a002f43354db1f07f5e76550498658c46ed7a18a08a629f85cf29c07f3098115316d7703e271d6b73c668657b084a32561e6a489ecf2bf7fa4352151fc85e941923df53d134a56f2e3879402a76933461da457f15e19133dc757f1d4b6696b9483f67e2e5c347fe51ae1f1cd89d3a207d8df59478e07f1ef5e0bc4d31a73f8b00d5167deb2eed0f0b0bf887ef1e711d77606d0215ef0cb455083095bf5b8f6f621d62d4f6e9e983d74828ce38e9b7ef7602cfab9186d40f16635549aec0c9be3ecdbd1008b99b62ffb9f212792f6ec897d7ed36cbbbb4aba8a6682c0bf50e92ec53ca22b337cac1a9105dd62d9c4223a4710cf98a312752dab827b17d951c68f19b70685d231fe9f64a43e7ca13be07559f54702538891aac9ca6784e0b8797de7893219150df452ecea545d9541a361ea4647f9b135499776defc4e1353f55aa9ebe63265a50771d66f0a9a727958125566571733b81c056d240a48cd07c13b4f4b302b412c7c4c749c58e0c486976047292d8d35d2b30229431ddb6cd167301f74ffba80adb9952415cc1c1620a86c9cedea67a0668da2b8ad616f9d843ddaf8f474646f6e3dafeaad63374a47f98fbc2e9c3f4e3aac5c36d1ece4a324ab665b32a10ab005b9515659e2943eb6b0b2de09aabaf5ea8b2e69e542c20b2bc09714ba565835770f31d9a1f9bf6b4cb896ac0e8631dfc08c3f7afaf039f96194afab5b5029380567642cfb6f7e2948d6f4e12382cadacc5335e46eb0f22cbb63b70c976a28c2e0649ed1bf6d48de28a88d2f355d7c9dbbfaf25b01ac601d8e62d80770f8e553a0442d3de4abac9f500d61438e4708264c39959433bb7d18565bf9154a9aacf352bf11ecd27553cf26cc3012f1d539d16a25d83f10a44bea459cc8cdbe2d0fff0b8aef69af9bcd5f0ff7c816c3fdebac402c5dcb4566c8a2ff613baa912afeb1f759702a4cb009d8d0cb5b7f4fe5d37e83ab0506db821aa1b6dc7d853b5df974cd1fc73e289f76b7452b8446b4793012a1f4175c1b2cfd083766be0445e75da9c6da3bedf16334aa1d02369de4dbb54900bd5fb4e3fcef786143d96dd95ef4cf78fe01c107de7fd57758f5dba515699678f7ce9a80955b8bc52cc2cfb3230e6490fb4fd5059543e91944e036df0426e30c9bef0553802d99c7576dc9d16090f94ad68bf73863852440c9a9e9d6099bf8c9cdefafb8fc85fd65df271849141a3924eb9d3ad2b05db8f9cbb5ee5c4ced3485fc89dc5356550c48a3b4ba450beb47c5bd11c3936e398d8da7870f15b8df4548a200cd65feaf21556aa1b4fdf66391b4b103cdd5e0d842fb12b7a201a95eb7cefcc69535957e109a0b1ba6b07a2600facf1fa15ebc47a0391623a6b2c992cb27cf490b5c030b481e764bf9456efaddcc36182c2937431db1a303acefac88c4366892e94f6101b9e8f7fa2b12494b2486b0a70d181b473672f000070919ac2f7cd535d2aeeb81a381deb3287db0c56e4fca4e277d15d3123c780acc7a6d18f8efbf653418c7a06eaab0589a8d38399ef23d7490fe13eb79515e047c5003405185895186e8715de7b9f074043aff42a0602dfaea1f3725ced359c14a9b14eee68c5acf0cebc5dc181bb1d84c59850ece9923ce49499c357eb4d5d2e917c1a8a741b8181270f38cc8ef66aef707fb0c808a76e0e479119dff2eb6ae30fb051dafca4946368852f82f9ef427013cae9db077e0e9990b8964a4dcca1e0d7ce94c9125d30f3045aaa68d3d02e4e2d4c2c89d551739f8a629621b3fe78d0ff6311b3b0929015d93f1da427fec4d94d6ee5e7f1da793df99583ad18443774a11e5c7cfcf8bb6839032bcfd12f0753b64028e794e44145d7125a3c7cf052468a2adc36662672669547a1e0a78fa7c50b4d816dfd32bad57984c72bd71e04d3d7643813a5b52f2578ded8c4dbd2acbdeda44d3b94f864b58646847d53fafcc1a1aa395bb972ec87a807ac2ebfa9628746daa787fe2dc2fd5a12eaff55dfce7b7507f681b69882822c97735fdd5229fa44aa8baf27dcdb05076f618cc9198508500a2f3d54d7a2599e1fe0f02df55cff744163e419b688319e6e60bf1fa53e2844e2ae222ad00bc3def6095ad47908463186830124e3697a29e7f373434c411f99ab308114056e59ff7564ab786e19b8a055ac3cfec0cf7d63d6b33d555368e4f3e35a52c7ce33dc8751769d4dd9fe927c437e5c29fee2d153fd7d3f61435972804f7ceb649974f70607d6dc23e1afe6ad79c8b8f9d7b9350a09797cfae7ca66bfc3c9c4d476614fdb899055ab56c0c6086c16708ea035f0b72d523ff3dbd32d5f78673508e8459f944e60bc8b3f3d749cbdf12e585e5554590548cfe630562a3e286a2683f4710489d429d59a6b69774f08a1d5b59de192736b5f1865bda9fefa78bf93f7cce5398c2d3ddd1bc069d8a8543435303486545d006cde25ba09f6b0c33fccb9c6b746edec3fe27a2d39f3b095cf97b467b4905d925de4982197a9c24c10f71ca674907962a47269be2bc19f4a7339287213b5eb19455796e3411978f220a8d1933437f29369ad2ca7c38cbfddbe51c0c667c4851dabb469efcac661010c90b96ae1e72bfe66410f8f8186bebcc9524cd8290f69ac399ada9cb29f59cf3d895b99ed827417bda16bcfb117d595abcbaf5da46ad55f26b899d2cb61d464d903693a186ef3d2fd335efb3f997d88600c294a2e2ca1ee7addaced85b7af78e45754cac4ea9c0af5e05f9df55177bf9657693ed9fa8940fff0f39f3f30db871c479ae4b36a614c202aeb127b879347b4449c6c726b80009a91c818820b82e1bfedb81cbc3e5bf92f1c87984150d1585b3dfa7cc40169d8db95c238a8af0bb727862036f9d137c0f22b46c22bec544dfb48c3f7ab7bffdaef7d9bfeb68bcbce87d810cacba1c5dc09735cf3e2c55adce64a5f69c4c2a6634279525ac0186f5e0fe931dc8a36ca8e68703d6235fc5ce412218412d51bdf2f61a98d509f1b31ff3ddd57bb222884ce57b1f8e44552e505fc2c4a2b075169375512f4d4a4b4fb2ff87399d32a3bbc5bfc7492987537b542b103025c1b6c5c71125e76b86dcfd8fa63c495ae31242488ca9ebf5cd433317821de3f0e0fcef40577e0d819f4b52541846addca7ea57419a69b57b455479cf1f79af7c0d57a97b38c2406ce4fcb000a8cbd2ce1fc06a9e0cd25d0f59d2ec97410083c0d71153394c9055cddc27f894b8edf227b814dd583ae65f12baff7a7ad9ced1411c96d3c86e957e8e0b1165503e1e305b92137a93da80b3df5d76ee00ff3c80ca71f18a232aa3f2d66fa93889aa9900116b0b2aed645bca69c4e80ae3ee5b440f67ce7d9287300a1d51bf8486deb3ed7f8b35e7e8391db57b9123e65a528665f7b611d31ca25ee954a0dce5515aeddbf8e52f9e4c2e471bab8515492a981b93a01a7af49581056645d6ee648c1e37a6de443375ab2b221edf83f2c7ca24cb0accebdaad06e23a52b71ec3e026ef17d681c9073e6b1a6e3b08921da5ac11d23b882255404aad2407e132629ac760560d5002fd95d94f6db2f4657bd436006a5f75b0eadf524ce7a0356bd3c97addb64c2f0f80d1039852893423f3a2f1f92e81e0c660a9ed5849205306c8b7ec3f527c1d77c3aa96cb1c47a5478546e09487e5f7814b14833cf7013b0015a409fedabd4b8d57b11c15f21c76eb7cbebe3c8941cd5281a8b8a7c17e54f3b4a47c5b515fb3ac7a4b8cb53c9c2cdb1604633a6af267374b3395df13dda1e44edfcfd7d49311b1d26f93b3d72e2781f689b3b5ffe378440f96d274c36cc8ad0b0b29282c395c438723db1c84dc89a59bbda5af3678d42f02256cc6c3f728d13611bba8fa46bcee7326928101c9970c4d1340e9b4b986f7df9ab3bc4abc8554e2d0a4344a706e2bde1bff12f64d8f35aeb7c6d8907bce07c8c4a6ff36d938d0620a7b734ac54388"}) pipe2(&(0x7f0000000080)={0xffffffffffffffff}, 0x80800) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000180)={{0x1, 0x1, 0x18, r4, {0x8, 0x1}}, './file0\x00'}) 09:31:43 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020", 0x4a, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:43 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 34) 09:31:43 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0xb37f) 09:31:43 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, 0x0, 0x80, 0x1) [ 2731.042078] loop0: detected capacity change from 0 to 256 [ 2731.043092] loop2: detected capacity change from 0 to 288 [ 2731.053009] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2731.055616] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2731.070974] loop6: detected capacity change from 0 to 256 [ 2731.098334] FAULT_INJECTION: forcing a failure. [ 2731.098334] name failslab, interval 1, probability 0, space 0, times 0 [ 2731.100452] CPU: 1 UID: 0 PID: 16231 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2731.100484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2731.100499] Call Trace: [ 2731.100507] [ 2731.100516] dump_stack_lvl+0xfa/0x120 [ 2731.100549] should_fail_ex+0x4d7/0x5e0 [ 2731.100594] ? __es_insert_extent+0xed2/0x1370 [ 2731.100620] should_failslab+0xc2/0x120 [ 2731.100659] kmem_cache_alloc_noprof+0x5f/0x470 [ 2731.100692] ? __pfx___es_remove_extent+0x10/0x10 [ 2731.100718] ? ext4_es_can_be_merged.isra.0+0x13b/0x160 [ 2731.100756] __es_insert_extent+0xed2/0x1370 [ 2731.100805] ext4_es_insert_extent+0x4d0/0x1100 [ 2731.100864] ? __pfx_ext4_es_insert_extent+0x10/0x10 [ 2731.100900] ? lock_acquire+0x15e/0x2f0 [ 2731.100925] ? ext4_map_blocks+0x569/0x15a0 [ 2731.100973] ? down_write+0x119/0x1f0 [ 2731.101000] ? __pfx_down_write+0x10/0x10 [ 2731.101024] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2731.101065] ext4_map_blocks+0x815/0x15a0 [ 2731.101109] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2731.101137] ? lock_is_held_type+0x9e/0x120 [ 2731.101169] ? jbd2__journal_start+0xf6/0x6b0 [ 2731.101203] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2731.101236] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2731.101269] ? ext4_convert_unwritten_extents+0x190/0x580 [ 2731.101304] ext4_convert_unwritten_extents+0x1ca/0x580 [ 2731.101337] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 2731.101386] ext4_dio_write_end_io+0x13a/0x710 [ 2731.101416] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2731.101452] iomap_dio_complete+0x14d/0x9e0 [ 2731.101496] iomap_dio_rw+0x73/0xa0 [ 2731.101532] ext4_file_write_iter+0xe0b/0x1990 [ 2731.101582] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2731.101612] ? __kasan_kmalloc+0x7f/0x90 [ 2731.101635] ? trace_kmalloc+0x1f/0xb0 [ 2731.101656] ? __kmalloc_noprof+0x215/0x4b0 [ 2731.101687] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2731.101727] iter_file_splice_write+0x927/0x10c0 [ 2731.101782] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2731.101851] ? lock_is_held_type+0x9e/0x120 [ 2731.101874] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2731.101907] direct_splice_actor+0x192/0x7b0 [ 2731.101941] splice_direct_to_actor+0x347/0x9d0 [ 2731.101973] ? __pfx_direct_splice_actor+0x10/0x10 [ 2731.102012] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2731.102045] ? lock_acquire+0x15e/0x2f0 [ 2731.102077] do_splice_direct+0x179/0x250 [ 2731.102105] ? __pfx_do_splice_direct+0x10/0x10 [ 2731.102135] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2731.102170] ? security_file_permission+0x22/0x90 [ 2731.102204] do_sendfile+0xa8e/0xdc0 [ 2731.102248] ? __pfx_do_sendfile+0x10/0x10 [ 2731.102281] ? __fget_files+0x20d/0x3b0 [ 2731.102329] __x64_sys_sendfile64+0x1d3/0x210 [ 2731.102355] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2731.102395] do_syscall_64+0xbf/0x360 [ 2731.102425] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2731.102450] RIP: 0033:0x7f85c6477b19 [ 2731.102468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2731.102491] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2731.102513] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2731.102529] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2731.102544] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2731.102558] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2731.102572] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2731.102613] [ 2731.171078] FAULT_INJECTION: forcing a failure. [ 2731.171078] name failslab, interval 1, probability 0, space 0, times 0 [ 2731.172919] CPU: 1 UID: 0 PID: 16238 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2731.172951] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2731.172965] Call Trace: [ 2731.172974] [ 2731.172984] dump_stack_lvl+0xfa/0x120 [ 2731.173014] should_fail_ex+0x4d7/0x5e0 [ 2731.173058] ? ext4_find_extent+0x7f5/0xa00 [ 2731.173079] should_failslab+0xc2/0x120 [ 2731.173118] __kmalloc_noprof+0xb4/0x4b0 [ 2731.173160] ext4_find_extent+0x7f5/0xa00 [ 2731.173194] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2731.173239] ? unwind_next_frame+0x3bc/0x2540 [ 2731.173272] ? do_syscall_64+0xbf/0x360 [ 2731.173300] ? perf_trace_lock_acquire+0xc9/0x700 [ 2731.173327] ? perf_trace_lock_acquire+0xc9/0x700 [ 2731.173361] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2731.173405] ? lock_acquire+0x15e/0x2f0 [ 2731.173429] ? ext4_map_blocks+0x569/0x15a0 [ 2731.173477] ? down_write+0x119/0x1f0 [ 2731.173502] ? __pfx_down_write+0x10/0x10 [ 2731.173526] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2731.173567] ext4_map_blocks+0x630/0x15a0 [ 2731.173610] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2731.173638] ? lock_is_held_type+0x9e/0x120 [ 2731.173670] ? jbd2__journal_start+0xf6/0x6b0 [ 2731.173703] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2731.173736] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2731.173769] ? ext4_convert_unwritten_extents+0x190/0x580 [ 2731.173804] ext4_convert_unwritten_extents+0x1ca/0x580 [ 2731.173837] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 2731.173892] ext4_dio_write_end_io+0x13a/0x710 [ 2731.173923] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2731.173958] iomap_dio_complete+0x14d/0x9e0 [ 2731.174002] iomap_dio_rw+0x73/0xa0 [ 2731.174038] ext4_file_write_iter+0xe0b/0x1990 [ 2731.174088] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2731.174117] ? __kasan_kmalloc+0x7f/0x90 [ 2731.174142] ? trace_kmalloc+0x1f/0xb0 [ 2731.174163] ? __kmalloc_noprof+0x215/0x4b0 [ 2731.174194] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2731.174234] iter_file_splice_write+0x927/0x10c0 [ 2731.174286] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2731.174354] ? lock_is_held_type+0x9e/0x120 [ 2731.174376] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2731.174409] direct_splice_actor+0x192/0x7b0 [ 2731.174443] splice_direct_to_actor+0x347/0x9d0 [ 2731.174475] ? __pfx_direct_splice_actor+0x10/0x10 [ 2731.174513] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2731.174545] ? lock_acquire+0x15e/0x2f0 [ 2731.174577] do_splice_direct+0x179/0x250 [ 2731.174605] ? __pfx_do_splice_direct+0x10/0x10 [ 2731.174634] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2731.174668] ? security_file_permission+0x22/0x90 [ 2731.174702] do_sendfile+0xa8e/0xdc0 [ 2731.174745] ? __pfx_do_sendfile+0x10/0x10 [ 2731.174777] ? __fget_files+0x20d/0x3b0 [ 2731.174825] __x64_sys_sendfile64+0x1d3/0x210 [ 2731.174850] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2731.174890] do_syscall_64+0xbf/0x360 [ 2731.174919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2731.174942] RIP: 0033:0x7f7b6ab9db19 [ 2731.174961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2731.174984] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2731.175007] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2731.175023] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2731.175037] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2731.175051] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2731.175065] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2731.175106] [ 2731.233442] EXT4-fs warning (device sda): ext4_convert_unwritten_extents:4936: inode #16063: block 0: len 16: ext4_ext_map_blocks returned -12 09:31:43 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:43 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {0x0, 0x0, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:43 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0xb380) [ 2731.239327] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2731.244240] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:31:43 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1) syncfs(r0) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x80) ftruncate(r1, 0x0) 09:31:43 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, 0x0, 0x80, 0x1) [ 2731.418295] loop0: detected capacity change from 0 to 288 [ 2731.437864] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:31:43 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 35) 09:31:43 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 35) [ 2731.496731] loop6: detected capacity change from 0 to 256 [ 2731.505638] loop2: detected capacity change from 0 to 256 [ 2731.513417] FAT-fs (loop2): invalid media value (0x00) [ 2731.513852] FAT-fs (loop2): Can't find a valid FAT filesystem 09:31:43 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) (fail_nth: 1) [ 2731.551520] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2731.586400] loop0: detected capacity change from 0 to 256 [ 2731.592864] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2731.595713] FAULT_INJECTION: forcing a failure. [ 2731.595713] name failslab, interval 1, probability 0, space 0, times 0 [ 2731.596705] CPU: 0 UID: 0 PID: 16262 Comm: syz-executor.0 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2731.596722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2731.596729] Call Trace: [ 2731.596734] [ 2731.596739] dump_stack_lvl+0xfa/0x120 [ 2731.596759] should_fail_ex+0x4d7/0x5e0 [ 2731.596782] ? getname_flags.part.0+0x48/0x540 [ 2731.596796] should_failslab+0xc2/0x120 [ 2731.596816] kmem_cache_alloc_noprof+0x5f/0x470 [ 2731.596839] getname_flags.part.0+0x48/0x540 [ 2731.596864] getname_flags+0x95/0xe0 [ 2731.596884] __x64_sys_mknodat+0xa0/0xe0 [ 2731.596903] do_syscall_64+0xbf/0x360 [ 2731.596917] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2731.596931] RIP: 0033:0x7f85ae2c3b19 [ 2731.596940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2731.596952] RSP: 002b:00007f85ab839188 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 2731.596964] RAX: ffffffffffffffda RBX: 00007f85ae3d6f60 RCX: 00007f85ae2c3b19 [ 2731.596972] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2731.596979] RBP: 00007f85ab8391d0 R08: 0000000000000000 R09: 0000000000000000 [ 2731.596987] R10: 0000000000000701 R11: 0000000000000246 R12: 0000000000000001 [ 2731.596994] R13: 00007ffcbc7d799f R14: 00007f85ab839300 R15: 0000000000022000 [ 2731.597013] [ 2731.652887] FAULT_INJECTION: forcing a failure. [ 2731.652887] name failslab, interval 1, probability 0, space 0, times 0 [ 2731.653809] CPU: 0 UID: 0 PID: 16263 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2731.653826] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2731.653834] Call Trace: [ 2731.653839] [ 2731.653844] dump_stack_lvl+0xfa/0x120 [ 2731.653865] should_fail_ex+0x4d7/0x5e0 [ 2731.653894] ? ext4_find_extent+0x7f5/0xa00 [ 2731.653906] should_failslab+0xc2/0x120 [ 2731.653928] __kmalloc_noprof+0xb4/0x4b0 [ 2731.653945] ? __pfx_perf_tp_event+0x10/0x10 [ 2731.653964] ext4_find_extent+0x7f5/0xa00 [ 2731.653982] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2731.654005] ? unwind_next_frame+0x3bc/0x2540 [ 2731.654022] ? do_syscall_64+0xbf/0x360 [ 2731.654037] ? perf_trace_lock_acquire+0xc9/0x700 [ 2731.654052] ? perf_trace_lock_acquire+0xc9/0x700 [ 2731.654070] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2731.654092] ? lock_acquire+0x15e/0x2f0 [ 2731.654105] ? ext4_map_blocks+0x569/0x15a0 [ 2731.654129] ? down_write+0x119/0x1f0 [ 2731.654143] ? __pfx_down_write+0x10/0x10 [ 2731.654155] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2731.654175] ext4_map_blocks+0x630/0x15a0 [ 2731.654197] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2731.654211] ? lock_is_held_type+0x9e/0x120 [ 2731.654227] ? jbd2__journal_start+0xf6/0x6b0 [ 2731.654245] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2731.654262] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2731.654278] ? ext4_convert_unwritten_extents+0x190/0x580 [ 2731.654295] ext4_convert_unwritten_extents+0x1ca/0x580 [ 2731.654312] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 2731.654336] ext4_dio_write_end_io+0x13a/0x710 [ 2731.654351] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2731.654369] iomap_dio_complete+0x14d/0x9e0 [ 2731.654392] iomap_dio_rw+0x73/0xa0 [ 2731.654410] ext4_file_write_iter+0xe0b/0x1990 [ 2731.654435] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2731.654450] ? __kasan_kmalloc+0x7f/0x90 [ 2731.654462] ? trace_kmalloc+0x1f/0xb0 [ 2731.654473] ? __kmalloc_noprof+0x215/0x4b0 [ 2731.654489] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2731.654509] iter_file_splice_write+0x927/0x10c0 [ 2731.654536] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2731.654570] ? lock_is_held_type+0x9e/0x120 [ 2731.654581] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2731.654598] direct_splice_actor+0x192/0x7b0 [ 2731.654615] splice_direct_to_actor+0x347/0x9d0 [ 2731.654631] ? __pfx_direct_splice_actor+0x10/0x10 [ 2731.654650] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2731.654667] ? lock_acquire+0x15e/0x2f0 [ 2731.654683] do_splice_direct+0x179/0x250 [ 2731.654697] ? __pfx_do_splice_direct+0x10/0x10 [ 2731.654712] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2731.654729] ? security_file_permission+0x22/0x90 [ 2731.654746] do_sendfile+0xa8e/0xdc0 [ 2731.654769] ? __pfx_do_sendfile+0x10/0x10 [ 2731.654788] ? perf_trace_preemptirq_template+0x259/0x430 [ 2731.654812] __x64_sys_sendfile64+0x1d3/0x210 [ 2731.654825] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2731.654845] do_syscall_64+0xbf/0x360 [ 2731.654860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2731.654874] RIP: 0033:0x7f85c6477b19 [ 2731.654884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2731.654896] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2731.654908] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2731.654915] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2731.654922] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2731.654929] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2731.654936] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2731.654957] [ 2731.682064] EXT4-fs warning (device sda): ext4_convert_unwritten_extents:4936: inode #16003: block 0: len 16: ext4_ext_map_blocks returned -12 09:31:54 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 36) 09:31:54 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x154) 09:31:54 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:31:54 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) (fail_nth: 2) 09:31:54 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 32) 09:31:54 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 36) 09:31:54 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x20000) 09:31:54 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, 0x0, 0x80, 0x1) [ 2742.041023] loop0: detected capacity change from 0 to 256 [ 2742.052741] FAULT_INJECTION: forcing a failure. [ 2742.052741] name failslab, interval 1, probability 0, space 0, times 0 [ 2742.053703] CPU: 0 UID: 0 PID: 16274 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2742.053720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2742.053727] Call Trace: [ 2742.053732] [ 2742.053738] dump_stack_lvl+0xfa/0x120 [ 2742.053758] should_fail_ex+0x4d7/0x5e0 [ 2742.053782] ? __es_insert_extent+0xed2/0x1370 [ 2742.053796] should_failslab+0xc2/0x120 [ 2742.053816] kmem_cache_alloc_noprof+0x5f/0x470 [ 2742.053834] ? __pfx___es_remove_extent+0x10/0x10 [ 2742.053847] ? ext4_es_can_be_merged.isra.0+0x13b/0x160 [ 2742.053870] __es_insert_extent+0xed2/0x1370 [ 2742.053895] ext4_es_insert_extent+0x4d0/0x1100 [ 2742.053917] ? __pfx_ext4_es_insert_extent+0x10/0x10 [ 2742.053932] ? lock_acquire+0x15e/0x2f0 [ 2742.053945] ? ext4_map_blocks+0x569/0x15a0 [ 2742.053970] ? down_write+0x119/0x1f0 [ 2742.053984] ? __pfx_down_write+0x10/0x10 [ 2742.053996] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2742.054017] ext4_map_blocks+0x815/0x15a0 [ 2742.054038] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2742.054052] ? lock_is_held_type+0x9e/0x120 [ 2742.054069] ? jbd2__journal_start+0xf6/0x6b0 [ 2742.054086] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2742.054103] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2742.054120] ? ext4_convert_unwritten_extents+0x190/0x580 [ 2742.054137] ext4_convert_unwritten_extents+0x1ca/0x580 [ 2742.054153] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 2742.054178] ext4_dio_write_end_io+0x13a/0x710 [ 2742.054193] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2742.054211] iomap_dio_complete+0x14d/0x9e0 [ 2742.054234] iomap_dio_rw+0x73/0xa0 [ 2742.054252] ext4_file_write_iter+0xe0b/0x1990 [ 2742.054277] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2742.054292] ? __kasan_kmalloc+0x7f/0x90 [ 2742.054304] ? trace_kmalloc+0x1f/0xb0 [ 2742.054315] ? __kmalloc_noprof+0x215/0x4b0 [ 2742.054331] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2742.054352] iter_file_splice_write+0x927/0x10c0 [ 2742.054378] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2742.054412] ? lock_is_held_type+0x9e/0x120 [ 2742.054424] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2742.054440] direct_splice_actor+0x192/0x7b0 [ 2742.054457] splice_direct_to_actor+0x347/0x9d0 [ 2742.054473] ? __pfx_direct_splice_actor+0x10/0x10 [ 2742.054492] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2742.054509] ? lock_acquire+0x15e/0x2f0 [ 2742.054525] do_splice_direct+0x179/0x250 [ 2742.054539] ? __pfx_do_splice_direct+0x10/0x10 [ 2742.054554] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2742.054571] ? security_file_permission+0x22/0x90 [ 2742.054589] do_sendfile+0xa8e/0xdc0 [ 2742.054611] ? __pfx_do_sendfile+0x10/0x10 [ 2742.054630] ? perf_trace_preemptirq_template+0x259/0x430 [ 2742.054655] __x64_sys_sendfile64+0x1d3/0x210 [ 2742.054667] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2742.054687] do_syscall_64+0xbf/0x360 [ 2742.054703] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2742.054716] RIP: 0033:0x7f85c6477b19 [ 2742.054726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2742.054737] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2742.054749] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2742.054758] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2742.054764] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2742.054772] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2742.054779] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2742.054799] [ 2742.096941] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2742.117745] loop6: detected capacity change from 0 to 256 [ 2742.121348] loop2: detected capacity change from 0 to 256 [ 2742.122440] FAULT_INJECTION: forcing a failure. [ 2742.122440] name failslab, interval 1, probability 0, space 0, times 0 [ 2742.124081] CPU: 1 UID: 0 PID: 16279 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2742.124111] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2742.124124] Call Trace: [ 2742.124133] [ 2742.124142] dump_stack_lvl+0xfa/0x120 [ 2742.124175] should_fail_ex+0x4d7/0x5e0 [ 2742.124218] ? jbd2__journal_start+0x193/0x6b0 [ 2742.124242] should_failslab+0xc2/0x120 [ 2742.124280] kmem_cache_alloc_noprof+0x5f/0x470 [ 2742.124312] ? lock_is_held_type+0x9e/0x120 [ 2742.124343] jbd2__journal_start+0x193/0x6b0 [ 2742.124373] __ext4_journal_start_sb+0x325/0x5d0 [ 2742.124407] ? ext4_convert_unwritten_extents+0x190/0x580 [ 2742.124439] ext4_convert_unwritten_extents+0x190/0x580 [ 2742.124471] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 2742.124516] ext4_dio_write_end_io+0x13a/0x710 [ 2742.124545] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2742.124578] iomap_dio_complete+0x14d/0x9e0 [ 2742.124628] iomap_dio_rw+0x73/0xa0 [ 2742.124662] ext4_file_write_iter+0xe0b/0x1990 [ 2742.124712] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2742.124740] ? __kasan_kmalloc+0x7f/0x90 [ 2742.124762] ? trace_kmalloc+0x1f/0xb0 [ 2742.124783] ? __kmalloc_noprof+0x215/0x4b0 [ 2742.124811] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2742.124850] iter_file_splice_write+0x927/0x10c0 [ 2742.124905] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2742.125000] ? lock_is_held_type+0x9e/0x120 [ 2742.125021] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2742.125052] direct_splice_actor+0x192/0x7b0 [ 2742.125084] splice_direct_to_actor+0x347/0x9d0 [ 2742.125114] ? __pfx_direct_splice_actor+0x10/0x10 [ 2742.125149] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2742.125179] ? lock_acquire+0x15e/0x2f0 [ 2742.125211] do_splice_direct+0x179/0x250 [ 2742.125237] ? __pfx_do_splice_direct+0x10/0x10 [ 2742.125264] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2742.125296] ? security_file_permission+0x22/0x90 [ 2742.125329] do_sendfile+0xa8e/0xdc0 [ 2742.125369] ? __pfx_do_sendfile+0x10/0x10 [ 2742.125400] ? __fget_files+0x20d/0x3b0 [ 2742.125444] __x64_sys_sendfile64+0x1d3/0x210 [ 2742.125468] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2742.125505] do_syscall_64+0xbf/0x360 [ 2742.125533] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2742.125557] RIP: 0033:0x7fe5d2196b19 [ 2742.125574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2742.125596] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2742.125617] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2742.125632] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2742.125646] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2742.125659] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2742.125672] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2742.125709] [ 2742.170545] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2742.177166] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2742.206801] FAT-fs (loop2): invalid media value (0x00) [ 2742.207313] FAT-fs (loop2): Can't find a valid FAT filesystem 09:31:54 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) (fail_nth: 3) 09:31:54 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 33) 09:31:54 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x400, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x11) mmap(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x100000c, 0x4010, r0, 0xdf083000) ftruncate(r0, 0x0) [ 2742.254351] FAULT_INJECTION: forcing a failure. [ 2742.254351] name failslab, interval 1, probability 0, space 0, times 0 [ 2742.255484] CPU: 0 UID: 0 PID: 16285 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2742.255501] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2742.255508] Call Trace: [ 2742.255513] [ 2742.255518] dump_stack_lvl+0xfa/0x120 [ 2742.255539] should_fail_ex+0x4d7/0x5e0 [ 2742.255562] ? __es_insert_extent+0xed2/0x1370 [ 2742.255577] should_failslab+0xc2/0x120 [ 2742.255597] kmem_cache_alloc_noprof+0x5f/0x470 [ 2742.255615] ? __pfx___es_remove_extent+0x10/0x10 [ 2742.255628] ? ext4_es_can_be_merged.isra.0+0x13b/0x160 [ 2742.255647] __es_insert_extent+0xed2/0x1370 [ 2742.255672] ext4_es_insert_extent+0x4d0/0x1100 [ 2742.255694] ? __pfx_ext4_es_insert_extent+0x10/0x10 [ 2742.255710] ? lock_acquire+0x15e/0x2f0 [ 2742.255723] ? ext4_map_blocks+0x569/0x15a0 [ 2742.255748] ? down_write+0x119/0x1f0 [ 2742.255762] ? __pfx_down_write+0x10/0x10 [ 2742.255774] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2742.255795] ext4_map_blocks+0x815/0x15a0 [ 2742.255817] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2742.255831] ? lock_is_held_type+0x9e/0x120 [ 2742.255847] ? jbd2__journal_start+0xf6/0x6b0 [ 2742.255869] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2742.255887] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2742.255903] ? ext4_convert_unwritten_extents+0x190/0x580 [ 2742.255925] ext4_convert_unwritten_extents+0x1ca/0x580 [ 2742.255941] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 2742.255966] ext4_dio_write_end_io+0x13a/0x710 [ 2742.255981] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2742.255999] iomap_dio_complete+0x14d/0x9e0 [ 2742.256022] iomap_dio_rw+0x73/0xa0 [ 2742.256040] ext4_file_write_iter+0xe0b/0x1990 [ 2742.256065] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2742.256080] ? __kasan_kmalloc+0x7f/0x90 [ 2742.256092] ? trace_kmalloc+0x1f/0xb0 [ 2742.256105] ? __kmalloc_noprof+0x215/0x4b0 [ 2742.256120] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2742.256141] iter_file_splice_write+0x927/0x10c0 [ 2742.256168] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2742.256202] ? lock_is_held_type+0x9e/0x120 [ 2742.256214] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2742.256230] direct_splice_actor+0x192/0x7b0 [ 2742.256247] splice_direct_to_actor+0x347/0x9d0 [ 2742.256263] ? __pfx_direct_splice_actor+0x10/0x10 [ 2742.256283] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2742.256299] ? lock_acquire+0x15e/0x2f0 [ 2742.256316] do_splice_direct+0x179/0x250 [ 2742.256330] ? __pfx_do_splice_direct+0x10/0x10 [ 2742.256345] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2742.256362] ? security_file_permission+0x22/0x90 [ 2742.256380] do_sendfile+0xa8e/0xdc0 [ 2742.256402] ? __pfx_do_sendfile+0x10/0x10 [ 2742.256421] ? perf_trace_preemptirq_template+0x259/0x430 [ 2742.256446] __x64_sys_sendfile64+0x1d3/0x210 [ 2742.256459] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2742.256479] do_syscall_64+0xbf/0x360 [ 2742.256495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2742.256508] RIP: 0033:0x7f7b6ab9db19 [ 2742.256519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2742.256531] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2742.256543] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2742.256551] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2742.256558] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2742.256566] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2742.256573] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2742.256594] 09:31:54 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) 09:31:54 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 37) 09:31:54 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2742.383475] loop0: detected capacity change from 0 to 256 [ 2742.396573] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2742.401409] FAULT_INJECTION: forcing a failure. [ 2742.401409] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2742.402361] CPU: 0 UID: 0 PID: 16290 Comm: syz-executor.0 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2742.402377] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2742.402385] Call Trace: [ 2742.402389] [ 2742.402395] dump_stack_lvl+0xfa/0x120 [ 2742.402414] should_fail_ex+0x4d7/0x5e0 [ 2742.402439] strncpy_from_user+0x3b/0x2f0 [ 2742.402458] getname_flags.part.0+0x8d/0x540 [ 2742.402476] getname_flags+0x95/0xe0 [ 2742.402493] __x64_sys_mknodat+0xa0/0xe0 [ 2742.402511] do_syscall_64+0xbf/0x360 [ 2742.402526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2742.402540] RIP: 0033:0x7f85ae2c3b19 [ 2742.402550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 09:31:54 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x30000) [ 2742.402562] RSP: 002b:00007f85ab839188 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 2742.402574] RAX: ffffffffffffffda RBX: 00007f85ae3d6f60 RCX: 00007f85ae2c3b19 [ 2742.402582] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2742.402589] RBP: 00007f85ab8391d0 R08: 0000000000000000 R09: 0000000000000000 [ 2742.402596] R10: 0000000000000701 R11: 0000000000000246 R12: 0000000000000001 [ 2742.402603] R13: 00007ffcbc7d799f R14: 00007f85ab839300 R15: 0000000000022000 [ 2742.402622] [ 2742.442591] loop6: detected capacity change from 0 to 256 [ 2742.446280] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2742.464566] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2742.516291] FAULT_INJECTION: forcing a failure. [ 2742.516291] name failslab, interval 1, probability 0, space 0, times 0 [ 2742.518238] CPU: 1 UID: 0 PID: 16296 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2742.518268] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2742.518282] Call Trace: [ 2742.518290] [ 2742.518299] dump_stack_lvl+0xfa/0x120 [ 2742.518331] should_fail_ex+0x4d7/0x5e0 [ 2742.518374] ? jbd2__journal_start+0x193/0x6b0 [ 2742.518399] should_failslab+0xc2/0x120 [ 2742.518436] kmem_cache_alloc_noprof+0x5f/0x470 [ 2742.518467] ? lock_is_held_type+0x9e/0x120 [ 2742.518498] jbd2__journal_start+0x193/0x6b0 [ 2742.518529] __ext4_journal_start_sb+0x325/0x5d0 [ 2742.518563] ? ext4_convert_unwritten_extents+0x190/0x580 [ 2742.518595] ext4_convert_unwritten_extents+0x190/0x580 [ 2742.518627] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 2742.518672] ext4_dio_write_end_io+0x13a/0x710 [ 2742.518700] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2742.518733] iomap_dio_complete+0x14d/0x9e0 [ 2742.518773] iomap_dio_rw+0x73/0xa0 [ 2742.518807] ext4_file_write_iter+0xe0b/0x1990 [ 2742.518852] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2742.518888] ? __kasan_kmalloc+0x7f/0x90 [ 2742.518910] ? trace_kmalloc+0x1f/0xb0 [ 2742.518931] ? __kmalloc_noprof+0x215/0x4b0 [ 2742.518959] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2742.518997] iter_file_splice_write+0x927/0x10c0 [ 2742.519045] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2742.519107] ? lock_is_held_type+0x9e/0x120 [ 2742.519128] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2742.519159] direct_splice_actor+0x192/0x7b0 [ 2742.519190] splice_direct_to_actor+0x347/0x9d0 [ 2742.519220] ? __pfx_direct_splice_actor+0x10/0x10 [ 2742.519256] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2742.519286] ? lock_acquire+0x15e/0x2f0 [ 2742.519317] do_splice_direct+0x179/0x250 [ 2742.519344] ? __pfx_do_splice_direct+0x10/0x10 [ 2742.519371] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2742.519407] ? security_file_permission+0x22/0x90 [ 2742.519439] do_sendfile+0xa8e/0xdc0 [ 2742.519479] ? __pfx_do_sendfile+0x10/0x10 [ 2742.519510] ? __fget_files+0x20d/0x3b0 [ 2742.519554] __x64_sys_sendfile64+0x1d3/0x210 [ 2742.519578] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2742.519615] do_syscall_64+0xbf/0x360 [ 2742.519643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2742.519666] RIP: 0033:0x7fe5d2196b19 [ 2742.519683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2742.519704] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2742.519725] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2742.519740] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2742.519753] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2742.519767] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2742.519781] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2742.519817] [ 2742.566097] loop2: detected capacity change from 0 to 256 [ 2742.607566] FAT-fs (loop2): invalid media value (0x00) [ 2742.608452] FAT-fs (loop2): Can't find a valid FAT filesystem 09:32:04 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) (fail_nth: 4) 09:32:04 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 38) 09:32:04 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x40000) 09:32:04 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 37) 09:32:04 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) (fail_nth: 1) 09:32:04 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000080)={0x600600, 0x60, 0x1}, 0x18) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100)={0x0}) r2 = openat$incfs(r0, &(0x7f00000001c0)='.pending_reads\x00', 0x1980, 0x100) r3 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r3, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000180)={r1, 0x1, r3, 0x800}) ftruncate(r0, 0x0) 09:32:04 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 34) 09:32:04 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2752.191779] loop0: detected capacity change from 0 to 256 [ 2752.197993] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2752.202211] FAULT_INJECTION: forcing a failure. [ 2752.202211] name failslab, interval 1, probability 0, space 0, times 0 [ 2752.203126] CPU: 1 UID: 0 PID: 16313 Comm: syz-executor.0 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2752.203143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2752.203151] Call Trace: [ 2752.203156] [ 2752.203161] dump_stack_lvl+0xfa/0x120 [ 2752.203180] should_fail_ex+0x4d7/0x5e0 [ 2752.203205] should_failslab+0xc2/0x120 [ 2752.203226] kmem_cache_alloc_lru_noprof+0x73/0x460 [ 2752.203243] ? lock_release+0xc8/0x290 [ 2752.203256] ? lock_is_held_type+0x9e/0x120 [ 2752.203268] ? __d_alloc+0x31/0xa10 [ 2752.203292] __d_alloc+0x31/0xa10 [ 2752.203313] d_alloc+0x4a/0x1e0 [ 2752.203333] lookup_one_qstr_excl+0x174/0x270 [ 2752.203347] ? mnt_want_write+0x153/0x420 [ 2752.203364] filename_create+0x1ca/0x480 [ 2752.203381] ? __pfx_filename_create+0x10/0x10 [ 2752.203396] ? lock_release+0xc8/0x290 [ 2752.203412] ? __virt_addr_valid+0x100/0x5d0 [ 2752.203434] do_mknodat+0x1d4/0x560 [ 2752.203454] ? __pfx_do_mknodat+0x10/0x10 [ 2752.203470] ? getname_flags.part.0+0x1c6/0x540 [ 2752.203489] __x64_sys_mknodat+0xb0/0xe0 [ 2752.203508] do_syscall_64+0xbf/0x360 [ 2752.203523] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2752.203536] RIP: 0033:0x7f85ae2c3b19 [ 2752.203545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2752.203557] RSP: 002b:00007f85ab839188 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 2752.203569] RAX: ffffffffffffffda RBX: 00007f85ae3d6f60 RCX: 00007f85ae2c3b19 [ 2752.203577] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2752.203584] RBP: 00007f85ab8391d0 R08: 0000000000000000 R09: 0000000000000000 [ 2752.203591] R10: 0000000000000701 R11: 0000000000000246 R12: 0000000000000001 [ 2752.203599] R13: 00007ffcbc7d799f R14: 00007f85ab839300 R15: 0000000000022000 [ 2752.203618] [ 2752.232811] loop2: detected capacity change from 0 to 288 09:32:04 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) (fail_nth: 5) [ 2752.242458] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2752.243591] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 2752.244320] FAT-fs (loop2): Filesystem has been set read-only [ 2752.295821] FAULT_INJECTION: forcing a failure. [ 2752.295821] name failslab, interval 1, probability 0, space 0, times 0 [ 2752.296858] CPU: 1 UID: 0 PID: 16323 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2752.296879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2752.296887] Call Trace: [ 2752.296892] [ 2752.296897] dump_stack_lvl+0xfa/0x120 [ 2752.296915] should_fail_ex+0x4d7/0x5e0 [ 2752.296941] ? ext4_find_extent+0x7f5/0xa00 [ 2752.296953] should_failslab+0xc2/0x120 [ 2752.296973] __kmalloc_noprof+0xb4/0x4b0 [ 2752.296996] ext4_find_extent+0x7f5/0xa00 [ 2752.297013] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2752.297036] ? unwind_next_frame+0x3bc/0x2540 [ 2752.297061] ? do_syscall_64+0xbf/0x360 [ 2752.297076] ? perf_trace_lock_acquire+0xc9/0x700 [ 2752.297091] ? perf_trace_lock_acquire+0xc9/0x700 [ 2752.297108] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2752.297131] ? lock_acquire+0x15e/0x2f0 [ 2752.297143] ? ext4_map_blocks+0x569/0x15a0 [ 2752.297167] ? down_write+0x119/0x1f0 [ 2752.297181] ? __pfx_down_write+0x10/0x10 [ 2752.297193] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2752.297214] ext4_map_blocks+0x630/0x15a0 [ 2752.297236] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2752.297250] ? lock_is_held_type+0x9e/0x120 [ 2752.297267] ? jbd2__journal_start+0xf6/0x6b0 [ 2752.297284] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2752.297302] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2752.297319] ? ext4_convert_unwritten_extents+0x190/0x580 [ 2752.297336] ext4_convert_unwritten_extents+0x1ca/0x580 [ 2752.297352] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 2752.297377] ext4_dio_write_end_io+0x13a/0x710 [ 2752.297392] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2752.297410] iomap_dio_complete+0x14d/0x9e0 [ 2752.297433] iomap_dio_rw+0x73/0xa0 [ 2752.297451] ext4_file_write_iter+0xe0b/0x1990 [ 2752.297476] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2752.297491] ? __kasan_kmalloc+0x7f/0x90 [ 2752.297503] ? trace_kmalloc+0x1f/0xb0 [ 2752.297514] ? __kmalloc_noprof+0x215/0x4b0 [ 2752.297530] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2752.297551] iter_file_splice_write+0x927/0x10c0 [ 2752.297577] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2752.297611] ? lock_is_held_type+0x9e/0x120 [ 2752.297622] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2752.297639] direct_splice_actor+0x192/0x7b0 [ 2752.297656] splice_direct_to_actor+0x347/0x9d0 [ 2752.297672] ? __pfx_direct_splice_actor+0x10/0x10 [ 2752.297691] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2752.297712] ? lock_acquire+0x15e/0x2f0 [ 2752.297728] do_splice_direct+0x179/0x250 [ 2752.297743] ? __pfx_do_splice_direct+0x10/0x10 [ 2752.297757] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2752.297774] ? security_file_permission+0x22/0x90 [ 2752.297792] do_sendfile+0xa8e/0xdc0 [ 2752.297815] ? __pfx_do_sendfile+0x10/0x10 [ 2752.297831] ? __fget_files+0x20d/0x3b0 [ 2752.297856] __x64_sys_sendfile64+0x1d3/0x210 [ 2752.297869] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2752.297888] do_syscall_64+0xbf/0x360 [ 2752.297903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2752.297916] RIP: 0033:0x7fe5d2196b19 [ 2752.297926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2752.297937] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2752.297949] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2752.297957] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2752.297964] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2752.297972] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2752.297979] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2752.297999] [ 2752.324370] EXT4-fs warning (device sda): ext4_convert_unwritten_extents:4936: inode #16055: block 0: len 16: ext4_ext_map_blocks returned -12 09:32:04 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2752.348801] loop6: detected capacity change from 0 to 256 [ 2752.361657] loop0: detected capacity change from 0 to 256 [ 2752.371657] FAULT_INJECTION: forcing a failure. [ 2752.371657] name failslab, interval 1, probability 0, space 0, times 0 [ 2752.373836] CPU: 0 UID: 0 PID: 16325 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2752.373874] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2752.373888] Call Trace: [ 2752.373896] [ 2752.373906] dump_stack_lvl+0xfa/0x120 [ 2752.373939] should_fail_ex+0x4d7/0x5e0 [ 2752.373982] ? ext4_init_io_end+0x27/0x180 [ 2752.374006] should_failslab+0xc2/0x120 [ 2752.374042] kmem_cache_alloc_noprof+0x5f/0x470 [ 2752.374076] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 2752.374108] ext4_init_io_end+0x27/0x180 [ 2752.374133] ext4_do_writepages+0xaa4/0x3230 [ 2752.374201] ? __pfx_ext4_do_writepages+0x10/0x10 [ 2752.374248] ? lock_is_held_type+0x9e/0x120 [ 2752.374277] ext4_writepages+0x369/0x7a0 [ 2752.374311] ? __pfx_ext4_writepages+0x10/0x10 [ 2752.374342] ? __pfx_perf_trace_lock+0x10/0x10 [ 2752.374386] ? lock_release+0xc8/0x290 [ 2752.374413] ? do_raw_spin_unlock+0x53/0x220 [ 2752.374442] ? __pfx_ext4_writepages+0x10/0x10 [ 2752.374477] do_writepages+0x244/0x5c0 [ 2752.374511] filemap_fdatawrite_wbc+0x10b/0x150 [ 2752.374535] ? __pfx_invalidate_inode_pages2_range+0x10/0x10 [ 2752.374575] __filemap_fdatawrite_range+0xb9/0x100 [ 2752.374608] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 2752.374692] ? jbd2_journal_stop+0x184/0xe20 [ 2752.374722] ? __pfx_ext4_orphan_del+0x10/0x10 [ 2752.374765] file_write_and_wait_range+0xcc/0x140 [ 2752.374804] ext4_sync_file+0x2eb/0xe30 [ 2752.374837] ? __pfx_ext4_sync_file+0x10/0x10 [ 2752.374871] vfs_fsync_range+0x13d/0x230 [ 2752.374907] iomap_dio_complete+0x6b8/0x9e0 [ 2752.374947] iomap_dio_rw+0x73/0xa0 [ 2752.374981] ext4_file_write_iter+0xe0b/0x1990 [ 2752.375027] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2752.375055] ? __kasan_kmalloc+0x7f/0x90 [ 2752.375077] ? trace_kmalloc+0x1f/0xb0 [ 2752.375097] ? __kmalloc_noprof+0x215/0x4b0 [ 2752.375126] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2752.375162] iter_file_splice_write+0x927/0x10c0 [ 2752.375218] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2752.375280] ? lock_is_held_type+0x9e/0x120 [ 2752.375301] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2752.375332] direct_splice_actor+0x192/0x7b0 [ 2752.375364] splice_direct_to_actor+0x347/0x9d0 [ 2752.375393] ? __pfx_direct_splice_actor+0x10/0x10 [ 2752.375429] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2752.375459] ? lock_acquire+0x15e/0x2f0 [ 2752.375489] do_splice_direct+0x179/0x250 [ 2752.375515] ? __pfx_do_splice_direct+0x10/0x10 [ 2752.375543] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2752.375574] ? security_file_permission+0x22/0x90 [ 2752.375607] do_sendfile+0xa8e/0xdc0 [ 2752.375647] ? __pfx_do_sendfile+0x10/0x10 [ 2752.375682] ? perf_trace_preemptirq_template+0x259/0x430 [ 2752.375727] __x64_sys_sendfile64+0x1d3/0x210 [ 2752.375751] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2752.375788] do_syscall_64+0xbf/0x360 [ 2752.375816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2752.375839] RIP: 0033:0x7f85c6477b19 [ 2752.375857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2752.375879] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2752.375901] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2752.375916] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2752.375929] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2752.375943] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2752.375956] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2752.375993] [ 2752.377009] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2752.388227] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2752.459332] FAULT_INJECTION: forcing a failure. 09:32:04 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 35) [ 2752.459332] name failslab, interval 1, probability 0, space 0, times 0 [ 2752.462204] CPU: 0 UID: 0 PID: 16332 Comm: syz-executor.6 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2752.462240] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2752.462255] Call Trace: [ 2752.462264] [ 2752.462275] dump_stack_lvl+0xfa/0x120 [ 2752.462311] should_fail_ex+0x4d7/0x5e0 [ 2752.462358] ? getname_flags.part.0+0x48/0x540 [ 2752.462386] should_failslab+0xc2/0x120 [ 2752.462427] kmem_cache_alloc_noprof+0x5f/0x470 [ 2752.462473] getname_flags.part.0+0x48/0x540 [ 2752.462507] getname_flags+0x95/0xe0 [ 2752.462543] __x64_sys_mknodat+0xa0/0xe0 [ 2752.462581] do_syscall_64+0xbf/0x360 [ 2752.462612] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2752.462639] RIP: 0033:0x7f8322c6fb19 [ 2752.462659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2752.462683] RSP: 002b:00007f83201c4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 2752.462708] RAX: ffffffffffffffda RBX: 00007f8322d83020 RCX: 00007f8322c6fb19 [ 2752.462725] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffffff [ 2752.462741] RBP: 00007f83201c41d0 R08: 0000000000000000 R09: 0000000000000000 [ 2752.462756] R10: 000000000000070d R11: 0000000000000246 R12: 0000000000000001 [ 2752.462772] R13: 00007ffd0a5a2cbf R14: 00007f83201c4300 R15: 0000000000022000 [ 2752.462812] 09:32:04 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100)) ftruncate(r1, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r2, r3, 0x0, 0x80000) ioctl$BTRFS_IOC_RM_DEV(r0, 0x5000940b, &(0x7f0000000400)={{r2}, "908274180f59bc22b5cc7df4cd9db101214867697cdb584a4c9d5eef7b198ac5f49e1afb8e6b28b9503c707394352268fedf9c15f57728f342c94f93488271ef196c924cd167c568958c76a6a33042fc6270eebc629e0b3676971a541ca97a42342a30e2049a88ec25d0aafd66a3bc38e379e0d0860eefb1b376786e65f253703a739ebeac1f94ad074e8b0b42ff4181145c3c385305cdfe83d2be9f5c266432a023c6db2287dfada688081686c438c3f02d9ad6776845b2bf5b03cbcad7bc51d4c918c127775232f81763d979f8827288639e5c21e41721080d409d06edf6f3ea45c6aac82f6cac2c22d0676035cc89795972dc1846426a618309e0dd7ecdc1579215f989652c8e3858e73d161c1a3ba3b449b8034a44ad1aa216384ae5c9d9c048d548383d320fc8bd33c4b5e9867c3211490759ae31f6d9e3a72c58f4f750b42507ae1b91f46dba42c256833fb1c0f8363bd18b4906c3832af35603a2802ecc6a24784c73e98d7032e3f37c5a0e1f41c32d51f6984126cc2879140b2a553b19210721b4c01cddfdb169cfe2cc867c54b6052c3d5d9292881d46adef501ce3a29ccd649b92d442602c356bcd43edc4bf534dfb88c53066692a71d8d0a8224011bc712505139c28efb9d9ab424c0ecb3f495b4760c753d65075024b2c5c9c8000dee7b215d0707672f57ea501a3f2a0ede7c36a83ee9ef9c07293f47d106ce05ff50827bea0acd073ec66bb8dbac11fbab8cfafd77c1c24cc92c56fa7cc47800bf4ea4035a6487b1cb2747548e56de084c9ad8b31c50b0ed3957dd0ccf7e3e96bac53f1e28e7e77252b20582f7cd121a273f22a4cc2370cf9e471b57c691141426d4e4a2a476bbb8f011fc0f3b4a3a17734d4a054a4bd352bce215e0d062002be5cbebcbc1e5192623d9b0d492e93541bb636fd99dcb45ea74c45b25253bc9fe9e702d69303c5281fffc4e9de314d7e5491583003a7c94bd97a805114478621eeef35519610b156361428d77b8ce005baf28df734f5c4509e68283e9d95bc483fde080766f5745b25dc81444b6ddeb1dc3d173ab7e2cef3483194dbcb65d692c4b4c3e5f2639c4481c98819b8b5d45c0ef9cc808f03526b2c77b831934a0b96e9d37af7272aae153b2f6c3e672a3fd0e3aa500b244cc751885c4f7b623ed958264b7476bb9e713730a4fcdd0699805d42de886c3724f9e0fb2e0bfdd7fd3d29b4b86c7b9079507065e12188d197a4b5f58c2552956ff4865da6396aa6bd8e64ea4c7c0cde87b385f25e93d648938252140763186bee142b750a69f402417e47792264518e8e496ea169a3c8f10314b5d624b88d209ac649531255c78b5e601ae9780aa4a3ec353a7dbc6efcac2367c7e51c412bead8367d7eaf283302d0c8fa26c21341b850d2c20108370a0b231211ff440b4565f987fc786c8a70956751804daaa2b3cd8c242f207d9c621eb82a95e511af4baa23c9066ff2a158c1daf6e5197f1ed1932c2b41250622fa7ea1154bdf441adabe7b01ff8b3e7b989a04aa40aeca5c65dc95c33a470701511e55dfc640e9b5f765599732a9c3997aee727adf534b05460ce4f56dcc61ea99b8981cf8e2846843f8ad9d1c022a51c9551917b0a9e0cc5af8ddea1038d21b824f149e122d98d7aed2e995871b6f2f60cd2b7deefe68f845a7ea663a5796629970d36321ba6c4db113c69b4352131f203103455722256ee3d58b55564a72d3497c2f00d74ebd195e49602160099f1b7c03cc252523a3d8fe4a3b6b99bb1abd72619525e3b05cbfad1d6daf790f46ba895ec8c3fbf8011b9e492b22a7fc3c5668a2e2e6a512a6daa55b96d7fea9a0cfb1aaa4da18851b63465c5c79ff1a97ca1ce5a2e0b1d8a67753c7587ccaa94e44bf903bea542ae74c81cf32d726db0c82c60678b6877dc6051448aa890b6bdbe2ccb7f4e7a47a03cfa85a019e19fb32dd5130c2ce88d91fcb954a5e4f21e485937ee3c42e05cb5c7b906ea6c3d94c6f69b9f395e9fb5afaecf1a7c02f736c884d7ec1286cc55ea10e924c4320c52b174d35f94e88c0cc87d4306aa1ca626962943996aefd17da26e7de2a64360025749cf0b7d5b83be347770352c912b3fc84dd79070a93eb24cbcaf7e5fce614be9c756410851f3a2d87bc44ed5f67e0a3240ebfb4e0dc9e0615ae4e3b67db51e2b20fac8c737d9920b18f3b39107475b95104e2c702fdcf1e1c4b7d9290d055bb189d7bd4116cbf35c6474d1e92d9f8af43cbccedad9d0673ebe830a3991b7ed2e15950e3a24ce999352db17b572f5092657c182e57f904322079d2a06cd9a989083e0185e18acdb52a4e7acb24070d0b9c8b9e2c26a8e808f7f15fc175a07527077f1120f9100d49e636390b6fa64e17c80804be9dd597c5b760c8866afa767a6eda6bd3a0efacaf149873ebe476ca89c4913ba7742edc0bd2cee014600f97c454fc4dd2b3a6df9c426adf8bc881392b763df209cf86611bb0a170e13dd94b8518062c8da51dc083fb799ce07b840184edfc438f8d731ea226cd642e5399be7606be7f931702970b53c6c214d6ab2e6401d240afd2cba0bf8f9464c78e66bfe88d9a8011c7da4c8d377b94ddb4f0d9f4d794a048fa3790630ec49189892c94136cb62d6112904d633299069d52132ac58c6bb819a79e45ebb5d476dc9dfe2b8de9ce1efa14fd0caa0cc5d468786b834958b9e8a65ffa0fe81871abd6442322a5d6b970410cd8808e804ab8b83e3f4ac36cc7104c0a4e3af59668056ce396825a998f0e7d7425535ecbcba8730f7566525d3a9160bb446aaf7ebcf3758afd71fd6616c2fe76fd07fbd768183f6481f41c57d2df1100b8723b17d2d9864ea1cda895303087f3cae15b08a2493011b046d3d296c755fa6a7b62928ec5e00141b019d122f692184d40a577563705f8b602210b40552d902fdcbef231f1264bd7d1a201f28916670daee73793e62dda416344c507a18aa4b3fe17572e6091c4c8ae756a3ba526683464172052b2f0f06acfb9222c6a0e3eb197621180d46d79a3f6dcd439f82b9741bef67bf10d865112b87d91cb9521f8e31b29f68a586439ce269ce7d48efa131e2fd530668f3db03cd36671a2a61ede134b6c77b1ee52d3bc122b1dbdaab399f4e7702247e35d9c3329e8d7b2bd6677785773d79d6c154db8fe6e905fbf72ea89fa95fef987177d97090e880543e8a65e06ffec36298ee0daa9fb9c69f2d9220e02587151de482d9db895b19aeece5d8b9098bbd129b32b872bb4ad3d6a6845a61a8ffb067aaa56ccca74ab0dca6bc0f4591273586b9814907a571d581208d470cb1f29d2bdb9a8840348e0f3fc589cc9285f89a775240725c67c4af19547a86537fa90f40fdc15c54c9c72aeca329a86d78ae58480068aaee1d578a1bf8210d6bcea29d395ab19a808f7af14e9caf637004e8bdfb99bed11fa451711dc5dfc447152a48a670c5512c3fd31881c8831a3823d9ac1ef196a4550401c9f04b9af2c767e057d4e4165fd819f97d5d65151dee09d449924815bc7c012b6f6add16384236439ac05e480d102572879051f6df9721306a9d0cc3b9f3ddfc8f94650c127ed864aa5ee68ce2a9e16c2acb5fd275d0498c077bec1dfaff85225bf1762f4b0e95b646444382991da89ef3f9e25adaf56984bee7b04a7c8c9318b6d0b4168c8f0317a8c98d01909add129fd6a13c146abe3f102590c5a752d9878117bef237e243101d2d886d54ef8981212478fb223c7c98856d5101dc5df1dbe6940e380da2b4fe01c8a79bc8dcfec15cdcf50b1ed94af1c1afae083ea4a0aea382b50d7a51f37e1720d93dd5155c04cb99c8110fb5bc980051c2cd404882d39d6ae84bc95bba28f4cb2df8439fe726c87ad426a468e87ffdaebc8e45bd955d88f006e9210d45b8e511f7694144551dd4b17a5b57fad19ee91113fb2a66dea2bb674183e9ccfa27996e780090e06af826e1725630c93643838f7c224e056bbd36d604ef10fcd26e0a4d45af40897cf04e2258fdb4c24c1f8d07992f127006be8aeb189aea7445492d306f89cb1d75237cf56b29f6ec7dc67a41a78aac304493a1cd68c22c49f1d34d04b86aa120bde3266e0d87ab316e0022a86040e0003a6d67c7b8c35ccb3c2cf02002bdde73a8a2a89d401d8daec9fa74cb49f0936e4ed4528d6a4c07c0cbe81dad3a26586322bfde791c71a0005a9df569614b8a4cda0b1e10044e647f6ecbd8fe131f220a0fbdb0409480a941fa02610523c8e650f76142b0abe182730b85b94850470ed53886ac159f7a6935f5f3a47ed0d878f595c62baa914e927d151a4569d665175a49f72473ea5bcc0da6a6368af51c5594e234e8628c651d98a99e286795dbfa67fed90aabfb22cd1ac11bf04263022b41b4ec6b1b48913ffb05d6dfeb4f963f47f29e5eecd1f8320bb4bfd629f4198d9919f4c7d1f17d98df51282560ce9a249d9c6f6f019fee9265d6094f3922a36a265309d4ac9d489640e7a444763af95e98af2e575a2283c8b65ffb14b07a8f4a619c6f836ca3cc9c80b672b3f1dcea8b6080deaaf3b98ea6b5ffec0dbe72e18921eab3c79d6b5463f31077bb8dc6b63b13ce0b2f970b268ae107e4392a0fef7d13e5f641ce7892236e300bdb1890fc95e522544e37bbbacadd64dd2567508eebbf73ec19512319dc5cb40d247dacb5edc4fa615ff3bb91045f05257c082726bdaa3dd7521ccfb3b77626ab61548348bc4cbbbabfcc8930de0618a73cd4f5eb899fc587c911952c3012c3b63df7bba456706f99ade566a08c0199fef7e3d67a0d1dfaadf59060bbc52c234e1e4e2a8509f88130e64a382246df22d4a7a1831caf804ad33563f0a0db74d3d04694d8633ce726913c3d9a521ad25074abed955d6965473a197fe51d081e0f7d2b744a35acbf950954fe86aab91a5730b46b7c892ac004329c13b5d5c898894ce0b619141247051111d5151685c1f333101bceb6c6657135c2e86a67f1c71e08143be7de6325c69e9381dbf640fd58b4d72509345ad4b974d1b873c38b86b5828a6f9da8f21e6f525535d2c31a26eab96685c936f2c7c0188164322010632ade239f274930bd57fe17f6ad7905a17897a0951d69a9a3bdfe7b5bae1ba3e98bc1ef9d1bf4c0c22661ad688bfe52261678251ec02499fc468b343f24091d912bdf58de58fdc457152f21efec2cc96bc269d9136a8019fc2d799362bf45caf06d4b4c4d7d8d84ae69458f2086cdcbac90c422a9a703b4e1c381bc74ceca5d20b9205ffb73d4a55bf39616fb681718cccdd5972f9dc7ceb6a46ceb566c2f7a1a327c918305a116c73f63342bf2583b9e91d8860369733a6550e9bdbf2dab577d7647b95b152d4f6583d88ff57c232e41b222b88ecb22400f855a0b375e6876f7601cb6a41f84a4dbb364689b372a798b72c330fd4116cadcc236efb08a36c63aaea6373d3c044ab0c2ffaf8c9acd1128575408238e946d16b3a9bc9088d0d745bd53a04181b34ecc07fc36270678f908b6b139302c07a444ae4fb2c072685b16233af5d1c4bde9845da67effd0286812c697e78ff51698023e774be1a3a3a2e00733ce5c5c16ccd5a6dd362c938d5bd397aa103229071d4a262267144cb6d09f52decbde5dfd84148b616723255acbe71fa114266580f29009f93687b73d434c0adc23c1b4a7c05ff78aa71378b2fe9cfeea1e24afa531519a64d724dcdddd0f7ee87d6e76a65a51068d274811388da7e222254eb87e9286afad48750274312dceeda6f2c477e1e50"}) [ 2752.534460] FAULT_INJECTION: forcing a failure. [ 2752.534460] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2752.535561] CPU: 1 UID: 0 PID: 16338 Comm: syz-executor.0 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2752.535578] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2752.535586] Call Trace: [ 2752.535591] [ 2752.535596] dump_stack_lvl+0xfa/0x120 [ 2752.535616] should_fail_ex+0x4d7/0x5e0 [ 2752.535641] _copy_from_user+0x30/0xd0 [ 2752.535658] kstrtouint_from_user+0xbd/0x180 [ 2752.535677] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 2752.535696] ? __lock_acquire+0xc65/0x1b70 [ 2752.535720] proc_fail_nth_write+0x7c/0x250 [ 2752.535739] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 2752.535759] ? lock_is_held_type+0x9e/0x120 [ 2752.535775] vfs_write+0x2b7/0x10c0 [ 2752.535791] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 2752.535813] ? __pfx_vfs_write+0x10/0x10 [ 2752.535831] ? lock_release+0xc8/0x290 [ 2752.535847] ? __fget_files+0x20d/0x3b0 [ 2752.535877] ksys_write+0x121/0x240 [ 2752.535894] ? __pfx_ksys_write+0x10/0x10 [ 2752.535918] do_syscall_64+0xbf/0x360 [ 2752.535934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2752.535947] RIP: 0033:0x7f85ae2765ff [ 2752.535957] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2752.535969] RSP: 002b:00007f85ab818170 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2752.535980] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f85ae2765ff [ 2752.535988] RDX: 0000000000000001 RSI: 00007f85ab8181e0 RDI: 0000000000000005 [ 2752.535996] RBP: 00007f85ab8181d0 R08: 0000000000000000 R09: 0000000000000000 [ 2752.536004] R10: 0000000000000701 R11: 0000000000000293 R12: 0000000000000001 [ 2752.536011] R13: 00007ffcbc7d799f R14: 00007f85ab818300 R15: 0000000000022000 [ 2752.536031] [ 2752.605291] loop2: detected capacity change from 0 to 288 09:32:05 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x50000) 09:32:05 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) (fail_nth: 2) [ 2752.642308] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2752.653676] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 2752.654329] FAT-fs (loop2): Filesystem has been set read-only 09:32:05 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) 09:32:05 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 38) 09:32:05 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 39) [ 2752.744592] loop6: detected capacity change from 0 to 256 [ 2752.803588] FAULT_INJECTION: forcing a failure. [ 2752.803588] name failslab, interval 1, probability 0, space 0, times 0 [ 2752.804633] CPU: 1 UID: 0 PID: 16348 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2752.804650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2752.804659] Call Trace: [ 2752.804664] [ 2752.804669] dump_stack_lvl+0xfa/0x120 [ 2752.804690] should_fail_ex+0x4d7/0x5e0 [ 2752.804718] ? jbd2__journal_start+0x193/0x6b0 [ 2752.804732] should_failslab+0xc2/0x120 [ 2752.804753] kmem_cache_alloc_noprof+0x5f/0x470 [ 2752.804770] ? lock_is_held_type+0x9e/0x120 [ 2752.804790] jbd2__journal_start+0x193/0x6b0 [ 2752.804809] __ext4_journal_start_sb+0x325/0x5d0 [ 2752.804828] ? ext4_dio_write_end_io+0x2ba/0x710 [ 2752.804843] ? lock_is_held_type+0x9e/0x120 [ 2752.804857] ext4_dio_write_end_io+0x2ba/0x710 [ 2752.804878] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2752.804895] iomap_dio_complete+0x14d/0x9e0 [ 2752.804918] iomap_dio_rw+0x73/0xa0 [ 2752.804937] ext4_file_write_iter+0xe0b/0x1990 [ 2752.804962] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2752.804977] ? __kasan_kmalloc+0x7f/0x90 [ 2752.804989] ? trace_kmalloc+0x1f/0xb0 [ 2752.805001] ? __kmalloc_noprof+0x215/0x4b0 [ 2752.805017] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2752.805037] iter_file_splice_write+0x927/0x10c0 [ 2752.805072] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2752.805106] ? lock_is_held_type+0x9e/0x120 [ 2752.805117] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2752.805134] direct_splice_actor+0x192/0x7b0 [ 2752.805151] splice_direct_to_actor+0x347/0x9d0 [ 2752.805167] ? __pfx_direct_splice_actor+0x10/0x10 [ 2752.805186] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2752.805202] ? lock_acquire+0x15e/0x2f0 [ 2752.805220] do_splice_direct+0x179/0x250 [ 2752.805234] ? __pfx_do_splice_direct+0x10/0x10 [ 2752.805249] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2752.805266] ? security_file_permission+0x22/0x90 [ 2752.805284] do_sendfile+0xa8e/0xdc0 [ 2752.805307] ? __pfx_do_sendfile+0x10/0x10 [ 2752.805324] ? __fget_files+0x20d/0x3b0 [ 2752.805349] __x64_sys_sendfile64+0x1d3/0x210 [ 2752.805362] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2752.805382] do_syscall_64+0xbf/0x360 [ 2752.805398] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2752.805412] RIP: 0033:0x7f7b6ab9db19 [ 2752.805422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2752.805434] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2752.805446] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2752.805455] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2752.805463] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2752.805471] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2752.805478] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2752.805499] [ 2752.806026] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2752.862603] loop0: detected capacity change from 0 to 256 [ 2752.897581] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2752.924222] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:32:18 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 40) 09:32:18 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) (fail_nth: 3) 09:32:18 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 36) 09:32:18 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100)={0x0}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x5, &(0x7f0000000080)=[{0x2, 0x4, 0x80, 0x6}, {0x5, 0x0, 0x9, 0xcefb}, {0x7ff, 0x2, 0x5, 0x4}, {0x4, 0x2, 0xfe, 0x7}, {0x8d, 0x8, 0x5, 0x8000}]}) r3 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r3, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r4, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) ioctl$LOOP_SET_FD(r3, 0x4c00, r4) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r2, 0x0, r1, 0x80, 0x80000}) ftruncate(r1, 0x0) 09:32:18 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:32:18 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 39) 09:32:18 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:32:18 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x60000) [ 2765.803465] loop2: detected capacity change from 0 to 288 [ 2765.832695] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2765.845621] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 2765.846320] FAT-fs (loop2): Filesystem has been set read-only [ 2765.848094] loop6: detected capacity change from 0 to 256 [ 2765.856747] loop0: detected capacity change from 0 to 256 [ 2765.874241] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2765.875257] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2765.902834] FAULT_INJECTION: forcing a failure. [ 2765.902834] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2765.905086] CPU: 0 UID: 0 PID: 16376 Comm: syz-executor.6 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2765.905119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2765.905134] Call Trace: [ 2765.905142] [ 2765.905151] dump_stack_lvl+0xfa/0x120 [ 2765.905184] should_fail_ex+0x4d7/0x5e0 [ 2765.905245] strncpy_from_user+0x3b/0x2f0 [ 2765.905280] getname_flags.part.0+0x8d/0x540 [ 2765.905315] FAULT_INJECTION: forcing a failure. [ 2765.905315] name failslab, interval 1, probability 0, space 0, times 0 [ 2765.905312] getname_flags+0x95/0xe0 [ 2765.905347] __x64_sys_mknodat+0xa0/0xe0 [ 2765.905382] do_syscall_64+0xbf/0x360 [ 2765.905411] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2765.905435] RIP: 0033:0x7f8322c6fb19 [ 2765.905453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2765.905476] RSP: 002b:00007f83201e5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 2765.905499] RAX: ffffffffffffffda RBX: 00007f8322d82f60 RCX: 00007f8322c6fb19 [ 2765.905515] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2765.905529] RBP: 00007f83201e51d0 R08: 0000000000000000 R09: 0000000000000000 [ 2765.905543] R10: 000000000000070d R11: 0000000000000246 R12: 0000000000000001 [ 2765.905557] R13: 00007ffd0a5a2cbf R14: 00007f83201e5300 R15: 0000000000022000 [ 2765.905593] [ 2765.916810] CPU: 1 UID: 0 PID: 16379 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2765.916828] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2765.916837] Call Trace: [ 2765.916843] [ 2765.916849] dump_stack_lvl+0xfa/0x120 [ 2765.916875] should_fail_ex+0x4d7/0x5e0 [ 2765.916900] ? ext4_init_io_end+0x27/0x180 [ 2765.916914] should_failslab+0xc2/0x120 [ 2765.916935] kmem_cache_alloc_noprof+0x5f/0x470 [ 2765.916955] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 2765.916973] ext4_init_io_end+0x27/0x180 [ 2765.916987] ext4_do_writepages+0xaa4/0x3230 [ 2765.917024] ? __pfx_ext4_do_writepages+0x10/0x10 [ 2765.917049] ? lock_is_held_type+0x9e/0x120 [ 2765.917069] ext4_writepages+0x369/0x7a0 [ 2765.917088] ? __pfx_ext4_writepages+0x10/0x10 [ 2765.917105] ? __pfx_perf_trace_lock+0x10/0x10 [ 2765.917129] ? lock_release+0xc8/0x290 [ 2765.917144] ? do_raw_spin_unlock+0x53/0x220 [ 2765.917160] ? __pfx_ext4_writepages+0x10/0x10 [ 2765.917179] do_writepages+0x244/0x5c0 [ 2765.917205] filemap_fdatawrite_wbc+0x10b/0x150 [ 2765.917219] ? __pfx_invalidate_inode_pages2_range+0x10/0x10 [ 2765.917242] __filemap_fdatawrite_range+0xb9/0x100 [ 2765.917260] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 2765.917278] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2765.917324] ? jbd2_journal_stop+0x184/0xe20 [ 2765.917340] ? __pfx_ext4_orphan_del+0x10/0x10 [ 2765.917364] file_write_and_wait_range+0xcc/0x140 [ 2765.917384] ext4_sync_file+0x2eb/0xe30 [ 2765.917402] ? __pfx_ext4_sync_file+0x10/0x10 [ 2765.917421] vfs_fsync_range+0x13d/0x230 [ 2765.917442] iomap_dio_complete+0x6b8/0x9e0 [ 2765.917464] iomap_dio_rw+0x73/0xa0 [ 2765.917483] ext4_file_write_iter+0xe0b/0x1990 [ 2765.917508] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2765.917524] ? __kasan_kmalloc+0x7f/0x90 [ 2765.917536] ? trace_kmalloc+0x1f/0xb0 [ 2765.917547] ? __kmalloc_noprof+0x215/0x4b0 [ 2765.917563] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2765.917583] iter_file_splice_write+0x927/0x10c0 [ 2765.917609] ? __pfx_iter_file_splice_write+0x10/0x10 09:32:18 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 40) [ 2765.917643] ? lock_is_held_type+0x9e/0x120 [ 2765.917655] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2765.917671] direct_splice_actor+0x192/0x7b0 [ 2765.917689] splice_direct_to_actor+0x347/0x9d0 [ 2765.917705] ? __pfx_direct_splice_actor+0x10/0x10 [ 2765.917726] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2765.917743] ? lock_acquire+0x15e/0x2f0 [ 2765.917759] do_splice_direct+0x179/0x250 [ 2765.917774] ? __pfx_do_splice_direct+0x10/0x10 [ 2765.917789] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2765.917806] ? security_file_permission+0x22/0x90 [ 2765.917824] do_sendfile+0xa8e/0xdc0 [ 2765.917847] ? __pfx_do_sendfile+0x10/0x10 [ 2765.917864] ? __fget_files+0x20d/0x3b0 [ 2765.917889] __x64_sys_sendfile64+0x1d3/0x210 [ 2765.917901] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2765.917922] do_syscall_64+0xbf/0x360 [ 2765.917938] entry_SYSCALL_64_after_hwframe+0x77/0x7f 09:32:18 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f0000000000)='./file0\x00', 0xaa) ftruncate(r0, 0x0) [ 2765.917951] RIP: 0033:0x7f85c6477b19 [ 2765.917962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2765.917974] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2765.917986] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2765.917995] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2765.918002] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2765.918010] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2765.918017] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2765.918037] [ 2765.923767] FAULT_INJECTION: forcing a failure. [ 2765.923767] name failslab, interval 1, probability 0, space 0, times 0 [ 2765.973126] CPU: 0 UID: 0 PID: 16377 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2765.973161] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2765.973175] Call Trace: [ 2765.973184] [ 2765.973204] dump_stack_lvl+0xfa/0x120 [ 2765.973237] should_fail_ex+0x4d7/0x5e0 [ 2765.973280] ? __es_insert_extent+0xed2/0x1370 [ 2765.973306] should_failslab+0xc2/0x120 [ 2765.973343] kmem_cache_alloc_noprof+0x5f/0x470 [ 2765.973375] ? __pfx___es_remove_extent+0x10/0x10 [ 2765.973400] ? ext4_es_can_be_merged.isra.0+0x13b/0x160 [ 2765.973436] __es_insert_extent+0xed2/0x1370 [ 2765.973482] ext4_es_insert_extent+0x4d0/0x1100 [ 2765.973524] ? __pfx_ext4_es_insert_extent+0x10/0x10 [ 2765.973552] ? lock_acquire+0x15e/0x2f0 [ 2765.973577] ? ext4_map_blocks+0x569/0x15a0 [ 2765.973622] ? down_write+0x119/0x1f0 [ 2765.973648] ? __pfx_down_write+0x10/0x10 [ 2765.973670] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2765.973710] ext4_map_blocks+0x815/0x15a0 [ 2765.973751] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2765.973777] ? lock_is_held_type+0x9e/0x120 [ 2765.973808] ? jbd2__journal_start+0xf6/0x6b0 [ 2765.973840] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2765.973878] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2765.973909] ? ext4_convert_unwritten_extents+0x190/0x580 [ 2765.973942] ext4_convert_unwritten_extents+0x1ca/0x580 [ 2765.973973] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 2765.974019] ext4_dio_write_end_io+0x13a/0x710 [ 2765.974048] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2765.974081] iomap_dio_complete+0x14d/0x9e0 [ 2765.974124] iomap_dio_rw+0x73/0xa0 [ 2765.974158] ext4_file_write_iter+0xe0b/0x1990 [ 2765.974205] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2765.974233] ? __kasan_kmalloc+0x7f/0x90 [ 2765.974255] ? trace_kmalloc+0x1f/0xb0 [ 2765.974276] ? __kmalloc_noprof+0x215/0x4b0 [ 2765.974305] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2765.974343] iter_file_splice_write+0x927/0x10c0 [ 2765.974393] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2765.974456] ? lock_is_held_type+0x9e/0x120 [ 2765.974478] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2765.974509] direct_splice_actor+0x192/0x7b0 [ 2765.974541] splice_direct_to_actor+0x347/0x9d0 [ 2765.974571] ? __pfx_direct_splice_actor+0x10/0x10 [ 2765.974607] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2765.974638] ? lock_acquire+0x15e/0x2f0 [ 2765.974669] do_splice_direct+0x179/0x250 [ 2765.974696] ? __pfx_do_splice_direct+0x10/0x10 [ 2765.974724] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2765.974756] ? security_file_permission+0x22/0x90 [ 2765.974789] do_sendfile+0xa8e/0xdc0 [ 2765.974830] ? __pfx_do_sendfile+0x10/0x10 [ 2765.974861] ? __fget_files+0x20d/0x3b0 [ 2765.974907] __x64_sys_sendfile64+0x1d3/0x210 [ 2765.974931] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2765.974969] do_syscall_64+0xbf/0x360 [ 2765.974997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2765.975021] RIP: 0033:0x7fe5d2196b19 [ 2765.975041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2765.975063] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2765.975086] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2765.975101] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2765.975115] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2765.975129] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2765.975142] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2765.975180] [ 2766.095196] FAULT_INJECTION: forcing a failure. [ 2766.095196] name failslab, interval 1, probability 0, space 0, times 0 [ 2766.096191] CPU: 1 UID: 0 PID: 16382 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2766.096209] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2766.096217] Call Trace: [ 2766.096222] [ 2766.096227] dump_stack_lvl+0xfa/0x120 [ 2766.096249] should_fail_ex+0x4d7/0x5e0 [ 2766.096274] ? ext4_init_io_end+0x27/0x180 [ 2766.096289] should_failslab+0xc2/0x120 [ 2766.096310] kmem_cache_alloc_noprof+0x5f/0x470 [ 2766.096329] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 2766.096347] ext4_init_io_end+0x27/0x180 [ 2766.096361] ext4_do_writepages+0xaa4/0x3230 [ 2766.096399] ? __pfx_ext4_do_writepages+0x10/0x10 [ 2766.096424] ? lock_is_held_type+0x9e/0x120 [ 2766.096441] ext4_writepages+0x369/0x7a0 [ 2766.096459] ? __pfx_ext4_writepages+0x10/0x10 [ 2766.096476] ? __pfx_perf_trace_lock+0x10/0x10 [ 2766.096501] ? lock_release+0xc8/0x290 [ 2766.096515] ? do_raw_spin_unlock+0x53/0x220 [ 2766.096532] ? __pfx_ext4_writepages+0x10/0x10 [ 2766.096550] do_writepages+0x244/0x5c0 [ 2766.096569] filemap_fdatawrite_wbc+0x10b/0x150 [ 2766.096583] ? __pfx_invalidate_inode_pages2_range+0x10/0x10 [ 2766.096605] __filemap_fdatawrite_range+0xb9/0x100 [ 2766.096623] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 2766.096641] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2766.096687] ? jbd2_journal_stop+0x184/0xe20 [ 2766.096704] ? __pfx_ext4_orphan_del+0x10/0x10 [ 2766.096727] file_write_and_wait_range+0xcc/0x140 [ 2766.096747] ext4_sync_file+0x2eb/0xe30 [ 2766.096765] ? __pfx_ext4_sync_file+0x10/0x10 [ 2766.096784] vfs_fsync_range+0x13d/0x230 [ 2766.096804] iomap_dio_complete+0x6b8/0x9e0 [ 2766.096827] iomap_dio_rw+0x73/0xa0 [ 2766.096845] ext4_file_write_iter+0xe0b/0x1990 [ 2766.096875] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2766.096891] ? __kasan_kmalloc+0x7f/0x90 [ 2766.096903] ? trace_kmalloc+0x1f/0xb0 [ 2766.096914] ? __kmalloc_noprof+0x215/0x4b0 [ 2766.096931] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2766.096950] iter_file_splice_write+0x927/0x10c0 [ 2766.096977] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2766.097011] ? lock_is_held_type+0x9e/0x120 [ 2766.097023] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2766.097039] direct_splice_actor+0x192/0x7b0 [ 2766.097057] splice_direct_to_actor+0x347/0x9d0 [ 2766.097073] ? __pfx_direct_splice_actor+0x10/0x10 [ 2766.097092] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2766.097109] ? lock_acquire+0x15e/0x2f0 [ 2766.097126] do_splice_direct+0x179/0x250 [ 2766.097140] ? __pfx_do_splice_direct+0x10/0x10 [ 2766.097155] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2766.097172] ? security_file_permission+0x22/0x90 [ 2766.097190] do_sendfile+0xa8e/0xdc0 [ 2766.097221] ? __pfx_do_sendfile+0x10/0x10 [ 2766.097238] ? __fget_files+0x20d/0x3b0 [ 2766.097263] __x64_sys_sendfile64+0x1d3/0x210 [ 2766.097276] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2766.097296] do_syscall_64+0xbf/0x360 [ 2766.097312] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2766.097326] RIP: 0033:0x7f7b6ab9db19 [ 2766.097336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2766.097348] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2766.097361] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2766.097369] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2766.097377] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2766.097384] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2766.097392] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2766.097412] [ 2766.126966] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:32:18 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {0x0, 0x0, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:32:18 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) (fail_nth: 4) 09:32:18 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3, 0x1) [ 2766.219251] loop2: detected capacity change from 0 to 288 09:32:18 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000000)=[{0x147, 0x6b, 0x5, 0x800}, {0x4, 0x3f, 0x33, 0x400}, {0xb53, 0x1, 0x6, 0x8c}]}, 0x10) r1 = openat$incfs(r0, &(0x7f0000000080)='.pending_reads\x00', 0x24000, 0x1) sendmsg$NFNL_MSG_CTHELPER_NEW(r1, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0x100, 0x0, 0x9, 0x5, 0x0, 0x0, {0x5, 0x0, 0x5}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x7fff}, @NFCTH_TUPLE={0xbc, 0x2, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @multicast1}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x3b}}, {0x8, 0x2, @broadcast}}}]}, @NFCTH_TUPLE={0x20, 0x2, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x11}}, {0x8, 0x2, @loopback}}}]}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x6}]}, 0x100}}, 0x4000841) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$PIO_UNIMAP(r2, 0x4b67, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{}, {}]}) ftruncate(r0, 0x0) [ 2766.258599] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2766.261376] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 2766.262764] FAT-fs (loop2): Filesystem has been set read-only [ 2766.276268] loop0: detected capacity change from 0 to 256 [ 2766.285857] FAULT_INJECTION: forcing a failure. [ 2766.285857] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2766.287799] CPU: 0 UID: 0 PID: 16392 Comm: syz-executor.6 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2766.287848] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2766.287876] Call Trace: [ 2766.287889] [ 2766.287903] dump_stack_lvl+0xfa/0x120 [ 2766.287936] should_fail_ex+0x4d7/0x5e0 [ 2766.287980] _copy_to_user+0x32/0xd0 [ 2766.288012] simple_read_from_buffer+0xe0/0x180 [ 2766.288046] proc_fail_nth_read+0x189/0x270 [ 2766.288082] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2766.288117] ? security_file_permission+0x22/0x90 [ 2766.288144] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2766.288177] vfs_read+0x1eb/0xbe0 [ 2766.288217] ? __pfx_vfs_read+0x10/0x10 [ 2766.288251] ? lock_release+0xc8/0x290 [ 2766.288282] ? __fget_files+0x20d/0x3b0 [ 2766.288328] ksys_read+0x121/0x240 [ 2766.288359] ? __pfx_ksys_read+0x10/0x10 [ 2766.288405] do_syscall_64+0xbf/0x360 [ 2766.288433] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2766.288457] RIP: 0033:0x7f8322c2269c [ 2766.288476] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 2766.288498] RSP: 002b:00007f83201e5170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2766.288521] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007f8322c2269c [ 2766.288536] RDX: 000000000000000f RSI: 00007f83201e51e0 RDI: 0000000000000003 [ 2766.288550] RBP: 00007f83201e51d0 R08: 0000000000000000 R09: 0000000000000000 [ 2766.288564] R10: 000000000000070d R11: 0000000000000246 R12: 0000000000000001 [ 2766.288578] R13: 00007ffd0a5a2cbf R14: 00007f83201e5300 R15: 0000000000022000 [ 2766.288615] [ 2766.323305] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:32:18 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {0x0, 0x0, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:32:18 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 41) 09:32:18 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x70000) 09:32:18 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) [ 2766.448324] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:32:18 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 37) 09:32:18 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x4, 0x1) [ 2766.499659] loop6: detected capacity change from 0 to 256 [ 2766.510452] loop2: detected capacity change from 0 to 288 [ 2766.512086] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2766.544890] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2766.552816] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2766.569954] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 2766.571468] FAT-fs (loop2): Filesystem has been set read-only [ 2766.625805] loop0: detected capacity change from 0 to 256 [ 2766.636943] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2766.692112] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:32:30 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:32:30 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 41) 09:32:30 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7f000) 09:32:30 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 42) 09:32:30 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {0x0, 0x0, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:32:30 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x5, 0x1) 09:32:30 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 38) 09:32:30 executing program 1: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x143180, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18}, './file0\x00'}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r1, 0x0) [ 2778.125833] loop2: detected capacity change from 0 to 288 [ 2778.128276] loop6: detected capacity change from 0 to 256 [ 2778.141464] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2778.143497] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2778.148023] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 2778.148820] FAT-fs (loop2): Filesystem has been set read-only [ 2778.203290] loop0: detected capacity change from 0 to 256 [ 2778.218525] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2778.236192] FAULT_INJECTION: forcing a failure. [ 2778.236192] name failslab, interval 1, probability 0, space 0, times 0 [ 2778.238363] CPU: 1 UID: 0 PID: 16432 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2778.238404] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2778.238417] Call Trace: [ 2778.238426] [ 2778.238435] dump_stack_lvl+0xfa/0x120 [ 2778.238468] should_fail_ex+0x4d7/0x5e0 [ 2778.238509] ? jbd2__journal_start+0x193/0x6b0 [ 2778.238533] should_failslab+0xc2/0x120 [ 2778.238570] kmem_cache_alloc_noprof+0x5f/0x470 [ 2778.238600] ? lock_is_held_type+0x9e/0x120 [ 2778.238632] jbd2__journal_start+0x193/0x6b0 [ 2778.238662] __ext4_journal_start_sb+0x325/0x5d0 [ 2778.238696] ? ext4_dio_write_end_io+0x2ba/0x710 [ 2778.238724] ? lock_is_held_type+0x9e/0x120 [ 2778.238749] ext4_dio_write_end_io+0x2ba/0x710 [ 2778.238779] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2778.238812] iomap_dio_complete+0x14d/0x9e0 [ 2778.238853] iomap_dio_rw+0x73/0xa0 [ 2778.238895] ext4_file_write_iter+0xe0b/0x1990 [ 2778.238942] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2778.238970] ? __kasan_kmalloc+0x7f/0x90 [ 2778.238992] ? trace_kmalloc+0x1f/0xb0 [ 2778.239013] ? __kmalloc_noprof+0x215/0x4b0 [ 2778.239042] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2778.239079] iter_file_splice_write+0x927/0x10c0 [ 2778.239128] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2778.239190] ? lock_is_held_type+0x9e/0x120 [ 2778.239212] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2778.239242] direct_splice_actor+0x192/0x7b0 [ 2778.239275] splice_direct_to_actor+0x347/0x9d0 [ 2778.239304] ? __pfx_direct_splice_actor+0x10/0x10 [ 2778.239340] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2778.239371] ? lock_acquire+0x15e/0x2f0 [ 2778.239402] do_splice_direct+0x179/0x250 [ 2778.239429] ? __pfx_do_splice_direct+0x10/0x10 [ 2778.239457] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2778.239488] ? security_file_permission+0x22/0x90 [ 2778.239520] do_sendfile+0xa8e/0xdc0 [ 2778.239560] ? __pfx_do_sendfile+0x10/0x10 [ 2778.239591] ? __fget_files+0x20d/0x3b0 [ 2778.239636] __x64_sys_sendfile64+0x1d3/0x210 [ 2778.239660] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2778.239697] do_syscall_64+0xbf/0x360 [ 2778.239725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2778.239749] RIP: 0033:0x7fe5d2196b19 [ 2778.239767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2778.239790] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2778.239812] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2778.239828] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2778.239842] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2778.239856] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2778.239870] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2778.239907] [ 2778.283037] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2778.320008] FAULT_INJECTION: forcing a failure. [ 2778.320008] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2778.322464] CPU: 1 UID: 0 PID: 16430 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2778.322498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2778.322513] Call Trace: [ 2778.322522] [ 2778.322533] dump_stack_lvl+0xfa/0x120 [ 2778.322567] should_fail_ex+0x4d7/0x5e0 [ 2778.322613] should_fail_alloc_page+0xe0/0x110 [ 2778.322657] prepare_alloc_pages+0x1af/0x500 [ 2778.322684] ? __pfx_perf_trace_lock+0x10/0x10 [ 2778.322719] alloc_pages_bulk_noprof+0x130/0xf20 [ 2778.322756] ? find_held_lock+0x2b/0x80 [ 2778.322796] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 2778.322827] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 2778.322878] ? __kasan_kmalloc+0x7f/0x90 [ 2778.322903] ? trace_kmalloc+0x1f/0xb0 [ 2778.322925] ? __kmalloc_noprof+0x215/0x4b0 [ 2778.322967] copy_splice_read+0x192/0xb70 [ 2778.323007] ? __pfx_copy_splice_read+0x10/0x10 [ 2778.323034] ? __pfx_perf_trace_lock+0x10/0x10 [ 2778.323076] ? find_held_lock+0x2b/0x80 [ 2778.323108] ? splice_direct_to_actor+0x347/0x9d0 [ 2778.323139] ? __pfx_copy_splice_read+0x10/0x10 [ 2778.323170] do_splice_read+0x1f8/0x2a0 [ 2778.323202] splice_direct_to_actor+0x2a8/0x9d0 [ 2778.323234] ? __pfx_direct_splice_actor+0x10/0x10 [ 2778.323272] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2778.323305] ? lock_acquire+0x15e/0x2f0 [ 2778.323337] do_splice_direct+0x179/0x250 [ 2778.323366] ? __pfx_do_splice_direct+0x10/0x10 [ 2778.323396] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2778.323430] ? security_file_permission+0x22/0x90 [ 2778.323465] do_sendfile+0xa8e/0xdc0 [ 2778.323507] ? __pfx_do_sendfile+0x10/0x10 [ 2778.323541] ? __fget_files+0x20d/0x3b0 [ 2778.323588] __x64_sys_sendfile64+0x1d3/0x210 [ 2778.323614] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2778.323653] do_syscall_64+0xbf/0x360 [ 2778.323684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2778.323709] RIP: 0033:0x7f85c6477b19 [ 2778.323729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2778.323753] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2778.323777] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2778.323794] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2778.323808] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2778.323823] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2778.323838] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2778.323877] [ 2778.420248] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:32:41 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 43) 09:32:41 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 42) 09:32:41 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400), 0x0, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:32:41 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 39) 09:32:41 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3, 0x1) 09:32:41 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x3, 0x81, 0xe3, 0x6}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) renameat(r0, &(0x7f0000000100)='./file0\x00', r0, &(0x7f0000000080)='./file0\x00') ftruncate(r0, 0x0) 09:32:41 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x6, 0x1) 09:32:41 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80002) [ 2789.535402] loop0: detected capacity change from 0 to 256 [ 2789.537790] loop6: detected capacity change from 0 to 256 [ 2789.543327] loop2: detected capacity change from 0 to 288 [ 2789.552216] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2789.565935] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2789.575387] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2789.594246] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 2789.594897] FAT-fs (loop2): Filesystem has been set read-only 09:32:42 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 40) [ 2789.639352] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:32:42 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x4, 0x1) [ 2789.666416] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:32:42 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x7, 0x1) 09:32:42 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400), 0x0, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:32:42 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 43) [ 2789.739810] FAULT_INJECTION: forcing a failure. [ 2789.739810] name failslab, interval 1, probability 0, space 0, times 0 [ 2789.740761] CPU: 0 UID: 0 PID: 16463 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2789.740778] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2789.740786] Call Trace: [ 2789.740791] [ 2789.740797] dump_stack_lvl+0xfa/0x120 [ 2789.740818] should_fail_ex+0x4d7/0x5e0 [ 2789.740842] ? ext4_init_io_end+0x27/0x180 [ 2789.740856] should_failslab+0xc2/0x120 [ 2789.740881] kmem_cache_alloc_noprof+0x5f/0x470 [ 2789.740900] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 2789.740918] ext4_init_io_end+0x27/0x180 [ 2789.740932] ext4_do_writepages+0xaa4/0x3230 [ 2789.740969] ? __pfx_ext4_do_writepages+0x10/0x10 [ 2789.740995] ? lock_is_held_type+0x9e/0x120 [ 2789.741011] ext4_writepages+0x369/0x7a0 [ 2789.741030] ? __pfx_ext4_writepages+0x10/0x10 [ 2789.741047] ? __pfx_perf_trace_lock+0x10/0x10 [ 2789.741071] ? lock_release+0xc8/0x290 [ 2789.741086] ? do_raw_spin_unlock+0x53/0x220 [ 2789.741102] ? __pfx_ext4_writepages+0x10/0x10 [ 2789.741121] do_writepages+0x244/0x5c0 [ 2789.741140] filemap_fdatawrite_wbc+0x10b/0x150 [ 2789.741155] ? __pfx_invalidate_inode_pages2_range+0x10/0x10 [ 2789.741177] __filemap_fdatawrite_range+0xb9/0x100 [ 2789.741195] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 2789.741213] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2789.741258] ? jbd2_journal_stop+0x184/0xe20 [ 2789.741275] ? __pfx_ext4_orphan_del+0x10/0x10 [ 2789.741298] file_write_and_wait_range+0xcc/0x140 [ 2789.741319] ext4_sync_file+0x2eb/0xe30 [ 2789.741337] ? __pfx_ext4_sync_file+0x10/0x10 [ 2789.741356] vfs_fsync_range+0x13d/0x230 [ 2789.741377] iomap_dio_complete+0x6b8/0x9e0 [ 2789.741399] iomap_dio_rw+0x73/0xa0 [ 2789.741417] ext4_file_write_iter+0xe0b/0x1990 [ 2789.741452] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2789.741467] ? __kasan_kmalloc+0x7f/0x90 [ 2789.741480] ? trace_kmalloc+0x1f/0xb0 [ 2789.741492] ? __kmalloc_noprof+0x215/0x4b0 [ 2789.741507] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2789.741527] iter_file_splice_write+0x927/0x10c0 [ 2789.741554] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2789.741588] ? lock_is_held_type+0x9e/0x120 [ 2789.741600] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2789.741617] direct_splice_actor+0x192/0x7b0 [ 2789.741634] splice_direct_to_actor+0x347/0x9d0 [ 2789.741651] ? __pfx_direct_splice_actor+0x10/0x10 [ 2789.741670] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2789.741687] ? lock_acquire+0x15e/0x2f0 [ 2789.741704] do_splice_direct+0x179/0x250 [ 2789.741718] ? __pfx_do_splice_direct+0x10/0x10 [ 2789.741733] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2789.741751] ? security_file_permission+0x22/0x90 [ 2789.741769] do_sendfile+0xa8e/0xdc0 [ 2789.741792] ? __pfx_do_sendfile+0x10/0x10 [ 2789.741809] ? __fget_files+0x20d/0x3b0 [ 2789.741834] __x64_sys_sendfile64+0x1d3/0x210 [ 2789.741847] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2789.741867] do_syscall_64+0xbf/0x360 [ 2789.741883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2789.741897] RIP: 0033:0x7fe5d2196b19 [ 2789.741908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2789.741921] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2789.741934] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2789.741942] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2789.741949] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2789.741956] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2789.741964] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2789.741984] [ 2789.769706] loop6: detected capacity change from 0 to 256 09:32:42 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 44) [ 2789.785616] loop2: detected capacity change from 0 to 288 [ 2789.797724] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:32:42 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80003) [ 2789.811152] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2789.814067] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 2789.814951] FAT-fs (loop2): Filesystem has been set read-only [ 2789.842368] FAULT_INJECTION: forcing a failure. [ 2789.842368] name failslab, interval 1, probability 0, space 0, times 0 [ 2789.843328] CPU: 0 UID: 0 PID: 16472 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2789.843345] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2789.843353] Call Trace: [ 2789.843358] [ 2789.843363] dump_stack_lvl+0xfa/0x120 [ 2789.843384] should_fail_ex+0x4d7/0x5e0 [ 2789.843409] ? copy_splice_read+0x15b/0xb70 [ 2789.843424] should_failslab+0xc2/0x120 [ 2789.843445] __kmalloc_noprof+0xb4/0x4b0 [ 2789.843467] copy_splice_read+0x15b/0xb70 [ 2789.843480] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2789.843500] ? __pfx_copy_splice_read+0x10/0x10 [ 2789.843513] ? __pfx_perf_trace_lock+0x10/0x10 [ 2789.843534] ? find_held_lock+0x2b/0x80 [ 2789.843552] ? splice_direct_to_actor+0x347/0x9d0 [ 2789.843567] ? __pfx_copy_splice_read+0x10/0x10 [ 2789.843582] do_splice_read+0x1f8/0x2a0 [ 2789.843598] splice_direct_to_actor+0x2a8/0x9d0 [ 2789.843614] ? __pfx_direct_splice_actor+0x10/0x10 [ 2789.843633] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2789.843650] ? lock_acquire+0x15e/0x2f0 [ 2789.843666] do_splice_direct+0x179/0x250 [ 2789.843680] ? __pfx_do_splice_direct+0x10/0x10 [ 2789.843695] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2789.843713] ? security_file_permission+0x22/0x90 [ 2789.843730] do_sendfile+0xa8e/0xdc0 [ 2789.843752] ? __pfx_do_sendfile+0x10/0x10 [ 2789.843772] ? perf_trace_preemptirq_template+0x259/0x430 [ 2789.843796] __x64_sys_sendfile64+0x1d3/0x210 [ 2789.843809] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2789.843829] do_syscall_64+0xbf/0x360 [ 2789.843844] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2789.843858] RIP: 0033:0x7f85c6477b19 [ 2789.843872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2789.843885] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2789.843897] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2789.843906] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2789.843913] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2789.843921] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2789.843928] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2789.843948] 09:32:42 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400), 0x0, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2789.916217] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2789.918989] loop2: detected capacity change from 0 to 288 [ 2789.924344] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2789.930793] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 2789.931448] FAT-fs (loop2): Filesystem has been set read-only 09:32:52 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 44) 09:32:52 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80004) 09:32:52 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0}) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r2, r3, 0x0, 0x80000) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r1, 0x2, r3, 0x0, 0x80000}) r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r4, 0x0) 09:32:52 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 45) 09:32:52 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x5, 0x1) 09:32:52 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x1) 09:32:52 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffff", 0x6, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:32:52 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 41) [ 2800.342370] loop0: detected capacity change from 0 to 256 [ 2800.353664] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2800.361472] FAULT_INJECTION: forcing a failure. [ 2800.361472] name failslab, interval 1, probability 0, space 0, times 0 [ 2800.362511] CPU: 0 UID: 0 PID: 16495 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2800.362528] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2800.362536] Call Trace: [ 2800.362541] [ 2800.362546] dump_stack_lvl+0xfa/0x120 [ 2800.362567] should_fail_ex+0x4d7/0x5e0 [ 2800.362591] ? iter_file_splice_write+0x1cd/0x10c0 [ 2800.362606] should_failslab+0xc2/0x120 [ 2800.362627] __kmalloc_noprof+0xb4/0x4b0 [ 2800.362650] iter_file_splice_write+0x1cd/0x10c0 [ 2800.362668] ? kfree+0x281/0x470 [ 2800.362681] ? copy_splice_read+0x83d/0xb70 [ 2800.362700] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2800.362716] ? __lock_acquire+0xc65/0x1b70 [ 2800.362746] ? lock_is_held_type+0x9e/0x120 [ 2800.362758] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2800.362775] direct_splice_actor+0x192/0x7b0 [ 2800.362793] splice_direct_to_actor+0x347/0x9d0 [ 2800.362808] ? __pfx_direct_splice_actor+0x10/0x10 [ 2800.362828] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2800.362844] ? lock_acquire+0x15e/0x2f0 [ 2800.362861] do_splice_direct+0x179/0x250 [ 2800.362879] ? __pfx_do_splice_direct+0x10/0x10 [ 2800.362894] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2800.362912] ? security_file_permission+0x22/0x90 [ 2800.362930] do_sendfile+0xa8e/0xdc0 [ 2800.362953] ? __pfx_do_sendfile+0x10/0x10 [ 2800.362972] ? perf_trace_preemptirq_template+0x259/0x430 [ 2800.362997] __x64_sys_sendfile64+0x1d3/0x210 [ 2800.363010] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2800.363029] do_syscall_64+0xbf/0x360 [ 2800.363045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2800.363059] RIP: 0033:0x7f85c6477b19 [ 2800.363069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2800.363082] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2800.363095] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2800.363103] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2800.363110] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2800.363117] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2800.363125] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2800.363144] [ 2800.369992] loop6: detected capacity change from 0 to 256 [ 2800.410374] loop2: detected capacity change from 0 to 288 09:32:52 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x9, 0x1) [ 2800.434177] FAULT_INJECTION: forcing a failure. [ 2800.434177] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2800.434215] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2800.435989] CPU: 1 UID: 0 PID: 16498 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2800.436020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2800.436034] Call Trace: [ 2800.436044] [ 2800.436054] dump_stack_lvl+0xfa/0x120 [ 2800.436088] should_fail_ex+0x4d7/0x5e0 [ 2800.436132] should_fail_alloc_page+0xe0/0x110 [ 2800.436171] prepare_alloc_pages+0x1af/0x500 [ 2800.436197] ? __pfx_perf_trace_lock+0x10/0x10 [ 2800.436230] alloc_pages_bulk_noprof+0x130/0xf20 [ 2800.436265] ? find_held_lock+0x2b/0x80 [ 2800.436304] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 2800.436332] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 2800.436373] ? __kasan_kmalloc+0x7f/0x90 [ 2800.436396] ? trace_kmalloc+0x1f/0xb0 [ 2800.436417] ? __kmalloc_noprof+0x215/0x4b0 [ 2800.436456] copy_splice_read+0x192/0xb70 [ 2800.436493] ? __pfx_copy_splice_read+0x10/0x10 [ 2800.436519] ? __pfx_perf_trace_lock+0x10/0x10 [ 2800.436556] ? find_held_lock+0x2b/0x80 [ 2800.436586] ? splice_direct_to_actor+0x347/0x9d0 [ 2800.436615] ? __pfx_copy_splice_read+0x10/0x10 [ 2800.436644] do_splice_read+0x1f8/0x2a0 [ 2800.436674] splice_direct_to_actor+0x2a8/0x9d0 [ 2800.436703] ? __pfx_direct_splice_actor+0x10/0x10 [ 2800.436739] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2800.436770] ? lock_acquire+0x15e/0x2f0 [ 2800.436799] do_splice_direct+0x179/0x250 [ 2800.436826] ? __pfx_do_splice_direct+0x10/0x10 [ 2800.436854] ? __pfx_direct_file_splice_eof+0x10/0x10 09:32:52 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 46) [ 2800.436893] ? security_file_permission+0x22/0x90 [ 2800.436926] do_sendfile+0xa8e/0xdc0 [ 2800.436966] ? __pfx_do_sendfile+0x10/0x10 [ 2800.436997] ? __fget_files+0x20d/0x3b0 [ 2800.437041] __x64_sys_sendfile64+0x1d3/0x210 [ 2800.437065] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2800.437101] do_syscall_64+0xbf/0x360 [ 2800.437129] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2800.437154] RIP: 0033:0x7f7b6ab9db19 [ 2800.437172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2800.437193] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2800.437216] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2800.437231] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2800.437245] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2800.437259] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2800.437272] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2800.437309] [ 2800.441838] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2800.482411] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2800.501222] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 2800.502454] FAT-fs (loop2): Filesystem has been set read-only [ 2800.573346] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:32:53 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x6, 0x1) 09:32:53 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80005) 09:32:53 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 45) [ 2800.611513] loop0: detected capacity change from 0 to 256 [ 2800.633750] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:32:53 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r1, 0x0) sync_file_range(r1, 0x7ff, 0x29, 0x1) r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000002700)=[r1, r2], 0x2) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = getpgid(0x0) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000002780)) r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r5, r6, 0x0, 0x80000) r7 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r7, &(0x7f00000000c0)=[{&(0x7f0000002580)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000002680)=[{&(0x7f0000000180)=""/218, 0xda}, {&(0x7f0000000280)=""/240, 0xf0}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000001400)=""/227, 0xe3}, {&(0x7f0000000080)=""/12, 0xc}, {&(0x7f0000001500)=""/4096, 0x1000}, {&(0x7f0000002640)=""/21, 0x15}], 0x7, &(0x7f0000002500)=ANY=[@ANYBLOB="30000000000000000100000001000000", @ANYRESHEX=r1, @ANYRES32, @ANYRES32, @ANYRES16=r7, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c41d4a80cf036757580000003000000", @ANYRES32=0x0, @ANYRES32=r5, @ANYRES32=0x0, @ANYBLOB], 0x50}, 0x140) ptrace$peek(0xffffffffffffffff, r8, &(0x7f0000002600)) r9 = fork() kcmp(r9, r4, 0x0, r3, r3) mq_notify(r1, &(0x7f0000000000)={0x0, 0xb, 0x5, @tid=r4}) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f00000025c0)) 09:32:53 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 47) 09:32:53 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffff", 0x6, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2800.701614] loop6: detected capacity change from 0 to 256 [ 2800.724678] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2800.739794] FAULT_INJECTION: forcing a failure. [ 2800.739794] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2800.741132] CPU: 0 UID: 0 PID: 16517 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2800.741149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2800.741157] Call Trace: [ 2800.741162] [ 2800.741168] dump_stack_lvl+0xfa/0x120 [ 2800.741190] should_fail_ex+0x4d7/0x5e0 [ 2800.741216] should_fail_alloc_page+0xe0/0x110 [ 2800.741238] prepare_alloc_pages+0x1af/0x500 [ 2800.741252] ? __pfx_perf_trace_lock+0x10/0x10 [ 2800.741271] alloc_pages_bulk_noprof+0x130/0xf20 [ 2800.741289] ? find_held_lock+0x2b/0x80 [ 2800.741310] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 2800.741326] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 2800.741348] ? __kasan_kmalloc+0x7f/0x90 [ 2800.741360] ? trace_kmalloc+0x1f/0xb0 [ 2800.741372] ? __kmalloc_noprof+0x215/0x4b0 [ 2800.741393] copy_splice_read+0x192/0xb70 [ 2800.741414] ? __pfx_copy_splice_read+0x10/0x10 [ 2800.741427] ? __pfx_perf_trace_lock+0x10/0x10 [ 2800.741447] ? find_held_lock+0x2b/0x80 [ 2800.741463] ? splice_direct_to_actor+0x347/0x9d0 [ 2800.741479] ? __pfx_copy_splice_read+0x10/0x10 [ 2800.741494] do_splice_read+0x1f8/0x2a0 [ 2800.741510] splice_direct_to_actor+0x2a8/0x9d0 [ 2800.741526] ? __pfx_direct_splice_actor+0x10/0x10 [ 2800.741545] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2800.741574] ? lock_acquire+0x15e/0x2f0 [ 2800.741590] do_splice_direct+0x179/0x250 [ 2800.741604] ? __pfx_do_splice_direct+0x10/0x10 [ 2800.741619] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2800.741640] ? security_file_permission+0x22/0x90 [ 2800.741658] do_sendfile+0xa8e/0xdc0 [ 2800.741680] ? __pfx_do_sendfile+0x10/0x10 [ 2800.741698] ? perf_trace_preemptirq_template+0x259/0x430 [ 2800.741721] __x64_sys_sendfile64+0x1d3/0x210 [ 2800.741734] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2800.741753] do_syscall_64+0xbf/0x360 [ 2800.741769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2800.741782] RIP: 0033:0x7f7b6ab9db19 [ 2800.741793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2800.741804] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2800.741817] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2800.741825] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2800.741832] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2800.741840] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2800.741847] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2800.741870] 09:32:53 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 42) [ 2800.818837] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2800.828224] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:32:53 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xd, 0x1) 09:32:53 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x7, 0x1) [ 2800.846122] loop2: detected capacity change from 0 to 288 09:32:53 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80006) [ 2800.892741] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2800.900852] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 2800.902241] FAT-fs (loop2): Filesystem has been set read-only [ 2800.926590] FAULT_INJECTION: forcing a failure. [ 2800.926590] name failslab, interval 1, probability 0, space 0, times 0 [ 2800.927688] CPU: 0 UID: 0 PID: 16526 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2800.927705] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2800.927714] Call Trace: [ 2800.927719] [ 2800.927725] dump_stack_lvl+0xfa/0x120 [ 2800.927746] should_fail_ex+0x4d7/0x5e0 [ 2800.927770] ? jbd2__journal_start+0x193/0x6b0 [ 2800.927784] should_failslab+0xc2/0x120 [ 2800.927805] kmem_cache_alloc_noprof+0x5f/0x470 [ 2800.927823] ? lock_is_held_type+0x9e/0x120 [ 2800.927840] jbd2__journal_start+0x193/0x6b0 [ 2800.927857] __ext4_journal_start_sb+0x325/0x5d0 [ 2800.927880] ? ext4_dirty_inode+0xa5/0x130 [ 2800.927902] ext4_dirty_inode+0xa5/0x130 [ 2800.927921] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 2800.927939] __mark_inode_dirty+0x1b7/0xd00 [ 2800.927963] generic_update_time+0xcb/0xf0 [ 2800.927984] file_modified+0x1f0/0x230 [ 2800.927998] ext4_file_write_iter+0xca3/0x1990 [ 2800.928023] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2800.928040] ? __kasan_kmalloc+0x7f/0x90 [ 2800.928055] ? trace_kmalloc+0x1f/0xb0 [ 2800.928066] ? __kmalloc_noprof+0x215/0x4b0 [ 2800.928082] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2800.928102] iter_file_splice_write+0x927/0x10c0 [ 2800.928129] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2800.928163] ? lock_is_held_type+0x9e/0x120 [ 2800.928174] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2800.928191] direct_splice_actor+0x192/0x7b0 [ 2800.928209] splice_direct_to_actor+0x347/0x9d0 [ 2800.928225] ? __pfx_direct_splice_actor+0x10/0x10 [ 2800.928244] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2800.928261] ? lock_acquire+0x15e/0x2f0 [ 2800.928279] do_splice_direct+0x179/0x250 [ 2800.928293] ? __pfx_do_splice_direct+0x10/0x10 [ 2800.928308] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2800.928326] ? security_file_permission+0x22/0x90 [ 2800.928344] do_sendfile+0xa8e/0xdc0 [ 2800.928366] ? __pfx_do_sendfile+0x10/0x10 [ 2800.928385] ? perf_trace_preemptirq_template+0x259/0x430 [ 2800.928410] __x64_sys_sendfile64+0x1d3/0x210 [ 2800.928423] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2800.928444] do_syscall_64+0xbf/0x360 [ 2800.928459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2800.928473] RIP: 0033:0x7f85c6477b19 [ 2800.928484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2800.928496] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2800.928508] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2800.928517] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2800.928524] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2800.928532] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2800.928539] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2800.928560] [ 2800.964729] loop0: detected capacity change from 0 to 256 [ 2800.981288] loop6: detected capacity change from 0 to 256 [ 2800.991508] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2801.007280] FAULT_INJECTION: forcing a failure. [ 2801.007280] name failslab, interval 1, probability 0, space 0, times 0 [ 2801.009242] CPU: 1 UID: 0 PID: 16531 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2801.009274] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2801.009289] Call Trace: [ 2801.009298] [ 2801.009308] dump_stack_lvl+0xfa/0x120 [ 2801.009342] should_fail_ex+0x4d7/0x5e0 [ 2801.009384] ? copy_splice_read+0x15b/0xb70 [ 2801.009410] should_failslab+0xc2/0x120 [ 2801.009447] __kmalloc_noprof+0xb4/0x4b0 [ 2801.009489] copy_splice_read+0x15b/0xb70 [ 2801.009513] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2801.009551] ? __pfx_copy_splice_read+0x10/0x10 [ 2801.009590] ? __pfx_perf_trace_lock+0x10/0x10 [ 2801.009628] ? find_held_lock+0x2b/0x80 [ 2801.009660] ? splice_direct_to_actor+0x347/0x9d0 [ 2801.009689] ? __pfx_copy_splice_read+0x10/0x10 [ 2801.009717] do_splice_read+0x1f8/0x2a0 [ 2801.009747] splice_direct_to_actor+0x2a8/0x9d0 [ 2801.009776] ? __pfx_direct_splice_actor+0x10/0x10 [ 2801.009811] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2801.009842] ? lock_acquire+0x15e/0x2f0 [ 2801.009878] do_splice_direct+0x179/0x250 [ 2801.009905] ? __pfx_do_splice_direct+0x10/0x10 [ 2801.009933] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2801.009965] ? security_file_permission+0x22/0x90 [ 2801.009997] do_sendfile+0xa8e/0xdc0 [ 2801.010037] ? __pfx_do_sendfile+0x10/0x10 [ 2801.010068] ? __fget_files+0x20d/0x3b0 [ 2801.010112] __x64_sys_sendfile64+0x1d3/0x210 [ 2801.010136] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2801.010172] do_syscall_64+0xbf/0x360 [ 2801.010201] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2801.010225] RIP: 0033:0x7fe5d2196b19 [ 2801.010243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2801.010265] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2801.010288] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2801.010304] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2801.010318] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2801.010332] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2801.010346] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2801.010382] [ 2801.044102] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2801.074969] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:33:03 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffff", 0x6, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:33:03 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 46) 09:33:03 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) readahead(r0, 0x4, 0x3) 09:33:03 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80008) 09:33:03 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 48) 09:33:03 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x10, 0x1) 09:33:03 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 43) 09:33:03 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x1) [ 2811.534027] loop0: detected capacity change from 0 to 256 [ 2811.550077] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2811.572827] loop6: detected capacity change from 0 to 256 09:33:04 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) r3 = dup3(r2, r2, 0x0) ioctl$CDROM_CLEAR_OPTIONS(r3, 0x5321, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000140)={0x2, &(0x7f0000000100)=[{0x5, 0x40, 0x9, 0x200}, {0x8, 0x4, 0x20}]}) ioctl$VFAT_IOCTL_READDIR_SHORT(r1, 0x82307202, &(0x7f0000000180)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) ftruncate(r0, 0x0) r4 = accept4(r0, &(0x7f0000000700)=@ax25={{0x3, @bcast}, [@default, @netrom, @default, @default, @null, @netrom, @netrom, @default]}, &(0x7f00000006c0)=0x80, 0xc00) ioctl$BTRFS_IOC_START_SYNC(r4, 0x80089418, &(0x7f0000000080)) [ 2811.609497] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2811.630671] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2811.640521] loop2: detected capacity change from 0 to 288 09:33:04 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x21, 0x1) [ 2811.666233] FAULT_INJECTION: forcing a failure. [ 2811.666233] name failslab, interval 1, probability 0, space 0, times 0 [ 2811.668105] CPU: 1 UID: 0 PID: 16563 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2811.668139] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2811.668154] Call Trace: [ 2811.668163] [ 2811.668176] dump_stack_lvl+0xfa/0x120 [ 2811.668210] should_fail_ex+0x4d7/0x5e0 [ 2811.668255] ? jbd2__journal_start+0x193/0x6b0 [ 2811.668281] should_failslab+0xc2/0x120 [ 2811.668321] kmem_cache_alloc_noprof+0x5f/0x470 [ 2811.668354] ? lock_is_held_type+0x9e/0x120 [ 2811.668388] jbd2__journal_start+0x193/0x6b0 [ 2811.668421] __ext4_journal_start_sb+0x325/0x5d0 [ 2811.668456] ? ext4_dirty_inode+0xa5/0x130 [ 2811.668500] ext4_dirty_inode+0xa5/0x130 [ 2811.668538] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 2811.668573] __mark_inode_dirty+0x1b7/0xd00 [ 2811.668618] generic_update_time+0xcb/0xf0 [ 2811.668658] file_modified+0x1f0/0x230 [ 2811.668684] ext4_file_write_iter+0xca3/0x1990 [ 2811.668735] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2811.668765] ? __kasan_kmalloc+0x7f/0x90 [ 2811.668790] ? trace_kmalloc+0x1f/0xb0 [ 2811.668811] ? __kmalloc_noprof+0x215/0x4b0 [ 2811.668845] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2811.668913] iter_file_splice_write+0x927/0x10c0 [ 2811.668967] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2811.669035] ? lock_is_held_type+0x9e/0x120 [ 2811.669058] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2811.669092] direct_splice_actor+0x192/0x7b0 [ 2811.669126] splice_direct_to_actor+0x347/0x9d0 [ 2811.669158] ? __pfx_direct_splice_actor+0x10/0x10 [ 2811.669197] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2811.669230] ? lock_acquire+0x15e/0x2f0 [ 2811.669264] do_splice_direct+0x179/0x250 [ 2811.669293] ? __pfx_do_splice_direct+0x10/0x10 [ 2811.669323] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2811.669357] ? security_file_permission+0x22/0x90 [ 2811.669392] do_sendfile+0xa8e/0xdc0 [ 2811.669435] ? __pfx_do_sendfile+0x10/0x10 [ 2811.669469] ? __fget_files+0x20d/0x3b0 [ 2811.669516] __x64_sys_sendfile64+0x1d3/0x210 [ 2811.669542] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2811.669582] do_syscall_64+0xbf/0x360 [ 2811.669614] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2811.669640] RIP: 0033:0x7f85c6477b19 [ 2811.669660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2811.669706] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2811.669730] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2811.669747] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2811.669762] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2811.669777] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2811.669792] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2811.669832] [ 2811.672035] loop0: detected capacity change from 0 to 256 [ 2811.684477] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2811.702712] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2811.721963] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 2811.722792] FAT-fs (loop2): Filesystem has been set read-only [ 2811.756060] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:33:04 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x9, 0x1) 09:33:04 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 44) 09:33:04 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 47) 09:33:04 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x22, 0x1) [ 2811.908425] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2811.910784] FAULT_INJECTION: forcing a failure. [ 2811.910784] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2811.911934] CPU: 0 UID: 0 PID: 16574 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2811.911952] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2811.911960] Call Trace: [ 2811.911965] [ 2811.911970] dump_stack_lvl+0xfa/0x120 [ 2811.911991] should_fail_ex+0x4d7/0x5e0 [ 2811.912015] should_fail_alloc_page+0xe0/0x110 [ 2811.912037] prepare_alloc_pages+0x1af/0x500 [ 2811.912052] ? __pfx_perf_trace_lock+0x10/0x10 [ 2811.912070] alloc_pages_bulk_noprof+0x130/0xf20 [ 2811.912089] ? find_held_lock+0x2b/0x80 [ 2811.912110] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 2811.912125] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 2811.912148] ? __kasan_kmalloc+0x7f/0x90 [ 2811.912161] ? trace_kmalloc+0x1f/0xb0 [ 2811.912172] ? __kmalloc_noprof+0x215/0x4b0 [ 2811.912196] copy_splice_read+0x192/0xb70 [ 2811.912219] ? __pfx_copy_splice_read+0x10/0x10 [ 2811.912233] ? __pfx_perf_trace_lock+0x10/0x10 [ 2811.912253] ? find_held_lock+0x2b/0x80 [ 2811.912269] ? splice_direct_to_actor+0x347/0x9d0 [ 2811.912285] ? __pfx_copy_splice_read+0x10/0x10 [ 2811.912300] do_splice_read+0x1f8/0x2a0 [ 2811.912315] splice_direct_to_actor+0x2a8/0x9d0 [ 2811.912332] ? __pfx_direct_splice_actor+0x10/0x10 [ 2811.912350] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2811.912367] ? lock_acquire+0x15e/0x2f0 [ 2811.912382] do_splice_direct+0x179/0x250 [ 2811.912397] ? __pfx_do_splice_direct+0x10/0x10 [ 2811.912412] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2811.912428] ? security_file_permission+0x22/0x90 [ 2811.912446] do_sendfile+0xa8e/0xdc0 [ 2811.912468] ? __pfx_do_sendfile+0x10/0x10 [ 2811.912485] ? __fget_files+0x20d/0x3b0 [ 2811.912509] __x64_sys_sendfile64+0x1d3/0x210 [ 2811.912522] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2811.912541] do_syscall_64+0xbf/0x360 [ 2811.912557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2811.912570] RIP: 0033:0x7fe5d2196b19 [ 2811.912580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2811.912592] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2811.912604] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2811.912612] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2811.912620] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2811.912627] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2811.912635] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2811.912655] 09:33:04 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fff", 0x9, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:33:04 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80009) 09:33:04 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 49) 09:33:04 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xd, 0x1) 09:33:04 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 45) [ 2812.009541] loop2: detected capacity change from 0 to 288 [ 2812.021207] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2812.026087] FAT-fs (loop2): error, invalid access to FAT (entry 0x000000ff) [ 2812.026667] FAT-fs (loop2): Filesystem has been set read-only [ 2812.044253] FAULT_INJECTION: forcing a failure. [ 2812.044253] name failslab, interval 1, probability 0, space 0, times 0 [ 2812.045318] CPU: 0 UID: 0 PID: 16581 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2812.045335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2812.045343] Call Trace: [ 2812.045348] [ 2812.045353] dump_stack_lvl+0xfa/0x120 [ 2812.045373] should_fail_ex+0x4d7/0x5e0 [ 2812.045397] ? iter_file_splice_write+0x1cd/0x10c0 [ 2812.045412] should_failslab+0xc2/0x120 [ 2812.045433] __kmalloc_noprof+0xb4/0x4b0 [ 2812.045455] iter_file_splice_write+0x1cd/0x10c0 [ 2812.045473] ? kfree+0x281/0x470 [ 2812.045487] ? copy_splice_read+0x83d/0xb70 [ 2812.045506] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2812.045522] ? __lock_acquire+0xc65/0x1b70 [ 2812.045552] ? lock_is_held_type+0x9e/0x120 [ 2812.045565] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2812.045581] direct_splice_actor+0x192/0x7b0 [ 2812.045598] splice_direct_to_actor+0x347/0x9d0 [ 2812.045614] ? __pfx_direct_splice_actor+0x10/0x10 [ 2812.045633] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2812.045650] ? lock_acquire+0x15e/0x2f0 [ 2812.045666] do_splice_direct+0x179/0x250 [ 2812.045689] ? __pfx_do_splice_direct+0x10/0x10 [ 2812.045704] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2812.045721] ? security_file_permission+0x22/0x90 [ 2812.045740] do_sendfile+0xa8e/0xdc0 [ 2812.045762] ? __pfx_do_sendfile+0x10/0x10 [ 2812.045778] ? __fget_files+0x20d/0x3b0 [ 2812.045803] __x64_sys_sendfile64+0x1d3/0x210 [ 2812.045816] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2812.045836] do_syscall_64+0xbf/0x360 [ 2812.045852] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2812.045869] RIP: 0033:0x7fe5d2196b19 [ 2812.045879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2812.045891] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2812.045904] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2812.045912] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2812.045920] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2812.045927] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2812.045935] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2812.045955] 09:33:04 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fff", 0x9, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2812.122325] FAULT_INJECTION: forcing a failure. [ 2812.122325] name failslab, interval 1, probability 0, space 0, times 0 [ 2812.123488] CPU: 0 UID: 0 PID: 16583 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2812.123505] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2812.123512] Call Trace: [ 2812.123517] [ 2812.123523] dump_stack_lvl+0xfa/0x120 [ 2812.123542] should_fail_ex+0x4d7/0x5e0 [ 2812.123566] ? jbd2__journal_start+0x193/0x6b0 [ 2812.123579] should_failslab+0xc2/0x120 [ 2812.123600] kmem_cache_alloc_noprof+0x5f/0x470 [ 2812.123617] ? lock_is_held_type+0x9e/0x120 [ 2812.123635] jbd2__journal_start+0x193/0x6b0 [ 2812.123651] __ext4_journal_start_sb+0x325/0x5d0 [ 2812.123670] ? ext4_dirty_inode+0xa5/0x130 [ 2812.123692] ext4_dirty_inode+0xa5/0x130 [ 2812.123712] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 2812.123729] __mark_inode_dirty+0x1b7/0xd00 [ 2812.123753] generic_update_time+0xcb/0xf0 [ 2812.123773] file_modified+0x1f0/0x230 [ 2812.123786] ext4_file_write_iter+0xca3/0x1990 [ 2812.123812] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2812.123827] ? __kasan_kmalloc+0x7f/0x90 [ 2812.123839] ? trace_kmalloc+0x1f/0xb0 [ 2812.123850] ? __kmalloc_noprof+0x215/0x4b0 [ 2812.123871] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2812.123891] iter_file_splice_write+0x927/0x10c0 [ 2812.123918] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2812.123951] ? lock_is_held_type+0x9e/0x120 [ 2812.123963] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2812.123980] direct_splice_actor+0x192/0x7b0 [ 2812.123997] splice_direct_to_actor+0x347/0x9d0 [ 2812.124013] ? __pfx_direct_splice_actor+0x10/0x10 [ 2812.124032] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2812.124049] ? lock_acquire+0x15e/0x2f0 [ 2812.124067] do_splice_direct+0x179/0x250 [ 2812.124081] ? __pfx_do_splice_direct+0x10/0x10 [ 2812.124097] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2812.124114] ? security_file_permission+0x22/0x90 [ 2812.124132] do_sendfile+0xa8e/0xdc0 [ 2812.124154] ? __pfx_do_sendfile+0x10/0x10 [ 2812.124174] ? perf_trace_preemptirq_template+0x259/0x430 [ 2812.124198] __x64_sys_sendfile64+0x1d3/0x210 [ 2812.124211] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2812.124231] do_syscall_64+0xbf/0x360 [ 2812.124247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2812.124261] RIP: 0033:0x7f7b6ab9db19 [ 2812.124271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2812.124284] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2812.124296] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2812.124305] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2812.124312] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2812.124320] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2812.124327] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2812.124348] [ 2812.145750] loop6: detected capacity change from 0 to 256 [ 2812.150086] loop0: detected capacity change from 0 to 256 [ 2812.157367] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2812.188733] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2812.195411] loop2: detected capacity change from 0 to 288 [ 2812.210988] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2812.216019] FAT-fs (loop2): error, invalid access to FAT (entry 0x000000ff) [ 2812.216587] FAT-fs (loop2): Filesystem has been set read-only [ 2812.279263] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2812.303055] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:33:14 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000d) 09:33:14 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 50) 09:33:14 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x23, 0x1) 09:33:14 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 46) 09:33:14 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r2 = socket$nl_audit(0x10, 0x3, 0x9) sendfile(r2, r0, &(0x7f0000000000), 0x7c0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) ftruncate(r1, 0x0) 09:33:14 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x10, 0x1) 09:33:14 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fff", 0x9, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:33:14 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 48) [ 2821.991542] loop2: detected capacity change from 0 to 288 [ 2822.001128] loop0: detected capacity change from 0 to 256 [ 2822.015106] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2822.018461] loop6: detected capacity change from 0 to 256 [ 2822.024339] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2822.029673] FAT-fs (loop2): error, invalid access to FAT (entry 0x000000ff) [ 2822.031095] FAT-fs (loop2): Filesystem has been set read-only [ 2822.092585] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2822.146543] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:33:14 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2c, 0x1) [ 2822.301284] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2822.406735] loop0: detected capacity change from 0 to 256 [ 2822.412394] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2822.448837] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:33:24 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2d, 0x1) 09:33:24 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000f) 09:33:24 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 49) 09:33:24 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff", 0xb, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:33:24 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x21, 0x1) 09:33:24 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 47) 09:33:24 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 51) 09:33:24 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x7, 0x1, 0x6, 0x101}, {0x8000, 0x1, 0x8a, 0x897c}, {0x0, 0x2, 0x4, 0x2}]}) ftruncate(r0, 0x0) [ 2832.038460] loop6: detected capacity change from 0 to 256 [ 2832.048167] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2832.091530] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:33:24 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x22, 0x1) [ 2832.128168] loop6: detected capacity change from 0 to 256 [ 2832.132109] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2832.146271] FAULT_INJECTION: forcing a failure. [ 2832.146271] name failslab, interval 1, probability 0, space 0, times 0 [ 2832.146277] loop0: detected capacity change from 0 to 256 [ 2832.147193] CPU: 1 UID: 0 PID: 16640 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2832.147212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2832.147221] Call Trace: [ 2832.147227] [ 2832.147233] dump_stack_lvl+0xfa/0x120 [ 2832.147255] should_fail_ex+0x4d7/0x5e0 [ 2832.147282] ? jbd2__journal_start+0x193/0x6b0 [ 2832.147297] should_failslab+0xc2/0x120 [ 2832.147318] kmem_cache_alloc_noprof+0x5f/0x470 [ 2832.147337] ? lock_is_held_type+0x9e/0x120 [ 2832.147358] jbd2__journal_start+0x193/0x6b0 [ 2832.147375] __ext4_journal_start_sb+0x325/0x5d0 [ 2832.147395] ? ext4_file_write_iter+0xd74/0x1990 [ 2832.147415] ext4_file_write_iter+0xd74/0x1990 [ 2832.147440] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2832.147456] ? __kasan_kmalloc+0x7f/0x90 [ 2832.147469] ? trace_kmalloc+0x1f/0xb0 [ 2832.147481] ? __kmalloc_noprof+0x215/0x4b0 [ 2832.147496] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2832.147519] iter_file_splice_write+0x927/0x10c0 [ 2832.147545] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2832.147579] ? lock_is_held_type+0x9e/0x120 [ 2832.147591] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2832.147607] direct_splice_actor+0x192/0x7b0 09:33:24 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x23, 0x1) [ 2832.147625] splice_direct_to_actor+0x347/0x9d0 [ 2832.147641] ? __pfx_direct_splice_actor+0x10/0x10 [ 2832.147661] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2832.147678] ? lock_acquire+0x15e/0x2f0 [ 2832.147696] do_splice_direct+0x179/0x250 [ 2832.147711] ? __pfx_do_splice_direct+0x10/0x10 [ 2832.147726] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2832.147743] ? security_file_permission+0x22/0x90 [ 2832.147762] do_sendfile+0xa8e/0xdc0 [ 2832.147784] ? __pfx_do_sendfile+0x10/0x10 [ 2832.147802] ? __fget_files+0x20d/0x3b0 [ 2832.147827] __x64_sys_sendfile64+0x1d3/0x210 [ 2832.147840] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2832.147865] do_syscall_64+0xbf/0x360 [ 2832.147881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2832.147895] RIP: 0033:0x7f7b6ab9db19 09:33:24 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80010) [ 2832.147906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2832.147917] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2832.147930] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2832.147939] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2832.147947] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2832.147956] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2832.147964] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2832.147985] [ 2832.190595] loop2: detected capacity change from 0 to 288 09:33:24 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 50) [ 2832.215061] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2832.220556] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2832.232988] FAT-fs (loop2): error, invalid access to FAT (entry 0x00ffffff) [ 2832.233000] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2832.236137] FAT-fs (loop2): Filesystem has been set read-only [ 2832.255577] FAULT_INJECTION: forcing a failure. [ 2832.255577] name failslab, interval 1, probability 0, space 0, times 0 [ 2832.257564] CPU: 0 UID: 0 PID: 16646 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2832.257599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2832.257615] Call Trace: [ 2832.257625] [ 2832.257635] dump_stack_lvl+0xfa/0x120 [ 2832.257670] should_fail_ex+0x4d7/0x5e0 [ 2832.257717] ? ext4_find_extent+0x7f5/0xa00 [ 2832.257740] should_failslab+0xc2/0x120 [ 2832.257780] __kmalloc_noprof+0xb4/0x4b0 [ 2832.257825] ext4_find_extent+0x7f5/0xa00 [ 2832.257860] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2832.257932] ? unwind_next_frame+0x3bc/0x2540 [ 2832.257966] ? do_syscall_64+0xbf/0x360 [ 2832.257996] ? perf_trace_lock_acquire+0xc9/0x700 [ 2832.258025] ? perf_trace_lock_acquire+0xc9/0x700 [ 2832.258060] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2832.258105] ? lock_acquire+0x15e/0x2f0 [ 2832.258131] ? ext4_map_blocks+0x569/0x15a0 [ 2832.258180] ? down_write+0x119/0x1f0 [ 2832.258208] ? __pfx_down_write+0x10/0x10 [ 2832.258232] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2832.258275] ext4_map_blocks+0x630/0x15a0 [ 2832.258319] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2832.258349] ? lock_is_held_type+0x9e/0x120 [ 2832.258382] ? jbd2__journal_start+0xf6/0x6b0 [ 2832.258416] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2832.258451] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2832.258485] ? ext4_iomap_begin+0x5b8/0xe80 [ 2832.258527] ext4_iomap_begin+0xa62/0xe80 [ 2832.258560] ? __pfx_perf_trace_lock+0x10/0x10 [ 2832.258606] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2832.258641] ? mark_held_locks+0x49/0x80 [ 2832.258673] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 2832.258710] ? __create_object+0x59/0x80 [ 2832.258740] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2832.258778] iomap_iter+0x54a/0xdb0 [ 2832.258821] __iomap_dio_rw+0x6ac/0x1cf0 [ 2832.258874] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2832.258912] ? lock_release+0xc8/0x290 [ 2832.258938] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2832.258989] ? kasan_quarantine_put+0x84/0x1e0 [ 2832.259062] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2832.259090] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2832.259139] iomap_dio_rw+0x40/0xa0 [ 2832.259177] ext4_file_write_iter+0xe0b/0x1990 [ 2832.259228] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2832.259259] ? __kasan_kmalloc+0x7f/0x90 [ 2832.259284] ? trace_kmalloc+0x1f/0xb0 [ 2832.259306] ? __kmalloc_noprof+0x215/0x4b0 [ 2832.259338] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2832.259380] iter_file_splice_write+0x927/0x10c0 [ 2832.259434] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2832.259503] ? lock_is_held_type+0x9e/0x120 [ 2832.259527] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2832.259561] direct_splice_actor+0x192/0x7b0 [ 2832.259597] splice_direct_to_actor+0x347/0x9d0 [ 2832.259629] ? __pfx_direct_splice_actor+0x10/0x10 [ 2832.259669] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2832.259703] ? lock_acquire+0x15e/0x2f0 [ 2832.259736] do_splice_direct+0x179/0x250 [ 2832.259765] ? __pfx_do_splice_direct+0x10/0x10 [ 2832.259796] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2832.259831] ? security_file_permission+0x22/0x90 [ 2832.259866] do_sendfile+0xa8e/0xdc0 [ 2832.259910] ? __pfx_do_sendfile+0x10/0x10 [ 2832.259944] ? __fget_files+0x20d/0x3b0 [ 2832.259993] __x64_sys_sendfile64+0x1d3/0x210 [ 2832.260020] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2832.260061] do_syscall_64+0xbf/0x360 [ 2832.260091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2832.260117] RIP: 0033:0x7fe5d2196b19 [ 2832.260137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2832.260162] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2832.260186] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2832.260203] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2832.260218] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2832.260233] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2832.260248] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2832.260289] [ 2832.349609] FAULT_INJECTION: forcing a failure. [ 2832.349609] name failslab, interval 1, probability 0, space 0, times 0 [ 2832.350606] CPU: 1 UID: 0 PID: 16648 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2832.350625] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2832.350634] Call Trace: [ 2832.350639] [ 2832.350645] dump_stack_lvl+0xfa/0x120 [ 2832.350668] should_fail_ex+0x4d7/0x5e0 [ 2832.350698] should_failslab+0xc2/0x120 [ 2832.350721] __kmalloc_cache_noprof+0x73/0x470 [ 2832.350738] ? __ext4_journal_stop+0xe2/0x1f0 [ 2832.350758] ? ext4_file_write_iter+0xdbd/0x1990 [ 2832.350774] ? iter_file_splice_write+0x927/0x10c0 [ 2832.350790] ? direct_splice_actor+0x192/0x7b0 [ 2832.350804] ? splice_direct_to_actor+0x347/0x9d0 [ 2832.350817] ? __iomap_dio_rw+0x270/0x1cf0 [ 2832.350835] ? do_sendfile+0xa8e/0xdc0 [ 2832.350852] ? do_syscall_64+0xbf/0x360 [ 2832.350874] ? __iomap_dio_rw+0x270/0x1cf0 [ 2832.350890] __iomap_dio_rw+0x270/0x1cf0 [ 2832.350906] ? __pfx_perf_trace_lock+0x10/0x10 [ 2832.350926] ? lock_acquire+0x15e/0x2f0 [ 2832.350940] ? __virt_addr_valid+0x1c6/0x5d0 [ 2832.350963] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2832.350988] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2832.351006] ? lock_release+0xc8/0x290 [ 2832.351020] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2832.351040] ? mark_held_locks+0x49/0x80 [ 2832.351056] ? kasan_quarantine_put+0x84/0x1e0 [ 2832.351091] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2832.351107] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2832.351132] iomap_dio_rw+0x40/0xa0 [ 2832.351151] ext4_file_write_iter+0xe0b/0x1990 [ 2832.351177] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2832.351192] ? __kasan_kmalloc+0x7f/0x90 [ 2832.351205] ? trace_kmalloc+0x1f/0xb0 [ 2832.351217] ? __kmalloc_noprof+0x215/0x4b0 [ 2832.351234] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2832.351254] iter_file_splice_write+0x927/0x10c0 [ 2832.351281] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2832.351314] ? lock_is_held_type+0x9e/0x120 [ 2832.351328] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2832.351345] direct_splice_actor+0x192/0x7b0 [ 2832.351363] splice_direct_to_actor+0x347/0x9d0 [ 2832.351379] ? __pfx_direct_splice_actor+0x10/0x10 [ 2832.351398] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2832.351415] ? lock_acquire+0x15e/0x2f0 [ 2832.351431] do_splice_direct+0x179/0x250 [ 2832.351446] ? __pfx_do_splice_direct+0x10/0x10 [ 2832.351462] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2832.351479] ? security_file_permission+0x22/0x90 [ 2832.351498] do_sendfile+0xa8e/0xdc0 [ 2832.351519] ? __pfx_do_sendfile+0x10/0x10 [ 2832.351536] ? __fget_files+0x20d/0x3b0 [ 2832.351562] __x64_sys_sendfile64+0x1d3/0x210 [ 2832.351576] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2832.351596] do_syscall_64+0xbf/0x360 [ 2832.351612] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2832.351626] RIP: 0033:0x7f85c6477b19 [ 2832.351637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2832.351649] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2832.351661] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2832.351670] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2832.351678] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2832.351687] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2832.351695] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2832.351718] 09:33:24 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff", 0xb, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:33:24 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2e, 0x1) [ 2832.437175] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:33:24 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 48) 09:33:24 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x100, 0x1, 0x23, 0x101}, {0x7, 0x9, 0x3f, 0x101}, {0x8001, 0x8, 0x5, 0x40}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x28, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000400)={0x23c0, r2, 0x30, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7, 0x20}}}}, [@NL80211_PMSR_ATTR_PEERS={0x180, 0x5, 0x0, 0x1, [{0x34, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7ff}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}]}, {0x148, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0xe0, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x74, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x19}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x60, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x81}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}]}]}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x1c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x98a}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x3ff}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7ff}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x2c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2cc}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x5}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}]}]}]}, @NL80211_PMSR_ATTR_PEERS={0xfcc, 0x5, 0x0, 0x1, [{0x2a4, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x11c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x74, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x80}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x20}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xa0, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3f}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1e}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_REQ={0xf0, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x84, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2bb0}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x94}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x5}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x76}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x5}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0x4c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xff00}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x15}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}]}, {0x58, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x55}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x70d0}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3ff}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}, {0x2d0, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x34, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_CENTER_FREQ2={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1a}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x94, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x84, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x1cc, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x70, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x150, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xff}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xf5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x19}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x80}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}]}]}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xff}]}]}, {0x25c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x3c, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x5}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x18c}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x2}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xff}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_CHAN={0x34, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x372}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xffff6b81}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xfffffff8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x170, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xac, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x7c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1d}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xd}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x40}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x17}]}]}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x54, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_CENTER_FREQ1={0x8}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x99e}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xf}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x208}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1000}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1f}, @NL80211_ATTR_CENTER_FREQ1={0x8}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x9e05}]}]}, {0x330, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x1b0, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x84, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x49}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xb}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xde}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xa4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x6c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x11}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xff86}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x5}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x150, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xf4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x17}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1000}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x200}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xb0}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x81}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x12}]}, @NL80211_PMSR_TYPE_FTM={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x20}]}, @NL80211_PMSR_PEER_ATTR_REQ={0xc, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}]}, {0x80, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x34, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x99}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x142}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x396}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7fffffff}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x34, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x9}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1000}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}]}]}, {0x32c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x1b4, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0xdc, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xf56}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xffdc}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1c}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1f}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x80}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x8c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x225d}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x100}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1a}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x168, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x118, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xf8}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x11f}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x10}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x16}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1b}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xf8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x52}]}]}, {0x80, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x34, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x5a}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x19}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x9a8}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x2}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x3c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x34d}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0xf89774df129d9487}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9c}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1707}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}]}]}, @NL80211_PMSR_ATTR_PEERS={0xda8, 0x5, 0x0, 0x1, [{0x38, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2e7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x29}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1f0}]}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}]}, {0xf8, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x8, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0xb4, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xa4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x4c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xfff7}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xe993}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x20}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x2c, 0x2, 0x0, 0x1, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1504}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x200}]}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}]}, {0x3f0, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0x1f4, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x134, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}]}, @NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1a}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8da}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x63}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xff}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x78, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x38}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x50}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5d}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x17c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x120, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3cf}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x17}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x11}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xf}]}, @NL80211_PMSR_TYPE_FTM={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xfff9}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x20}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xb}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_REQ={0x14, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x7}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x137}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x14}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x11}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}]}, {0x27c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x1c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x44, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x23}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1000}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x315}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x4}, @NL80211_ATTR_CENTER_FREQ2={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x1c4, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0xb4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x40}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x17}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x16}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x20}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x108, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x14}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1f}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xff}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x34, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x14}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x30}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x20}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xf3b0}]}]}, {0x324, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x124, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x10c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x18}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x15}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x81}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1c}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xd}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x19}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x1bc, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0xac, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x98d2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x4c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xf8, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x19c2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8c72}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1a}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x14}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xc64}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1b}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x14}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1e}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x50}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0x10, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}]}, {0xdc, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0xd8, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0xd4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x60}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1e}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xb}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}]}]}]}]}, {0x164, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x100, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x98, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1a}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x18}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1b}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x401}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8e}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7f}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x11}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7f}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x27}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x3c, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2d}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x37}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1c}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xffffffff}]}]}, {0x6c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_CHAN={0x2c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3dd}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}]}, @NL80211_PMSR_ATTR_PEERS={0x4a4, 0x5, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xf7}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x601}]}]}, {0x80, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x9a8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x3c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x29}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x329}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2ca}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1e}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xd4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x18}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x374}]}]}, {0x194, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x263}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x170, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x58, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x18}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xe4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x81}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7f}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x11}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x10}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xb7}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x266}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1a}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x16}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}]}]}]}]}, {0x258, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x130, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x124, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x15}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xff}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3f}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xfffe}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x12}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x40}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0xf0, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x70, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xa}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x58, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x81}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6cb}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xbfa}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x34, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1a}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2d}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x5}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xffff}]}]}]}]}, 0x23c0}}, 0x20000000) ftruncate(r0, 0x0) [ 2832.557555] loop6: detected capacity change from 0 to 256 [ 2832.595450] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:33:25 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 52) [ 2832.641643] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2832.642682] loop2: detected capacity change from 0 to 288 09:33:25 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2c, 0x1) [ 2832.702389] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2832.722944] FAT-fs (loop2): error, invalid access to FAT (entry 0x00ffffff) [ 2832.724047] FAT-fs (loop2): Filesystem has been set read-only [ 2832.725583] loop0: detected capacity change from 0 to 256 [ 2832.747290] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2832.785711] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2832.817442] FAULT_INJECTION: forcing a failure. [ 2832.817442] name failslab, interval 1, probability 0, space 0, times 0 [ 2832.819349] CPU: 0 UID: 0 PID: 16673 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2832.819380] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2832.819395] Call Trace: [ 2832.819404] [ 2832.819413] dump_stack_lvl+0xfa/0x120 [ 2832.819446] should_fail_ex+0x4d7/0x5e0 [ 2832.819490] should_failslab+0xc2/0x120 [ 2832.819527] __kmalloc_cache_noprof+0x73/0x470 [ 2832.819555] ? __ext4_journal_stop+0xe2/0x1f0 [ 2832.819586] ? ext4_file_write_iter+0xdbd/0x1990 [ 2832.819615] ? iter_file_splice_write+0x927/0x10c0 [ 2832.819642] ? direct_splice_actor+0x192/0x7b0 [ 2832.819666] ? splice_direct_to_actor+0x347/0x9d0 [ 2832.819690] ? __iomap_dio_rw+0x270/0x1cf0 [ 2832.819719] ? do_sendfile+0xa8e/0xdc0 [ 2832.819756] ? __iomap_dio_rw+0x270/0x1cf0 [ 2832.819785] __iomap_dio_rw+0x270/0x1cf0 [ 2832.819824] ? perf_trace_preemptirq_template+0x259/0x430 [ 2832.819873] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2832.819906] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2832.819938] ? lock_release+0xc8/0x290 [ 2832.819963] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2832.820001] ? mark_held_locks+0x49/0x80 [ 2832.820029] ? kasan_quarantine_put+0x84/0x1e0 [ 2832.820095] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2832.820122] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2832.820166] iomap_dio_rw+0x40/0xa0 [ 2832.820200] ext4_file_write_iter+0xe0b/0x1990 [ 2832.820247] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2832.820275] ? __kasan_kmalloc+0x7f/0x90 [ 2832.820299] ? trace_kmalloc+0x1f/0xb0 [ 2832.820319] ? __kmalloc_noprof+0x215/0x4b0 [ 2832.820348] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2832.820385] iter_file_splice_write+0x927/0x10c0 [ 2832.820434] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2832.820497] ? lock_is_held_type+0x9e/0x120 [ 2832.820519] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2832.820550] direct_splice_actor+0x192/0x7b0 [ 2832.820582] splice_direct_to_actor+0x347/0x9d0 [ 2832.820612] ? __pfx_direct_splice_actor+0x10/0x10 [ 2832.820648] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2832.820679] ? lock_acquire+0x15e/0x2f0 [ 2832.820709] do_splice_direct+0x179/0x250 [ 2832.820736] ? __pfx_do_splice_direct+0x10/0x10 [ 2832.820764] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2832.820796] ? security_file_permission+0x22/0x90 [ 2832.820828] do_sendfile+0xa8e/0xdc0 [ 2832.820868] ? __pfx_do_sendfile+0x10/0x10 [ 2832.820904] ? perf_trace_preemptirq_template+0x259/0x430 [ 2832.820947] __x64_sys_sendfile64+0x1d3/0x210 [ 2832.820970] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2832.821008] do_syscall_64+0xbf/0x360 [ 2832.821036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2832.821060] RIP: 0033:0x7f85c6477b19 [ 2832.821078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2832.821101] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2832.821123] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2832.821139] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2832.821153] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2832.821167] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2832.821181] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2832.821219] 09:33:37 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 51) 09:33:37 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8002f) 09:33:37 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2d, 0x1) 09:33:37 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff", 0xb, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:33:37 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2f, 0x1) 09:33:37 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 49) 09:33:37 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 53) 09:33:37 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0xc5c4, 0x80, 0x0, 0xfffffff9}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) [ 2844.809332] loop0: detected capacity change from 0 to 256 [ 2844.835855] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2844.848796] loop6: detected capacity change from 0 to 256 [ 2844.853512] loop2: detected capacity change from 0 to 288 [ 2844.874100] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2844.878318] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2844.886650] FAT-fs (loop2): error, invalid access to FAT (entry 0x00ffffff) [ 2844.887862] FAT-fs (loop2): Filesystem has been set read-only [ 2844.898429] FAULT_INJECTION: forcing a failure. [ 2844.898429] name failslab, interval 1, probability 0, space 0, times 0 [ 2844.900091] CPU: 0 UID: 0 PID: 16693 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2844.900122] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2844.900136] Call Trace: [ 2844.900145] [ 2844.900155] dump_stack_lvl+0xfa/0x120 [ 2844.900189] should_fail_ex+0x4d7/0x5e0 [ 2844.900232] ? jbd2__journal_start+0x193/0x6b0 [ 2844.900257] should_failslab+0xc2/0x120 [ 2844.900294] kmem_cache_alloc_noprof+0x5f/0x470 [ 2844.900325] ? lock_is_held_type+0x9e/0x120 [ 2844.900357] jbd2__journal_start+0x193/0x6b0 [ 2844.900387] __ext4_journal_start_sb+0x325/0x5d0 [ 2844.900421] ? ext4_file_write_iter+0xd74/0x1990 [ 2844.900457] ext4_file_write_iter+0xd74/0x1990 [ 2844.900503] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2844.900532] ? __kasan_kmalloc+0x7f/0x90 [ 2844.900554] ? trace_kmalloc+0x1f/0xb0 [ 2844.900575] ? __kmalloc_noprof+0x215/0x4b0 [ 2844.900604] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2844.900642] iter_file_splice_write+0x927/0x10c0 [ 2844.900692] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2844.900754] ? lock_is_held_type+0x9e/0x120 [ 2844.900775] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2844.900806] direct_splice_actor+0x192/0x7b0 [ 2844.900838] splice_direct_to_actor+0x347/0x9d0 [ 2844.900876] ? __pfx_direct_splice_actor+0x10/0x10 [ 2844.900911] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2844.900942] ? lock_acquire+0x15e/0x2f0 [ 2844.900975] do_splice_direct+0x179/0x250 [ 2844.901002] ? __pfx_do_splice_direct+0x10/0x10 [ 2844.901029] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2844.901061] ? security_file_permission+0x22/0x90 [ 2844.901094] do_sendfile+0xa8e/0xdc0 [ 2844.901134] ? __pfx_do_sendfile+0x10/0x10 [ 2844.901165] ? __fget_files+0x20d/0x3b0 [ 2844.901210] __x64_sys_sendfile64+0x1d3/0x210 [ 2844.901234] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2844.901272] do_syscall_64+0xbf/0x360 [ 2844.901300] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2844.901324] RIP: 0033:0x7fe5d2196b19 [ 2844.901343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2844.901365] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2844.901388] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2844.901403] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2844.901417] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2844.901431] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2844.901445] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2844.901483] [ 2844.969697] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2844.982803] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:33:37 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2e, 0x1) 09:33:37 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x30, 0x1) 09:33:37 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x931a, 0x4, 0x0, 0x7fff0000}]}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x2, r0, 0x7fff, 0x80000}) ioctl$sock_inet_SIOCGIFPFLAGS(0xffffffffffffffff, 0x8935, &(0x7f00000001c0)={'veth0\x00'}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000080)={0x0, 0x2, r0, 0x5}) ioctl$int_out(r0, 0x7e52, &(0x7f0000000180)) r1 = creat(&(0x7f0000000200)='./file0\x00', 0x61) openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r2, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000140)={0x0, 0x4, r2, 0x81, 0x80000}) ftruncate(r0, 0x9) 09:33:37 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:33:37 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 50) [ 2845.209245] loop6: detected capacity change from 0 to 256 [ 2845.217196] loop0: detected capacity change from 0 to 256 [ 2845.230581] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2845.245542] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:33:37 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 52) [ 2845.279835] loop2: detected capacity change from 0 to 288 [ 2845.317358] FAT-fs (loop2): bogus logical sector size 2063 [ 2845.318487] FAT-fs (loop2): Can't find a valid FAT filesystem 09:33:37 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80030) 09:33:37 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 54) [ 2845.374172] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2845.426602] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2845.563609] FAULT_INJECTION: forcing a failure. [ 2845.563609] name failslab, interval 1, probability 0, space 0, times 0 [ 2845.565297] CPU: 0 UID: 0 PID: 16719 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2845.565328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2845.565341] Call Trace: [ 2845.565350] [ 2845.565360] dump_stack_lvl+0xfa/0x120 [ 2845.565392] should_fail_ex+0x4d7/0x5e0 [ 2845.565436] should_failslab+0xc2/0x120 [ 2845.565473] __kmalloc_cache_noprof+0x73/0x470 [ 2845.565501] ? __ext4_journal_stop+0xe2/0x1f0 [ 2845.565532] ? ext4_file_write_iter+0xdbd/0x1990 [ 2845.565560] ? iter_file_splice_write+0x927/0x10c0 [ 2845.565586] ? direct_splice_actor+0x192/0x7b0 [ 2845.565610] ? splice_direct_to_actor+0x347/0x9d0 [ 2845.565634] ? __iomap_dio_rw+0x270/0x1cf0 [ 2845.565662] ? do_sendfile+0xa8e/0xdc0 [ 2845.565699] ? __iomap_dio_rw+0x270/0x1cf0 [ 2845.565728] __iomap_dio_rw+0x270/0x1cf0 [ 2845.565767] ? perf_trace_preemptirq_template+0x259/0x430 [ 2845.565808] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2845.565840] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2845.565879] ? lock_release+0xc8/0x290 [ 2845.565905] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2845.565943] ? mark_held_locks+0x49/0x80 [ 2845.565971] ? kasan_quarantine_put+0x84/0x1e0 [ 2845.566049] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2845.566075] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2845.566119] iomap_dio_rw+0x40/0xa0 [ 2845.566154] ext4_file_write_iter+0xe0b/0x1990 [ 2845.566201] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2845.566229] ? __kasan_kmalloc+0x7f/0x90 [ 2845.566251] ? trace_kmalloc+0x1f/0xb0 [ 2845.566272] ? __kmalloc_noprof+0x215/0x4b0 [ 2845.566302] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2845.566338] iter_file_splice_write+0x927/0x10c0 [ 2845.566388] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2845.566450] ? lock_is_held_type+0x9e/0x120 [ 2845.566473] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2845.566504] direct_splice_actor+0x192/0x7b0 [ 2845.566536] splice_direct_to_actor+0x347/0x9d0 [ 2845.566566] ? __pfx_direct_splice_actor+0x10/0x10 [ 2845.566602] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2845.566633] ? lock_acquire+0x15e/0x2f0 [ 2845.566663] do_splice_direct+0x179/0x250 [ 2845.566690] ? __pfx_do_splice_direct+0x10/0x10 [ 2845.566718] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2845.566750] ? security_file_permission+0x22/0x90 [ 2845.566782] do_sendfile+0xa8e/0xdc0 [ 2845.566822] ? __pfx_do_sendfile+0x10/0x10 [ 2845.566853] ? __fget_files+0x20d/0x3b0 [ 2845.566898] __x64_sys_sendfile64+0x1d3/0x210 [ 2845.566922] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2845.566959] do_syscall_64+0xbf/0x360 [ 2845.566987] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2845.567011] RIP: 0033:0x7f7b6ab9db19 [ 2845.567030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2845.567052] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2845.567074] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2845.567089] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2845.567102] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2845.567116] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2845.567130] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2845.567167] [ 2845.648745] FAULT_INJECTION: forcing a failure. [ 2845.648745] name failslab, interval 1, probability 0, space 0, times 0 [ 2845.650251] CPU: 1 UID: 0 PID: 16721 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2845.650275] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2845.650286] Call Trace: [ 2845.650292] [ 2845.650299] dump_stack_lvl+0xfa/0x120 [ 2845.650326] should_fail_ex+0x4d7/0x5e0 [ 2845.650364] ? ext4_init_io_end+0x27/0x180 [ 2845.650385] should_failslab+0xc2/0x120 [ 2845.650414] kmem_cache_alloc_noprof+0x5f/0x470 [ 2845.650440] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 2845.650465] ext4_init_io_end+0x27/0x180 [ 2845.650484] ext4_do_writepages+0xaa4/0x3230 [ 2845.650535] ? __pfx_ext4_do_writepages+0x10/0x10 [ 2845.650571] ? lock_is_held_type+0x9e/0x120 [ 2845.650593] ext4_writepages+0x369/0x7a0 [ 2845.650620] ? __pfx_ext4_writepages+0x10/0x10 [ 2845.650643] ? __pfx_perf_trace_lock+0x10/0x10 [ 2845.650677] ? lock_release+0xc8/0x290 [ 2845.650697] ? do_raw_spin_unlock+0x53/0x220 [ 2845.650720] ? __pfx_ext4_writepages+0x10/0x10 [ 2845.650748] do_writepages+0x244/0x5c0 [ 2845.650780] filemap_fdatawrite_wbc+0x10b/0x150 [ 2845.650817] __filemap_fdatawrite_range+0xb9/0x100 [ 2845.650854] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 2845.650888] ? kasan_save_stack+0x34/0x50 [ 2845.650941] ? __create_object+0x59/0x80 [ 2845.650965] ? __kmalloc_cache_noprof+0x369/0x470 [ 2845.650985] ? __ext4_journal_stop+0xe2/0x1f0 [ 2845.651014] filemap_write_and_wait_range.part.0+0x89/0x110 [ 2845.651042] kiocb_invalidate_pages+0xe4/0x180 [ 2845.651069] __iomap_dio_rw+0xf9f/0x1cf0 [ 2845.651107] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2845.651133] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2845.651157] ? lock_release+0xc8/0x290 [ 2845.651175] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2845.651203] ? mark_held_locks+0x49/0x80 [ 2845.651224] ? kasan_quarantine_put+0x84/0x1e0 [ 2845.651274] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2845.651295] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2845.651335] iomap_dio_rw+0x40/0xa0 [ 2845.651361] ext4_file_write_iter+0xe0b/0x1990 [ 2845.651397] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2845.651418] ? __kasan_kmalloc+0x7f/0x90 [ 2845.651434] ? trace_kmalloc+0x1f/0xb0 [ 2845.651450] ? __kmalloc_noprof+0x215/0x4b0 [ 2845.651471] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2845.651500] iter_file_splice_write+0x927/0x10c0 [ 2845.651537] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2845.651583] ? lock_is_held_type+0x9e/0x120 [ 2845.651599] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2845.651622] direct_splice_actor+0x192/0x7b0 [ 2845.651646] splice_direct_to_actor+0x347/0x9d0 [ 2845.651668] ? __pfx_direct_splice_actor+0x10/0x10 [ 2845.651695] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2845.651718] ? lock_acquire+0x15e/0x2f0 [ 2845.651741] do_splice_direct+0x179/0x250 [ 2845.651762] ? __pfx_do_splice_direct+0x10/0x10 [ 2845.651793] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2845.651820] ? security_file_permission+0x22/0x90 [ 2845.651846] do_sendfile+0xa8e/0xdc0 [ 2845.651876] ? __pfx_do_sendfile+0x10/0x10 [ 2845.651900] ? __fget_files+0x20d/0x3b0 [ 2845.651934] __x64_sys_sendfile64+0x1d3/0x210 [ 2845.651953] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2845.651980] do_syscall_64+0xbf/0x360 [ 2845.652002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2845.652020] RIP: 0033:0x7f85c6477b19 [ 2845.652034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2845.652051] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2845.652067] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2845.652080] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2845.652091] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2845.652101] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2845.652112] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2845.652140] 09:33:49 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 55) 09:33:49 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8004f) 09:33:49 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x31, 0x1) 09:33:49 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2f, 0x1) 09:33:49 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:33:49 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r1, &(0x7f00000000c0)=[{&(0x7f0000000000)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000100)) ftruncate(r0, 0x0) 09:33:49 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 51) 09:33:49 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 53) [ 2857.176820] loop2: detected capacity change from 0 to 288 [ 2857.177394] loop0: detected capacity change from 0 to 256 [ 2857.178561] loop6: detected capacity change from 0 to 256 [ 2857.188318] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2857.199368] FAT-fs (loop2): bogus logical sector size 2063 [ 2857.199972] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2857.229959] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2857.232009] FAULT_INJECTION: forcing a failure. [ 2857.232009] name failslab, interval 1, probability 0, space 0, times 0 [ 2857.234270] CPU: 1 UID: 0 PID: 16739 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2857.234304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2857.234318] Call Trace: [ 2857.234327] [ 2857.234337] dump_stack_lvl+0xfa/0x120 [ 2857.234369] should_fail_ex+0x4d7/0x5e0 [ 2857.234411] ? ext4_find_extent+0x7f5/0xa00 [ 2857.234434] should_failslab+0xc2/0x120 [ 2857.234473] __kmalloc_noprof+0xb4/0x4b0 [ 2857.234517] ext4_find_extent+0x7f5/0xa00 [ 2857.234551] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2857.234595] ? unwind_next_frame+0x3bc/0x2540 [ 2857.234628] ? do_syscall_64+0xbf/0x360 [ 2857.234655] ? perf_trace_lock_acquire+0xc9/0x700 [ 2857.234682] ? perf_trace_lock_acquire+0xc9/0x700 [ 2857.234714] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2857.234756] ? lock_acquire+0x15e/0x2f0 [ 2857.234779] ? ext4_map_blocks+0x569/0x15a0 [ 2857.234825] ? down_write+0x119/0x1f0 [ 2857.234851] ? __pfx_down_write+0x10/0x10 [ 2857.234881] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2857.234920] ext4_map_blocks+0x630/0x15a0 [ 2857.234961] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2857.234987] ? lock_is_held_type+0x9e/0x120 [ 2857.235018] ? jbd2__journal_start+0xf6/0x6b0 [ 2857.235050] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2857.235082] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2857.235113] ? ext4_iomap_begin+0x5b8/0xe80 [ 2857.235152] ext4_iomap_begin+0xa62/0xe80 [ 2857.235202] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2857.235247] ? __create_object+0x59/0x80 [ 2857.235275] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2857.235310] iomap_iter+0x54a/0xdb0 [ 2857.235349] __iomap_dio_rw+0x6ac/0x1cf0 [ 2857.235398] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2857.235433] ? lock_release+0xc8/0x290 [ 2857.235458] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2857.235504] ? kasan_quarantine_put+0x84/0x1e0 [ 2857.235571] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2857.235596] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2857.235640] iomap_dio_rw+0x40/0xa0 [ 2857.235675] ext4_file_write_iter+0xe0b/0x1990 [ 2857.235722] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2857.235751] ? __kasan_kmalloc+0x7f/0x90 [ 2857.235774] ? trace_kmalloc+0x1f/0xb0 [ 2857.235794] ? __kmalloc_noprof+0x215/0x4b0 [ 2857.235823] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2857.235861] iter_file_splice_write+0x927/0x10c0 [ 2857.235911] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2857.235974] ? lock_is_held_type+0x9e/0x120 [ 2857.235996] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2857.236027] direct_splice_actor+0x192/0x7b0 [ 2857.236059] splice_direct_to_actor+0x347/0x9d0 [ 2857.236089] ? __pfx_direct_splice_actor+0x10/0x10 [ 2857.236125] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2857.236157] ? lock_acquire+0x15e/0x2f0 [ 2857.236187] do_splice_direct+0x179/0x250 [ 2857.236214] ? __pfx_do_splice_direct+0x10/0x10 [ 2857.236242] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2857.236275] ? security_file_permission+0x22/0x90 [ 2857.236307] do_sendfile+0xa8e/0xdc0 [ 2857.236347] ? __pfx_do_sendfile+0x10/0x10 [ 2857.236378] ? __fget_files+0x20d/0x3b0 [ 2857.236424] __x64_sys_sendfile64+0x1d3/0x210 [ 2857.236448] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2857.236486] do_syscall_64+0xbf/0x360 [ 2857.236513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2857.236537] RIP: 0033:0x7f85c6477b19 [ 2857.236556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2857.236580] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2857.236602] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2857.236618] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2857.236632] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2857.236646] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2857.236659] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2857.236697] 09:33:49 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x30, 0x1) 09:33:49 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2857.304041] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2857.306481] FAULT_INJECTION: forcing a failure. [ 2857.306481] name failslab, interval 1, probability 0, space 0, times 0 [ 2857.307482] CPU: 0 UID: 0 PID: 16738 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2857.307502] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2857.307512] Call Trace: [ 2857.307518] [ 2857.307524] dump_stack_lvl+0xfa/0x120 [ 2857.307548] should_fail_ex+0x4d7/0x5e0 [ 2857.307579] should_failslab+0xc2/0x120 [ 2857.307604] __kmalloc_cache_noprof+0x73/0x470 [ 2857.307623] ? __ext4_journal_stop+0xe2/0x1f0 [ 2857.307644] ? ext4_file_write_iter+0xdbd/0x1990 [ 2857.307663] ? iter_file_splice_write+0x927/0x10c0 [ 2857.307681] ? direct_splice_actor+0x192/0x7b0 [ 2857.307697] ? splice_direct_to_actor+0x347/0x9d0 [ 2857.307712] ? __iomap_dio_rw+0x270/0x1cf0 [ 2857.307732] ? do_sendfile+0xa8e/0xdc0 [ 2857.307751] ? do_syscall_64+0xbf/0x360 [ 2857.307772] ? __iomap_dio_rw+0x270/0x1cf0 [ 2857.307793] __iomap_dio_rw+0x270/0x1cf0 [ 2857.307811] ? __pfx_perf_trace_lock+0x10/0x10 [ 2857.307834] ? lock_acquire+0x15e/0x2f0 [ 2857.307849] ? __virt_addr_valid+0x1c6/0x5d0 [ 2857.307878] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2857.307900] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2857.307921] ? lock_release+0xc8/0x290 [ 2857.307936] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2857.307959] ? mark_held_locks+0x49/0x80 [ 2857.307977] ? kasan_quarantine_put+0x84/0x1e0 [ 2857.308017] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2857.308035] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2857.308063] iomap_dio_rw+0x40/0xa0 [ 2857.308085] ext4_file_write_iter+0xe0b/0x1990 [ 2857.308114] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2857.308131] ? __kasan_kmalloc+0x7f/0x90 [ 2857.308146] ? trace_kmalloc+0x1f/0xb0 [ 2857.308159] ? __kmalloc_noprof+0x215/0x4b0 [ 2857.308177] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2857.308200] iter_file_splice_write+0x927/0x10c0 [ 2857.308230] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2857.308267] ? lock_is_held_type+0x9e/0x120 [ 2857.308282] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2857.308302] direct_splice_actor+0x192/0x7b0 [ 2857.308322] splice_direct_to_actor+0x347/0x9d0 [ 2857.308340] ? __pfx_direct_splice_actor+0x10/0x10 [ 2857.308362] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2857.308381] ? lock_acquire+0x15e/0x2f0 [ 2857.308400] do_splice_direct+0x179/0x250 [ 2857.308417] ? __pfx_do_splice_direct+0x10/0x10 [ 2857.308434] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2857.308454] ? security_file_permission+0x22/0x90 [ 2857.308475] do_sendfile+0xa8e/0xdc0 [ 2857.308500] ? __pfx_do_sendfile+0x10/0x10 [ 2857.308519] ? __fget_files+0x20d/0x3b0 [ 2857.308548] __x64_sys_sendfile64+0x1d3/0x210 [ 2857.308563] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2857.308586] do_syscall_64+0xbf/0x360 [ 2857.308603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2857.308618] RIP: 0033:0x7fe5d2196b19 [ 2857.308631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2857.308645] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2857.308659] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2857.308668] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2857.308677] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2857.308685] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2857.308694] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2857.308717] [ 2857.409430] loop6: detected capacity change from 0 to 256 09:33:49 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 52) 09:33:49 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 56) 09:33:49 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x32, 0x1) [ 2857.432404] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:33:49 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 54) [ 2857.481234] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2857.536134] loop2: detected capacity change from 0 to 288 09:33:50 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x10) ftruncate(r0, 0x0) [ 2857.586288] FAT-fs (loop2): bogus logical sector size 2063 [ 2857.587462] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2857.606333] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:33:50 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x31, 0x1) [ 2857.637609] loop0: detected capacity change from 0 to 256 [ 2857.643338] FAULT_INJECTION: forcing a failure. [ 2857.643338] name failslab, interval 1, probability 0, space 0, times 0 [ 2857.645004] CPU: 1 UID: 0 PID: 16754 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2857.645035] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2857.645049] Call Trace: [ 2857.645058] [ 2857.645068] dump_stack_lvl+0xfa/0x120 [ 2857.645100] should_fail_ex+0x4d7/0x5e0 [ 2857.645144] should_failslab+0xc2/0x120 [ 2857.645181] __kmalloc_cache_noprof+0x73/0x470 [ 2857.645209] ? __ext4_journal_stop+0xe2/0x1f0 [ 2857.645241] ? ext4_file_write_iter+0xdbd/0x1990 [ 2857.645270] ? iter_file_splice_write+0x927/0x10c0 [ 2857.645296] ? direct_splice_actor+0x192/0x7b0 [ 2857.645320] ? splice_direct_to_actor+0x347/0x9d0 [ 2857.645344] ? __iomap_dio_rw+0x270/0x1cf0 [ 2857.645372] ? do_sendfile+0xa8e/0xdc0 [ 2857.645402] ? do_syscall_64+0xbf/0x360 [ 2857.645433] ? __iomap_dio_rw+0x270/0x1cf0 [ 2857.645461] __iomap_dio_rw+0x270/0x1cf0 [ 2857.645490] ? __pfx_perf_trace_lock+0x10/0x10 [ 2857.645524] ? lock_acquire+0x15e/0x2f0 [ 2857.645547] ? __virt_addr_valid+0x1c6/0x5d0 [ 2857.645585] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2857.645618] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2857.645650] ? lock_release+0xc8/0x290 [ 2857.645674] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2857.645713] ? mark_held_locks+0x49/0x80 [ 2857.645741] ? kasan_quarantine_put+0x84/0x1e0 [ 2857.645807] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2857.645834] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2857.645886] iomap_dio_rw+0x40/0xa0 [ 2857.645921] ext4_file_write_iter+0xe0b/0x1990 [ 2857.645968] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2857.645996] ? __kasan_kmalloc+0x7f/0x90 [ 2857.646019] ? trace_kmalloc+0x1f/0xb0 [ 2857.646039] ? __kmalloc_noprof+0x215/0x4b0 [ 2857.646069] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2857.646105] iter_file_splice_write+0x927/0x10c0 [ 2857.646165] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2857.646228] ? lock_is_held_type+0x9e/0x120 [ 2857.646250] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2857.646281] direct_splice_actor+0x192/0x7b0 [ 2857.646313] splice_direct_to_actor+0x347/0x9d0 [ 2857.646343] ? __pfx_direct_splice_actor+0x10/0x10 [ 2857.646379] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2857.646410] ? lock_acquire+0x15e/0x2f0 [ 2857.646440] do_splice_direct+0x179/0x250 [ 2857.646466] ? __pfx_do_splice_direct+0x10/0x10 [ 2857.646494] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2857.646526] ? security_file_permission+0x22/0x90 [ 2857.646559] do_sendfile+0xa8e/0xdc0 [ 2857.646598] ? __pfx_do_sendfile+0x10/0x10 [ 2857.646629] ? __fget_files+0x20d/0x3b0 [ 2857.646674] __x64_sys_sendfile64+0x1d3/0x210 [ 2857.646698] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2857.646735] do_syscall_64+0xbf/0x360 [ 2857.646763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2857.646786] RIP: 0033:0x7fe5d2196b19 [ 2857.646805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2857.646827] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2857.646849] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2857.646864] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2857.646878] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2857.646892] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2857.646906] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2857.646944] [ 2857.716431] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2857.821664] loop6: detected capacity change from 0 to 256 [ 2857.843494] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2857.868185] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2857.996241] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:02 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 55) 09:34:02 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 57) 09:34:02 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:34:02 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80050) 09:34:02 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x33, 0x1) 09:34:02 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 53) 09:34:02 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x32, 0x1) 09:34:02 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r1, &(0x7f00000000c0), 0x0, 0x7ffff, 0x0, 0x4) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000000)={r2, 0x3, r0, 0x8001}) r3 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r3, 0x0) [ 2870.093591] loop0: detected capacity change from 0 to 256 [ 2870.097266] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2870.145612] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:02 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x38, 0x1) [ 2870.174927] loop6: detected capacity change from 0 to 256 [ 2870.176649] loop2: detected capacity change from 0 to 288 [ 2870.208431] FAULT_INJECTION: forcing a failure. [ 2870.208431] name failslab, interval 1, probability 0, space 0, times 0 [ 2870.210466] CPU: 1 UID: 0 PID: 16784 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2870.210502] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2870.210517] Call Trace: [ 2870.210526] [ 2870.210537] dump_stack_lvl+0xfa/0x120 [ 2870.210573] should_fail_ex+0x4d7/0x5e0 [ 2870.210620] ? ext4_find_extent+0x7f5/0xa00 [ 2870.210644] should_failslab+0xc2/0x120 [ 2870.210686] __kmalloc_noprof+0xb4/0x4b0 [ 2870.210732] ext4_find_extent+0x7f5/0xa00 [ 2870.210769] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2870.210818] ? unwind_next_frame+0x3bc/0x2540 [ 2870.210853] ? do_syscall_64+0xbf/0x360 [ 2870.210892] ? perf_trace_lock_acquire+0xc9/0x700 [ 2870.210922] ? perf_trace_lock_acquire+0xc9/0x700 [ 2870.210958] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2870.211006] ? lock_acquire+0x15e/0x2f0 [ 2870.211032] ? ext4_map_blocks+0x569/0x15a0 [ 2870.211084] ? down_write+0x119/0x1f0 [ 2870.211112] ? __pfx_down_write+0x10/0x10 [ 2870.211138] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2870.211182] ext4_map_blocks+0x630/0x15a0 [ 2870.211228] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2870.211259] ? lock_is_held_type+0x9e/0x120 [ 2870.211293] ? jbd2__journal_start+0xf6/0x6b0 [ 2870.211329] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2870.211364] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2870.211399] ? ext4_iomap_begin+0x5b8/0xe80 [ 2870.211443] ext4_iomap_begin+0xa62/0xe80 [ 2870.211500] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2870.211551] ? __create_object+0x59/0x80 [ 2870.211582] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2870.211622] iomap_iter+0x54a/0xdb0 [ 2870.211666] __iomap_dio_rw+0x6ac/0x1cf0 [ 2870.211722] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2870.211761] ? lock_release+0xc8/0x290 [ 2870.211788] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2870.211842] ? kasan_quarantine_put+0x84/0x1e0 [ 2870.211918] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2870.211947] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2870.211997] iomap_dio_rw+0x40/0xa0 [ 2870.212038] ext4_file_write_iter+0xe0b/0x1990 [ 2870.212091] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2870.212123] ? __kasan_kmalloc+0x7f/0x90 [ 2870.212148] ? trace_kmalloc+0x1f/0xb0 [ 2870.212171] ? __kmalloc_noprof+0x215/0x4b0 [ 2870.212204] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2870.212247] iter_file_splice_write+0x927/0x10c0 [ 2870.212303] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2870.212376] ? lock_is_held_type+0x9e/0x120 [ 2870.212400] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2870.212436] direct_splice_actor+0x192/0x7b0 [ 2870.212473] splice_direct_to_actor+0x347/0x9d0 [ 2870.212507] ? __pfx_direct_splice_actor+0x10/0x10 [ 2870.212548] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2870.212584] ? lock_acquire+0x15e/0x2f0 [ 2870.212618] do_splice_direct+0x179/0x250 [ 2870.212649] ? __pfx_do_splice_direct+0x10/0x10 [ 2870.212681] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2870.212718] ? security_file_permission+0x22/0x90 [ 2870.212755] do_sendfile+0xa8e/0xdc0 [ 2870.212801] ? __pfx_do_sendfile+0x10/0x10 [ 2870.212837] ? __fget_files+0x20d/0x3b0 [ 2870.212888] __x64_sys_sendfile64+0x1d3/0x210 [ 2870.212915] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2870.212958] do_syscall_64+0xbf/0x360 [ 2870.212989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2870.213016] RIP: 0033:0x7f7b6ab9db19 [ 2870.213036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2870.213061] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2870.213086] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2870.213104] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2870.213119] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2870.213135] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2870.213151] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2870.213194] [ 2870.216321] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2870.220815] FAT-fs (loop2): bogus number of reserved sectors [ 2870.274519] FAT-fs (loop2): Can't find a valid FAT filesystem 09:34:02 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 56) [ 2870.301328] FAULT_INJECTION: forcing a failure. [ 2870.301328] name failslab, interval 1, probability 0, space 0, times 0 [ 2870.303601] CPU: 1 UID: 0 PID: 16786 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2870.303636] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2870.303650] Call Trace: [ 2870.303660] [ 2870.303670] dump_stack_lvl+0xfa/0x120 [ 2870.303705] should_fail_ex+0x4d7/0x5e0 [ 2870.303752] ? jbd2__journal_start+0x193/0x6b0 [ 2870.303778] should_failslab+0xc2/0x120 [ 2870.303819] kmem_cache_alloc_noprof+0x5f/0x470 [ 2870.303853] ? lock_is_held_type+0x9e/0x120 [ 2870.303896] jbd2__journal_start+0x193/0x6b0 [ 2870.303930] __ext4_journal_start_sb+0x325/0x5d0 [ 2870.303968] ? ext4_iomap_begin+0x5b8/0xe80 [ 2870.304011] ext4_iomap_begin+0x5b8/0xe80 [ 2870.304068] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2870.304118] ? __create_object+0x59/0x80 [ 2870.304148] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2870.304188] iomap_iter+0x54a/0xdb0 [ 2870.304231] __iomap_dio_rw+0x6ac/0x1cf0 [ 2870.304286] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2870.304324] ? lock_release+0xc8/0x290 [ 2870.304352] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2870.304405] ? kasan_quarantine_put+0x84/0x1e0 [ 2870.304479] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2870.304508] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2870.304558] iomap_dio_rw+0x40/0xa0 [ 2870.304597] ext4_file_write_iter+0xe0b/0x1990 [ 2870.304649] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2870.304681] ? __kasan_kmalloc+0x7f/0x90 [ 2870.304706] ? trace_kmalloc+0x1f/0xb0 [ 2870.304729] ? __kmalloc_noprof+0x215/0x4b0 [ 2870.304761] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2870.304804] iter_file_splice_write+0x927/0x10c0 [ 2870.304859] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2870.304929] ? lock_is_held_type+0x9e/0x120 [ 2870.304953] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2870.304989] direct_splice_actor+0x192/0x7b0 [ 2870.305025] splice_direct_to_actor+0x347/0x9d0 [ 2870.305058] ? __pfx_direct_splice_actor+0x10/0x10 [ 2870.305098] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2870.305133] ? lock_acquire+0x15e/0x2f0 [ 2870.305167] do_splice_direct+0x179/0x250 [ 2870.305197] ? __pfx_do_splice_direct+0x10/0x10 [ 2870.305229] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2870.305265] ? security_file_permission+0x22/0x90 [ 2870.305301] do_sendfile+0xa8e/0xdc0 [ 2870.305346] ? __pfx_do_sendfile+0x10/0x10 [ 2870.305381] ? __fget_files+0x20d/0x3b0 [ 2870.305431] __x64_sys_sendfile64+0x1d3/0x210 [ 2870.305458] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2870.305500] do_syscall_64+0xbf/0x360 [ 2870.305531] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2870.305558] RIP: 0033:0x7fe5d2196b19 [ 2870.305578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2870.305603] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2870.305627] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2870.305645] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2870.305660] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2870.305676] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2870.305692] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2870.305734] [ 2870.317459] loop0: detected capacity change from 0 to 256 [ 2870.381004] FAULT_INJECTION: forcing a failure. [ 2870.381004] name failslab, interval 1, probability 0, space 0, times 0 [ 2870.381917] CPU: 0 UID: 0 PID: 16795 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2870.381935] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2870.381943] Call Trace: [ 2870.381949] [ 2870.381955] dump_stack_lvl+0xfa/0x120 [ 2870.381979] should_fail_ex+0x4d7/0x5e0 [ 2870.382007] ? jbd2__journal_start+0x193/0x6b0 [ 2870.382023] should_failslab+0xc2/0x120 [ 2870.382046] kmem_cache_alloc_noprof+0x5f/0x470 [ 2870.382065] ? lock_is_held_type+0x9e/0x120 [ 2870.382084] jbd2__journal_start+0x193/0x6b0 [ 2870.382101] __ext4_journal_start_sb+0x325/0x5d0 [ 2870.382121] ? ext4_iomap_begin+0x5b8/0xe80 [ 2870.382143] ext4_iomap_begin+0x5b8/0xe80 [ 2870.382171] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2870.382195] ? __create_object+0x59/0x80 [ 2870.382213] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2870.382232] iomap_iter+0x54a/0xdb0 [ 2870.382255] __iomap_dio_rw+0x6ac/0x1cf0 [ 2870.382289] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2870.382314] ? lock_release+0xc8/0x290 [ 2870.382330] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2870.382355] ? kasan_quarantine_put+0x84/0x1e0 [ 2870.382390] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2870.382405] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2870.382430] iomap_dio_rw+0x40/0xa0 [ 2870.382449] ext4_file_write_iter+0xe0b/0x1990 [ 2870.382476] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2870.382491] ? __kasan_kmalloc+0x7f/0x90 [ 2870.382504] ? trace_kmalloc+0x1f/0xb0 [ 2870.382516] ? __kmalloc_noprof+0x215/0x4b0 [ 2870.382531] ? perf_trace_run_bpf_submit+0xef/0x180 [ 2870.382547] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2870.382569] iter_file_splice_write+0x927/0x10c0 [ 2870.382596] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2870.382630] ? lock_is_held_type+0x9e/0x120 [ 2870.382642] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2870.382659] direct_splice_actor+0x192/0x7b0 [ 2870.382676] splice_direct_to_actor+0x347/0x9d0 [ 2870.382693] ? __pfx_direct_splice_actor+0x10/0x10 [ 2870.382712] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2870.382729] ? lock_acquire+0x15e/0x2f0 [ 2870.382746] do_splice_direct+0x179/0x250 [ 2870.382760] ? __pfx_do_splice_direct+0x10/0x10 [ 2870.382776] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2870.382793] ? security_file_permission+0x22/0x90 [ 2870.382813] do_sendfile+0xa8e/0xdc0 [ 2870.382836] ? __pfx_do_sendfile+0x10/0x10 [ 2870.382855] ? perf_trace_preemptirq_template+0x259/0x430 [ 2870.382883] __x64_sys_sendfile64+0x1d3/0x210 [ 2870.382897] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2870.382917] do_syscall_64+0xbf/0x360 [ 2870.382934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2870.382948] RIP: 0033:0x7f7b6ab9db19 [ 2870.382959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2870.382972] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2870.382985] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2870.382993] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2870.383001] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2870.383009] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2870.383018] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2870.383039] [ 2870.418400] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:02 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x38, 0x1) [ 2870.434186] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:02 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r1, 0x0) fchmod(r0, 0x20) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0xa, &(0x7f0000000100)=[{0x3, 0x9, 0xf7, 0x800}, {0x1ff, 0x0, 0x0, 0x40}, {0xb94, 0x8, 0x2, 0xf7f1}, {0x2, 0x3, 0xa4, 0x9}, {0x1f, 0x22, 0xfc, 0x8}, {0xfff, 0x6, 0x80, 0x24}, {0x5, 0x1f, 0x81, 0xffff}, {0xe1e4, 0x5, 0x7, 0xffffffe0}, {0x8001, 0x1f, 0x81, 0x5}, {0x81, 0x8, 0xb4, 0xf23}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x8, &(0x7f0000000000)=[{0x7, 0x9, 0x8, 0x3}, {0x100, 0x89, 0x4, 0x4df}, {0x6, 0xa9, 0xc2, 0x8000}, {0xff, 0x64, 0xf7, 0xffff}, {0x3f, 0x0, 0x0, 0x8}, {0xff, 0x6, 0x4, 0x4}, {0x1f, 0xff, 0x3, 0x8000}, {0xa00, 0x0, 0x9, 0x8}]}) [ 2870.580493] loop6: detected capacity change from 0 to 256 [ 2870.590120] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2870.635240] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:14 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 57) 09:34:14 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x60, 0x1) 09:34:14 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x60, 0x1) 09:34:14 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 54) 09:34:14 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = getpgid(0x0) r3 = fork() kcmp(r3, r2, 0x0, r1, r1) sched_getattr(r2, &(0x7f0000000040)={0x38}, 0x38, 0x0) fcntl$setown(r0, 0x8, r3) ftruncate(0xffffffffffffffff, 0x0) 09:34:14 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8005f) 09:34:14 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:34:14 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 58) [ 2882.134455] loop6: detected capacity change from 0 to 256 [ 2882.143113] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2882.175233] FAULT_INJECTION: forcing a failure. [ 2882.175233] name failslab, interval 1, probability 0, space 0, times 0 [ 2882.176225] CPU: 1 UID: 0 PID: 16815 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2882.176244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2882.176253] Call Trace: [ 2882.176258] [ 2882.176264] dump_stack_lvl+0xfa/0x120 [ 2882.176286] should_fail_ex+0x4d7/0x5e0 [ 2882.176314] ? ext4_find_extent+0x7f5/0xa00 [ 2882.176328] should_failslab+0xc2/0x120 [ 2882.176350] __kmalloc_noprof+0xb4/0x4b0 [ 2882.176374] ext4_find_extent+0x7f5/0xa00 [ 2882.176393] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2882.176417] ? unwind_next_frame+0x3bc/0x2540 [ 2882.176437] ? do_syscall_64+0xbf/0x360 [ 2882.176453] ? perf_trace_lock_acquire+0xc9/0x700 [ 2882.176469] ? perf_trace_lock_acquire+0xc9/0x700 [ 2882.176487] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2882.176512] ? lock_acquire+0x15e/0x2f0 [ 2882.176527] ? ext4_map_blocks+0x569/0x15a0 [ 2882.176554] ? down_write+0x119/0x1f0 [ 2882.176569] ? __pfx_down_write+0x10/0x10 [ 2882.176582] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2882.176604] ext4_map_blocks+0x630/0x15a0 [ 2882.176628] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2882.176644] ? lock_is_held_type+0x9e/0x120 [ 2882.176662] ? jbd2__journal_start+0xf6/0x6b0 [ 2882.176681] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2882.176699] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2882.176717] ? ext4_iomap_begin+0x5b8/0xe80 [ 2882.176739] ext4_iomap_begin+0xa62/0xe80 [ 2882.176772] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2882.176807] ? __create_object+0x59/0x80 [ 2882.176824] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2882.176844] iomap_iter+0x54a/0xdb0 [ 2882.176871] __iomap_dio_rw+0x6ac/0x1cf0 [ 2882.176899] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2882.176920] ? lock_release+0xc8/0x290 [ 2882.176935] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2882.176961] ? kasan_quarantine_put+0x84/0x1e0 [ 2882.176999] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2882.177014] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2882.177039] iomap_dio_rw+0x40/0xa0 [ 2882.177062] ext4_file_write_iter+0xe0b/0x1990 [ 2882.177088] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2882.177105] ? __kasan_kmalloc+0x7f/0x90 [ 2882.177118] ? trace_kmalloc+0x1f/0xb0 [ 2882.177130] ? __kmalloc_noprof+0x215/0x4b0 [ 2882.177146] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2882.177168] iter_file_splice_write+0x927/0x10c0 [ 2882.177197] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2882.177232] ? lock_is_held_type+0x9e/0x120 [ 2882.177245] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2882.177262] direct_splice_actor+0x192/0x7b0 [ 2882.177281] splice_direct_to_actor+0x347/0x9d0 [ 2882.177298] ? __pfx_direct_splice_actor+0x10/0x10 [ 2882.177320] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2882.177337] ? lock_acquire+0x15e/0x2f0 [ 2882.177354] do_splice_direct+0x179/0x250 [ 2882.177369] ? __pfx_do_splice_direct+0x10/0x10 [ 2882.177385] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2882.177404] ? security_file_permission+0x22/0x90 [ 2882.177424] do_sendfile+0xa8e/0xdc0 [ 2882.177447] ? __pfx_do_sendfile+0x10/0x10 [ 2882.177465] ? __fget_files+0x20d/0x3b0 [ 2882.177491] __x64_sys_sendfile64+0x1d3/0x210 [ 2882.177505] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2882.177526] do_syscall_64+0xbf/0x360 [ 2882.177542] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2882.177556] RIP: 0033:0x7f85c6477b19 [ 2882.177567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2882.177581] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2882.177594] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2882.177602] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2882.177611] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2882.177619] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2882.177627] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2882.177653] 09:34:14 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xf0, 0x1) [ 2882.226174] loop2: detected capacity change from 0 to 288 [ 2882.231124] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2882.239756] FAT-fs (loop2): bogus number of reserved sectors [ 2882.240274] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2882.288183] loop0: detected capacity change from 0 to 256 [ 2882.318953] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:14 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2882.349201] loop6: detected capacity change from 0 to 256 09:34:14 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 59) [ 2882.368246] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:14 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r1, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, @out_args}, './file0\x00'}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000180)) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000) fallocate(r4, 0x9, 0x6, 0x8001) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r5, 0x0) [ 2882.438828] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:14 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xf0, 0x1) [ 2882.462239] loop2: detected capacity change from 0 to 288 [ 2882.485166] FAT-fs (loop2): bogus number of reserved sectors [ 2882.486292] FAT-fs (loop2): Can't find a valid FAT filesystem 09:34:14 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 55) 09:34:14 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 58) 09:34:15 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80060) [ 2882.593568] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:15 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x239, 0x1) [ 2882.605741] FAULT_INJECTION: forcing a failure. [ 2882.605741] name failslab, interval 1, probability 0, space 0, times 0 [ 2882.607977] CPU: 1 UID: 0 PID: 16836 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2882.608011] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2882.608027] Call Trace: [ 2882.608036] [ 2882.608046] dump_stack_lvl+0xfa/0x120 [ 2882.608081] should_fail_ex+0x4d7/0x5e0 [ 2882.608126] ? ext4_mb_new_blocks+0x64e/0x4570 [ 2882.608160] should_failslab+0xc2/0x120 [ 2882.608199] kmem_cache_alloc_noprof+0x5f/0x470 [ 2882.608231] ? ext4_dirty_inode+0xf1/0x130 [ 2882.608270] ? __mark_inode_dirty+0x254/0xd00 [ 2882.608315] ext4_mb_new_blocks+0x64e/0x4570 [ 2882.608366] ? kasan_save_track+0x14/0x30 [ 2882.608389] ? __kasan_kmalloc+0x7f/0x90 [ 2882.608420] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 2882.608456] ? ext4_ext_search_right+0x2e8/0xbd0 [ 2882.608509] ext4_ext_map_blocks+0x1c55/0x5f30 [ 2882.608557] ? unwind_next_frame+0x3bc/0x2540 [ 2882.608592] ? do_syscall_64+0xbf/0x360 [ 2882.608622] ? perf_trace_lock_acquire+0xc9/0x700 [ 2882.608653] ? perf_trace_lock_acquire+0xc9/0x700 [ 2882.608689] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2882.608735] ? lock_acquire+0x15e/0x2f0 [ 2882.608767] ? ext4_map_blocks+0x569/0x15a0 [ 2882.608820] ? __pfx_down_write+0x10/0x10 [ 2882.608847] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2882.608896] ext4_map_blocks+0x630/0x15a0 [ 2882.608941] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2882.608971] ? lock_is_held_type+0x9e/0x120 [ 2882.609004] ? jbd2__journal_start+0xf6/0x6b0 [ 2882.609040] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2882.609076] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2882.609110] ? ext4_iomap_begin+0x5b8/0xe80 [ 2882.609152] ext4_iomap_begin+0xa62/0xe80 [ 2882.609208] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2882.609257] ? __create_object+0x59/0x80 [ 2882.609288] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2882.609327] iomap_iter+0x54a/0xdb0 [ 2882.609371] __iomap_dio_rw+0x6ac/0x1cf0 [ 2882.609425] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2882.609464] ? lock_release+0xc8/0x290 [ 2882.609492] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2882.609543] ? kasan_quarantine_put+0x84/0x1e0 [ 2882.609615] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2882.609643] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2882.609691] iomap_dio_rw+0x40/0xa0 [ 2882.609729] ext4_file_write_iter+0xe0b/0x1990 [ 2882.609780] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2882.609811] ? __kasan_kmalloc+0x7f/0x90 [ 2882.609835] ? trace_kmalloc+0x1f/0xb0 [ 2882.609857] ? __kmalloc_noprof+0x215/0x4b0 [ 2882.609889] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2882.609929] iter_file_splice_write+0x927/0x10c0 [ 2882.609983] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2882.610051] ? lock_is_held_type+0x9e/0x120 [ 2882.610074] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2882.610108] direct_splice_actor+0x192/0x7b0 [ 2882.610143] splice_direct_to_actor+0x347/0x9d0 [ 2882.610175] ? __pfx_direct_splice_actor+0x10/0x10 [ 2882.610214] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2882.610247] ? lock_acquire+0x15e/0x2f0 [ 2882.610280] do_splice_direct+0x179/0x250 [ 2882.610309] ? __pfx_do_splice_direct+0x10/0x10 [ 2882.610339] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2882.610374] ? security_file_permission+0x22/0x90 [ 2882.610423] do_sendfile+0xa8e/0xdc0 [ 2882.610469] ? __pfx_do_sendfile+0x10/0x10 [ 2882.610504] ? __fget_files+0x20d/0x3b0 [ 2882.610553] __x64_sys_sendfile64+0x1d3/0x210 [ 2882.610579] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2882.610620] do_syscall_64+0xbf/0x360 [ 2882.610650] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2882.610675] RIP: 0033:0x7f85c6477b19 [ 2882.610695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2882.610719] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2882.610743] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2882.610760] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2882.610774] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2882.610790] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2882.610805] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2882.610847] [ 2882.698778] loop0: detected capacity change from 0 to 256 09:34:15 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2882.754548] loop6: detected capacity change from 0 to 256 [ 2882.770362] FAULT_INJECTION: forcing a failure. [ 2882.770362] name failslab, interval 1, probability 0, space 0, times 0 [ 2882.772211] CPU: 1 UID: 0 PID: 16845 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2882.772244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2882.772260] Call Trace: [ 2882.772269] [ 2882.772280] dump_stack_lvl+0xfa/0x120 [ 2882.772315] should_fail_ex+0x4d7/0x5e0 [ 2882.772363] ? ext4_find_extent+0x7f5/0xa00 [ 2882.772386] should_failslab+0xc2/0x120 [ 2882.772426] __kmalloc_noprof+0xb4/0x4b0 [ 2882.772470] ext4_find_extent+0x7f5/0xa00 [ 2882.772505] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2882.772552] ? unwind_next_frame+0x3bc/0x2540 [ 2882.772586] ? do_syscall_64+0xbf/0x360 [ 2882.772615] ? perf_trace_lock_acquire+0xc9/0x700 [ 2882.772644] ? perf_trace_lock_acquire+0xc9/0x700 [ 2882.772678] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2882.772724] ? lock_acquire+0x15e/0x2f0 [ 2882.772749] ? ext4_map_blocks+0x569/0x15a0 [ 2882.772798] ? down_write+0x119/0x1f0 [ 2882.772826] ? __pfx_down_write+0x10/0x10 [ 2882.772850] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2882.772900] ext4_map_blocks+0x630/0x15a0 [ 2882.772944] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2882.772973] ? lock_is_held_type+0x9e/0x120 [ 2882.773007] ? jbd2__journal_start+0xf6/0x6b0 [ 2882.773041] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2882.773075] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2882.773109] ? ext4_iomap_begin+0x5b8/0xe80 [ 2882.773151] ext4_iomap_begin+0xa62/0xe80 [ 2882.773205] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2882.773254] ? __create_object+0x59/0x80 [ 2882.773284] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2882.773322] iomap_iter+0x54a/0xdb0 [ 2882.773364] __iomap_dio_rw+0x6ac/0x1cf0 [ 2882.773417] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2882.773455] ? lock_release+0xc8/0x290 [ 2882.773482] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2882.773532] ? kasan_quarantine_put+0x84/0x1e0 [ 2882.773604] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2882.773632] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2882.773680] iomap_dio_rw+0x40/0xa0 [ 2882.773718] ext4_file_write_iter+0xe0b/0x1990 [ 2882.773769] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2882.773799] ? __kasan_kmalloc+0x7f/0x90 [ 2882.773824] ? trace_kmalloc+0x1f/0xb0 [ 2882.773846] ? __kmalloc_noprof+0x215/0x4b0 [ 2882.773878] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2882.773920] iter_file_splice_write+0x927/0x10c0 [ 2882.773974] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2882.774042] ? lock_is_held_type+0x9e/0x120 [ 2882.774065] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2882.774099] direct_splice_actor+0x192/0x7b0 [ 2882.774134] splice_direct_to_actor+0x347/0x9d0 [ 2882.774167] ? __pfx_direct_splice_actor+0x10/0x10 [ 2882.774206] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2882.774239] ? lock_acquire+0x15e/0x2f0 [ 2882.774272] do_splice_direct+0x179/0x250 [ 2882.774301] ? __pfx_do_splice_direct+0x10/0x10 [ 2882.774332] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2882.774367] ? security_file_permission+0x22/0x90 [ 2882.774413] do_sendfile+0xa8e/0xdc0 [ 2882.774457] ? __pfx_do_sendfile+0x10/0x10 [ 2882.774491] ? __fget_files+0x20d/0x3b0 [ 2882.774540] __x64_sys_sendfile64+0x1d3/0x210 [ 2882.774566] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2882.774607] do_syscall_64+0xbf/0x360 [ 2882.774636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2882.774662] RIP: 0033:0x7f7b6ab9db19 [ 2882.774682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2882.774705] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2882.774729] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2882.774746] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2882.774761] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2882.774776] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2882.774791] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2882.774832] [ 2882.779310] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2882.791975] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2882.865737] FAULT_INJECTION: forcing a failure. [ 2882.865737] name failslab, interval 1, probability 0, space 0, times 0 [ 2882.868049] CPU: 0 UID: 0 PID: 16847 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2882.868081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2882.868095] Call Trace: [ 2882.868103] [ 2882.868113] dump_stack_lvl+0xfa/0x120 [ 2882.868151] should_fail_ex+0x4d7/0x5e0 [ 2882.868193] ? jbd2__journal_start+0x193/0x6b0 [ 2882.868217] should_failslab+0xc2/0x120 [ 2882.868254] kmem_cache_alloc_noprof+0x5f/0x470 [ 2882.868285] ? lock_is_held_type+0x9e/0x120 [ 2882.868317] jbd2__journal_start+0x193/0x6b0 [ 2882.868348] __ext4_journal_start_sb+0x325/0x5d0 [ 2882.868382] ? ext4_iomap_begin+0x5b8/0xe80 [ 2882.868420] ext4_iomap_begin+0x5b8/0xe80 [ 2882.868471] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2882.868515] ? __create_object+0x59/0x80 [ 2882.868543] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2882.868578] iomap_iter+0x54a/0xdb0 [ 2882.868616] __iomap_dio_rw+0x6ac/0x1cf0 [ 2882.868665] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2882.868700] ? lock_release+0xc8/0x290 [ 2882.868726] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2882.868772] ? kasan_quarantine_put+0x84/0x1e0 [ 2882.868838] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2882.868870] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2882.868914] iomap_dio_rw+0x40/0xa0 [ 2882.868948] ext4_file_write_iter+0xe0b/0x1990 [ 2882.868995] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2882.869024] ? __kasan_kmalloc+0x7f/0x90 [ 2882.869046] ? trace_kmalloc+0x1f/0xb0 [ 2882.869066] ? __kmalloc_noprof+0x215/0x4b0 [ 2882.869095] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2882.869132] iter_file_splice_write+0x927/0x10c0 [ 2882.869182] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2882.869243] ? lock_is_held_type+0x9e/0x120 [ 2882.869265] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2882.869296] direct_splice_actor+0x192/0x7b0 [ 2882.869328] splice_direct_to_actor+0x347/0x9d0 [ 2882.869358] ? __pfx_direct_splice_actor+0x10/0x10 [ 2882.869394] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2882.869424] ? lock_acquire+0x15e/0x2f0 [ 2882.869454] do_splice_direct+0x179/0x250 [ 2882.869481] ? __pfx_do_splice_direct+0x10/0x10 [ 2882.869509] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2882.869541] ? security_file_permission+0x22/0x90 [ 2882.869574] do_sendfile+0xa8e/0xdc0 [ 2882.869614] ? __pfx_do_sendfile+0x10/0x10 [ 2882.869645] ? __fget_files+0x20d/0x3b0 [ 2882.869690] __x64_sys_sendfile64+0x1d3/0x210 [ 2882.869714] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2882.869751] do_syscall_64+0xbf/0x360 [ 2882.869779] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2882.869803] RIP: 0033:0x7fe5d2196b19 [ 2882.869822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2882.869844] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2882.869867] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2882.869882] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2882.869896] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2882.869910] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2882.869924] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2882.869961] 09:34:15 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:34:15 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 60) 09:34:15 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r2, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) tee(r0, r2, 0x1, 0x1) ftruncate(r1, 0x0) 09:34:15 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x300, 0x1) 09:34:15 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 59) [ 2883.239416] loop2: detected capacity change from 0 to 288 [ 2883.261321] loop6: detected capacity change from 0 to 256 [ 2883.267196] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2883.279049] FAT-fs (loop2): bogus number of reserved sectors [ 2883.280113] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2883.326552] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2883.419718] FAULT_INJECTION: forcing a failure. [ 2883.419718] name failslab, interval 1, probability 0, space 0, times 0 [ 2883.421701] CPU: 0 UID: 0 PID: 16865 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2883.421733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2883.421746] Call Trace: [ 2883.421756] [ 2883.421766] dump_stack_lvl+0xfa/0x120 [ 2883.421798] should_fail_ex+0x4d7/0x5e0 [ 2883.421841] ? ext4_find_extent+0x7f5/0xa00 [ 2883.421869] should_failslab+0xc2/0x120 [ 2883.421907] __kmalloc_noprof+0xb4/0x4b0 [ 2883.421948] ext4_find_extent+0x7f5/0xa00 [ 2883.421981] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2883.422024] ? unwind_next_frame+0x3bc/0x2540 [ 2883.422056] ? do_syscall_64+0xbf/0x360 [ 2883.422083] ? perf_trace_lock_acquire+0xc9/0x700 [ 2883.422110] ? perf_trace_lock_acquire+0xc9/0x700 [ 2883.422143] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2883.422185] ? lock_acquire+0x15e/0x2f0 [ 2883.422208] ? ext4_map_blocks+0x569/0x15a0 [ 2883.422254] ? down_write+0x119/0x1f0 [ 2883.422279] ? __pfx_down_write+0x10/0x10 [ 2883.422302] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2883.422341] ext4_map_blocks+0x630/0x15a0 [ 2883.422382] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2883.422422] ? lock_is_held_type+0x9e/0x120 [ 2883.422452] ? jbd2__journal_start+0xf6/0x6b0 [ 2883.422484] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2883.422516] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2883.422548] ? ext4_iomap_begin+0x5b8/0xe80 [ 2883.422587] ext4_iomap_begin+0xa62/0xe80 [ 2883.422638] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2883.422683] ? __create_object+0x59/0x80 [ 2883.422712] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2883.422747] iomap_iter+0x54a/0xdb0 [ 2883.422787] __iomap_dio_rw+0x6ac/0x1cf0 [ 2883.422836] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2883.422872] ? lock_release+0xc8/0x290 [ 2883.422897] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2883.422944] ? kasan_quarantine_put+0x84/0x1e0 [ 2883.423011] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2883.423037] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2883.423082] iomap_dio_rw+0x40/0xa0 [ 2883.423117] ext4_file_write_iter+0xe0b/0x1990 [ 2883.423165] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2883.423193] ? __kasan_kmalloc+0x7f/0x90 [ 2883.423217] ? trace_kmalloc+0x1f/0xb0 [ 2883.423237] ? __kmalloc_noprof+0x215/0x4b0 [ 2883.423266] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2883.423305] iter_file_splice_write+0x927/0x10c0 [ 2883.423361] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2883.423425] ? lock_is_held_type+0x9e/0x120 [ 2883.423446] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2883.423478] direct_splice_actor+0x192/0x7b0 [ 2883.423511] splice_direct_to_actor+0x347/0x9d0 [ 2883.423541] ? __pfx_direct_splice_actor+0x10/0x10 [ 2883.423578] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2883.423609] ? lock_acquire+0x15e/0x2f0 [ 2883.423640] do_splice_direct+0x179/0x250 [ 2883.423667] ? __pfx_do_splice_direct+0x10/0x10 [ 2883.423696] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2883.423728] ? security_file_permission+0x22/0x90 [ 2883.423761] do_sendfile+0xa8e/0xdc0 [ 2883.423802] ? __pfx_do_sendfile+0x10/0x10 [ 2883.423837] ? perf_trace_preemptirq_template+0x259/0x430 [ 2883.423881] __x64_sys_sendfile64+0x1d3/0x210 [ 2883.423906] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2883.423944] do_syscall_64+0xbf/0x360 [ 2883.423972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2883.423998] RIP: 0033:0x7f7b6ab9db19 [ 2883.424019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2883.424041] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2883.424064] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2883.424079] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2883.424093] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2883.424107] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2883.424120] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2883.424159] 09:34:27 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 56) 09:34:27 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 61) 09:34:27 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 60) 09:34:27 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80064) 09:34:27 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x239, 0x1) 09:34:27 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x408, 0x1) 09:34:27 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:34:27 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r2, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x2, r2, 0x6}) ftruncate(r1, 0x0) [ 2895.268333] loop6: detected capacity change from 0 to 256 [ 2895.270477] loop2: detected capacity change from 0 to 288 [ 2895.280468] loop0: detected capacity change from 0 to 256 [ 2895.289951] FAT-fs (loop2): bogus number of reserved sectors [ 2895.290849] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2895.298212] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2895.314196] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2895.321742] FAULT_INJECTION: forcing a failure. [ 2895.321742] name failslab, interval 1, probability 0, space 0, times 0 [ 2895.323613] CPU: 1 UID: 0 PID: 16887 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2895.323644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2895.323659] Call Trace: [ 2895.323668] [ 2895.323678] dump_stack_lvl+0xfa/0x120 [ 2895.323712] should_fail_ex+0x4d7/0x5e0 [ 2895.323758] ? jbd2__journal_start+0x193/0x6b0 [ 2895.323783] should_failslab+0xc2/0x120 [ 2895.323820] kmem_cache_alloc_noprof+0x5f/0x470 [ 2895.323852] ? lock_is_held_type+0x9e/0x120 [ 2895.323891] jbd2__journal_start+0x193/0x6b0 [ 2895.323922] __ext4_journal_start_sb+0x325/0x5d0 [ 2895.323957] ? ext4_iomap_begin+0x5b8/0xe80 [ 2895.323996] ext4_iomap_begin+0x5b8/0xe80 [ 2895.324047] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2895.324092] ? __create_object+0x59/0x80 [ 2895.324120] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2895.324155] iomap_iter+0x54a/0xdb0 [ 2895.324195] __iomap_dio_rw+0x6ac/0x1cf0 [ 2895.324244] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2895.324279] ? lock_release+0xc8/0x290 [ 2895.324305] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2895.324352] ? kasan_quarantine_put+0x84/0x1e0 [ 2895.324418] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2895.324444] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2895.324489] iomap_dio_rw+0x40/0xa0 [ 2895.324524] ext4_file_write_iter+0xe0b/0x1990 [ 2895.324571] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2895.324600] ? __kasan_kmalloc+0x7f/0x90 [ 2895.324623] ? trace_kmalloc+0x1f/0xb0 [ 2895.324643] ? __kmalloc_noprof+0x215/0x4b0 [ 2895.324673] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2895.324711] iter_file_splice_write+0x927/0x10c0 [ 2895.324761] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2895.324823] ? lock_is_held_type+0x9e/0x120 [ 2895.324845] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2895.324876] direct_splice_actor+0x192/0x7b0 [ 2895.324908] splice_direct_to_actor+0x347/0x9d0 [ 2895.324939] ? __pfx_direct_splice_actor+0x10/0x10 [ 2895.324975] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2895.325006] ? lock_acquire+0x15e/0x2f0 [ 2895.325036] do_splice_direct+0x179/0x250 [ 2895.325063] ? __pfx_do_splice_direct+0x10/0x10 [ 2895.325091] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2895.325123] ? security_file_permission+0x22/0x90 [ 2895.325156] do_sendfile+0xa8e/0xdc0 [ 2895.325197] ? __pfx_do_sendfile+0x10/0x10 [ 2895.325228] ? __fget_files+0x20d/0x3b0 [ 2895.325273] __x64_sys_sendfile64+0x1d3/0x210 [ 2895.325298] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2895.325335] do_syscall_64+0xbf/0x360 [ 2895.325364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2895.325388] RIP: 0033:0x7fe5d2196b19 [ 2895.325406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2895.325429] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2895.325451] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2895.325467] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2895.325480] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2895.325494] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2895.325508] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2895.325546] [ 2895.449992] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2895.512847] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:41 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x300, 0x1) 09:34:41 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:34:41 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 61) 09:34:41 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 62) 09:34:41 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x480, 0x1) 09:34:41 executing program 1: ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000000)={0x0, 0x1, 0x1, 0x2, 0x17d, &(0x7f0000000400)="52d78f4856fb4c060230b31cd2d81800e1d4f7ce6f53ad4650876e53635cffcebb7a138e2f37250e98effd607ea1114cbf5a0a41048ef64c1eccf511973fbc6569ea22e9f4bc56ea7165d927d618f0d26eb490f4dfa42dc6c1de69eade42eae5d3fca6a6b779540fc509aac22080ed911e1236765297fb958fd824a2df7533d56b01d481afe651ee95ba971868ee02a6114e2c18b87ec46cc17f26f4db4b03c4747f69fe16c4495ce3ab2b09b3eed4384cf521b5c83907e62402817f3d7efaddcc066410c33d7fdb9a8b89e36309500f5783f6a4c9845618d090da2b70daf2eec82288a811f85203702ae8aca70e1cd157d23143a3d2206e11edc690e8523cbec1703af736a242e94e9ceed4602e5a7ce77b3b5d6c0ee958907487a882d78791560dfa2e3e8644a309e33aee8888de6a52853eb419f77ef304db788afcd8dd01439d875a66485d7a1a9fead9f9aaca8e9fc93eede9d6d8d5a623701a5f14fcefd90838bcbe7eddaae79742dbb4d6869bb37ac3ebb25e1b1304d17e72fb27d7b2477bff27f167e519fab0b4460a3072f6c26722f71fc797b7f27b0aaee6c17103509e1450ab47fb96975bedf0fe6458e5a60a26f20bb1077684adcc1e9c5ef0bc3035ccc5880f835993bf9c552bcf50d392badfdb51c83ca1591a0bcdc00b842241eafa3584d0235e14707819568cd8eca6a6b4183521c586da0c5d96eac442ae7d19a8101b270bc8b294a1ac2eded25cfd9c1b3afcb7932afbd15455d42f42bf874c622d11ebc824eb2a5cc8d4ff00cbe642143534a7b8dd79fc3be18d4e8789ba4e8fdce65c17abebf5115626e8b6f7d6c8e72b710684f56e5f793f8902131c652e1295e935dddb065a3f43f27715ddc3d1d7a80f6bc42e3255eaa537b4a44215c609f323d76cb3030232fc130d73960c51bd04b5e8b403e5efc24c85c795dbe1e45017b475b1091ccba2e0c6d793e0b7e192f3f5d90ebc750045cc33e9492ce24db1de6b5fc0cc7f2e6fec9f89ef0ecf67ab1e5d84a41332b8627bca5fa4bbd4663b8fc2a3b6d15bf03273bbc3b195706d03b2b4493de5dd3a6553645a514c6b0fa5cadc7f7ea93206161084bffc8fa49fcf704a230e2fcb3313de2a29bb9e6361adde787b922db585b4b85f253e99427ef02cb2680399b4c656cca3c6eec8ee6fea262e86ab290861a8e2f0a91fdf5ceb9133ae06cb2899b185f9a963a7776711bf1dceb4f0d2915d34da6de37ffa97a08c7fa3d38d6e4f8d02c21a7a096bebbd00152e540ecd116d44732e161ef6c7537a22eba2ca718e7b8d2ed5f00eb73494ac234c1262cea3cfc9bbf74f5535a51fd23aed8c4b582c8de602f5c3c76de9f09d5071d284f654b7dcfaa2b984fca6a539633c8773c59efea16b14763c378ace8e9d86429d9fc3e6fe6cac3c556723f75e5b56595aa84d669e19352dc701"}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) 09:34:41 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8006f) 09:34:41 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 57) [ 2909.357084] loop6: detected capacity change from 0 to 256 [ 2909.361262] loop0: detected capacity change from 0 to 256 [ 2909.371264] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2909.412496] loop2: detected capacity change from 0 to 288 [ 2909.420098] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:41 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x500, 0x1) [ 2909.432137] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2909.441099] FAT-fs (loop2): bogus number of reserved sectors [ 2909.442220] FAT-fs (loop2): Can't find a valid FAT filesystem 09:34:41 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 58) 09:34:42 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2909.627510] loop6: detected capacity change from 0 to 256 [ 2909.638384] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:42 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x408, 0x1) 09:34:42 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x13) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000072c0)=ANY=[@ANYBLOB="010000000100000018000000c1006fe4d0d544f38db2082c8d5b13ce334f5cb624834dcbca290e197e13ee3061efdf2775bd1a8623a7e94391bf1a23546b5daa4c02000000000000000230ad674a3a57597aa45fffb8e94da06583f3dea01f4de76762333c3336901935f2d285dc9534f95346db87f3fe1f5529a228a1089b0c5cad180adb70ba9a60cac5573dc63b6488051608c169ef1784a39852c168bfb724be89765bafe8cc3b3346888dd9e1f7049c964e18d366a60ac85bdf9bad60052ef64c6c914a918ae60d4fee7637c156031cbf9522ca275cbc1514f51e91", @ANYRES32=r0, @ANYBLOB="36c70000000000002e2f66696c653000d76f5b1b03407daca20be28c9057f9c048a96441d829ad6268dc5b5a51da7dde11b701f44320657a7fa9583b678b3215dfc405edb7c3c9c23880f2a4eaa697c40598ad2247ba337d9d89f74a3dda5559d7a2e63a0e24c378526089102c04fe850cf6645f7c14843b2e20bc8fc10fd235d009c5e2a27564c26c23644d0464bead5d2ddead9b190ae634ce70aec137b84e3a0f7af5d3b5c160e123db65c6d93191322ed6644c74bfc48b1003892da047d23be38c36766a100aacc2f1a6daf2af07deed1b1b9e1918cbeff3d9950524f65fe98f5d58cea67576c5d0751f8f48b6881b83f395656c761332b551192169044b61e94c0529d87a8e04fe"]) mount_setattr(r1, &(0x7f0000000000)='./file0\x00', 0x8000, &(0x7f0000000100)={0x8, 0x2, 0xa0000, {r3}}, 0x20) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r4, r5, 0x0, 0x80000) recvmmsg(r5, &(0x7f0000007080)=[{{&(0x7f0000000280)=@un=@abs, 0x80, &(0x7f0000000140)=[{&(0x7f0000000300)=""/115, 0x73}, {&(0x7f0000000400)=""/80, 0x50}, {&(0x7f0000000480)=""/187, 0xbb}], 0x3}, 0x4}, {{&(0x7f0000000540)=@rc, 0x80, &(0x7f0000001780)=[{&(0x7f0000000380)=""/18, 0x12}, {&(0x7f00000005c0)=""/67, 0x43}, {&(0x7f0000000640)=""/128, 0x80}, {&(0x7f00000006c0)=""/144, 0x90}, {&(0x7f0000000780)=""/4096, 0x1000}], 0x5, &(0x7f0000001800)=""/155, 0x9b}, 0x5}, {{&(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x80, &(0x7f0000003e40)=[{&(0x7f0000001940)=""/213, 0xd5}, {&(0x7f0000001a40)=""/4096, 0x1000}, {&(0x7f0000002a40)=""/9, 0x9}, {&(0x7f0000002a80)=""/4096, 0x1000}, {&(0x7f0000003a80)=""/249, 0xf9}, {&(0x7f0000003b80)=""/9, 0x9}, {&(0x7f0000003bc0)=""/115, 0x73}, {&(0x7f0000003c40)=""/238, 0xee}, {&(0x7f0000003d40)=""/226, 0xe2}], 0x9}, 0x9}, {{&(0x7f0000003f00)=@nfc_llcp, 0x80, &(0x7f0000005080)=[{&(0x7f0000003f80)=""/117, 0x75}, {&(0x7f0000004000)=""/31, 0x1f}, {&(0x7f0000004040)=""/4096, 0x1000}, {&(0x7f0000005040)=""/22, 0x16}], 0x4, &(0x7f00000050c0)=""/163, 0xa3}, 0x10001}, {{&(0x7f0000005180)=@nfc_llcp, 0x80, &(0x7f0000005300)=[{&(0x7f0000005200)=""/242, 0xf2}], 0x1, &(0x7f0000005340)=""/176, 0xb0}, 0x2}, {{&(0x7f0000005400)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @loopback}}}, 0x80, &(0x7f0000006880)=[{&(0x7f0000005480)=""/237, 0xed}, {&(0x7f0000005580)=""/50, 0x32}, {&(0x7f00000055c0)=""/217, 0xd9}, {&(0x7f00000056c0)=""/137, 0x89}, {&(0x7f0000005780)=""/15, 0xf}, {&(0x7f00000057c0)=""/4096, 0x1000}, {&(0x7f00000067c0)=""/182, 0xb6}], 0x7, &(0x7f0000006900)=""/210, 0xd2}, 0xffffffff}, {{&(0x7f0000006a00)=@alg, 0x80, &(0x7f0000006b40)=[{&(0x7f0000006a80)=""/28, 0x1c}, {&(0x7f0000006ac0)=""/119, 0x77}], 0x2, &(0x7f0000006b80)=""/225, 0xe1}, 0x21}, {{0x0, 0x0, &(0x7f0000006f40)=[{&(0x7f0000006c80)=""/180, 0xb4}, {&(0x7f0000006d40)=""/203, 0xcb}, {&(0x7f0000006e40)=""/114, 0x72}, {&(0x7f0000006ec0)=""/102, 0x66}], 0x4, &(0x7f0000006f80)=""/208, 0xd0}, 0x7}], 0x8, 0x2102, &(0x7f0000007280)={0x77359400}) r6 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r6, 0x0) 09:34:42 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 59) [ 2909.689398] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2909.712924] loop0: detected capacity change from 0 to 256 [ 2909.725314] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2909.739946] FAULT_INJECTION: forcing a failure. [ 2909.739946] name failslab, interval 1, probability 0, space 0, times 0 [ 2909.740818] CPU: 0 UID: 0 PID: 16928 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2909.740834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2909.740842] Call Trace: [ 2909.740847] [ 2909.740853] dump_stack_lvl+0xfa/0x120 [ 2909.740874] should_fail_ex+0x4d7/0x5e0 [ 2909.740897] ? ext4_mb_new_blocks+0x64e/0x4570 [ 2909.740914] should_failslab+0xc2/0x120 [ 2909.740934] kmem_cache_alloc_noprof+0x5f/0x470 [ 2909.740951] ? ext4_dirty_inode+0xf1/0x130 [ 2909.740970] ? __mark_inode_dirty+0x254/0xd00 [ 2909.740993] ext4_mb_new_blocks+0x64e/0x4570 [ 2909.741018] ? kasan_save_track+0x14/0x30 [ 2909.741030] ? __kasan_kmalloc+0x7f/0x90 [ 2909.741046] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 2909.741064] ? ext4_ext_search_right+0x2e8/0xbd0 [ 2909.741090] ext4_ext_map_blocks+0x1c55/0x5f30 [ 2909.741114] ? unwind_next_frame+0x3bc/0x2540 [ 2909.741131] ? do_syscall_64+0xbf/0x360 [ 2909.741146] ? perf_trace_lock_acquire+0xc9/0x700 [ 2909.741161] ? perf_trace_lock_acquire+0xc9/0x700 [ 2909.741178] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2909.741201] ? lock_acquire+0x15e/0x2f0 [ 2909.741214] ? ext4_map_blocks+0x569/0x15a0 [ 2909.741240] ? __pfx_down_write+0x10/0x10 [ 2909.741253] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2909.741273] ext4_map_blocks+0x630/0x15a0 [ 2909.741295] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2909.741310] ? lock_is_held_type+0x9e/0x120 [ 2909.741326] ? jbd2__journal_start+0xf6/0x6b0 [ 2909.741343] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2909.741360] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2909.741377] ? ext4_iomap_begin+0x5b8/0xe80 [ 2909.741398] ext4_iomap_begin+0xa62/0xe80 [ 2909.741425] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2909.741449] ? __create_object+0x59/0x80 [ 2909.741464] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2909.741483] iomap_iter+0x54a/0xdb0 [ 2909.741504] __iomap_dio_rw+0x6ac/0x1cf0 [ 2909.741530] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2909.741549] ? lock_release+0xc8/0x290 [ 2909.741562] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2909.741587] ? kasan_quarantine_put+0x84/0x1e0 [ 2909.741623] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2909.741637] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2909.741661] iomap_dio_rw+0x40/0xa0 [ 2909.741680] ext4_file_write_iter+0xe0b/0x1990 [ 2909.741705] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2909.741721] ? __kasan_kmalloc+0x7f/0x90 [ 2909.741733] ? trace_kmalloc+0x1f/0xb0 [ 2909.741744] ? __kmalloc_noprof+0x215/0x4b0 [ 2909.741759] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2909.741779] iter_file_splice_write+0x927/0x10c0 [ 2909.741806] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2909.741840] ? lock_is_held_type+0x9e/0x120 [ 2909.741852] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2909.741868] direct_splice_actor+0x192/0x7b0 [ 2909.741886] splice_direct_to_actor+0x347/0x9d0 [ 2909.741902] ? __pfx_direct_splice_actor+0x10/0x10 [ 2909.741921] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2909.741938] ? lock_acquire+0x15e/0x2f0 [ 2909.741954] do_splice_direct+0x179/0x250 [ 2909.741969] ? __pfx_do_splice_direct+0x10/0x10 [ 2909.741984] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2909.742001] ? security_file_permission+0x22/0x90 [ 2909.742019] do_sendfile+0xa8e/0xdc0 [ 2909.742041] ? __pfx_do_sendfile+0x10/0x10 [ 2909.742058] ? __fget_files+0x20d/0x3b0 [ 2909.742082] __x64_sys_sendfile64+0x1d3/0x210 [ 2909.742095] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2909.742115] do_syscall_64+0xbf/0x360 [ 2909.742130] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2909.742143] RIP: 0033:0x7fe5d2196b19 [ 2909.742153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2909.742164] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2909.742176] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2909.742185] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2909.742192] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2909.742200] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2909.742207] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2909.742228] [ 2909.815056] loop2: detected capacity change from 0 to 288 09:34:42 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 63) 09:34:42 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80070) 09:34:42 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 62) 09:34:42 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x480, 0x1) [ 2909.832339] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:42 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x600, 0x1) [ 2909.834056] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2909.850932] FAT-fs (loop2): bogus number of reserved sectors [ 2909.851899] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2909.897719] FAULT_INJECTION: forcing a failure. [ 2909.897719] name failslab, interval 1, probability 0, space 0, times 0 [ 2909.898750] CPU: 0 UID: 0 PID: 16937 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2909.898768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2909.898777] Call Trace: [ 2909.898782] [ 2909.898788] dump_stack_lvl+0xfa/0x120 [ 2909.898809] should_fail_ex+0x4d7/0x5e0 [ 2909.898836] ? __es_insert_extent+0xed2/0x1370 [ 2909.898851] should_failslab+0xc2/0x120 [ 2909.898879] kmem_cache_alloc_noprof+0x5f/0x470 [ 2909.898898] ? __pfx___es_remove_extent+0x10/0x10 [ 2909.898912] ? ext4_es_can_be_merged.isra.0+0x13b/0x160 [ 2909.898932] __es_insert_extent+0xed2/0x1370 [ 2909.898957] ext4_es_insert_extent+0x4d0/0x1100 [ 2909.898980] ? __pfx_ext4_es_insert_extent+0x10/0x10 [ 2909.898996] ? percpu_counter_add_batch+0x126/0x240 [ 2909.899017] ? find_held_lock+0x2b/0x80 [ 2909.899037] ? lock_release+0xc8/0x290 [ 2909.899052] ? do_raw_read_unlock+0x44/0xe0 [ 2909.899069] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2909.899090] ext4_map_blocks+0x815/0x15a0 [ 2909.899114] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2909.899128] ? lock_is_held_type+0x9e/0x120 [ 2909.899146] ? jbd2__journal_start+0xf6/0x6b0 [ 2909.899165] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2909.899183] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2909.899200] ? ext4_iomap_begin+0x5b8/0xe80 [ 2909.899221] ext4_iomap_begin+0xa62/0xe80 [ 2909.899248] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2909.899272] ? __create_object+0x59/0x80 [ 2909.899289] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2909.899308] iomap_iter+0x54a/0xdb0 [ 2909.899330] __iomap_dio_rw+0x6ac/0x1cf0 [ 2909.899357] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2909.899378] ? lock_release+0xc8/0x290 [ 2909.899391] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2909.899417] ? kasan_quarantine_put+0x84/0x1e0 [ 2909.899453] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2909.899467] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2909.899492] iomap_dio_rw+0x40/0xa0 [ 2909.899511] ext4_file_write_iter+0xe0b/0x1990 [ 2909.899537] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2909.899552] ? __kasan_kmalloc+0x7f/0x90 [ 2909.899565] ? trace_kmalloc+0x1f/0xb0 [ 2909.899576] ? __kmalloc_noprof+0x215/0x4b0 [ 2909.899592] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2909.899614] iter_file_splice_write+0x927/0x10c0 [ 2909.899641] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2909.899675] ? lock_is_held_type+0x9e/0x120 [ 2909.899687] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2909.899704] direct_splice_actor+0x192/0x7b0 [ 2909.899721] splice_direct_to_actor+0x347/0x9d0 [ 2909.899738] ? __pfx_direct_splice_actor+0x10/0x10 [ 2909.899757] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2909.899775] ? lock_acquire+0x15e/0x2f0 [ 2909.899791] do_splice_direct+0x179/0x250 [ 2909.899806] ? __pfx_do_splice_direct+0x10/0x10 [ 2909.899821] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2909.899839] ? security_file_permission+0x22/0x90 [ 2909.899857] do_sendfile+0xa8e/0xdc0 [ 2909.899880] ? __pfx_do_sendfile+0x10/0x10 [ 2909.899899] ? perf_trace_preemptirq_template+0x259/0x430 [ 2909.899923] __x64_sys_sendfile64+0x1d3/0x210 [ 2909.899937] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2909.899957] do_syscall_64+0xbf/0x360 [ 2909.899973] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2909.899987] RIP: 0033:0x7f7b6ab9db19 [ 2909.899998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2909.900011] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2909.900023] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2909.900032] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2909.900040] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2909.900048] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2909.900056] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2909.900076] [ 2909.946695] loop0: detected capacity change from 0 to 256 09:34:42 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 60) 09:34:42 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2909.969481] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2909.999798] loop6: detected capacity change from 0 to 256 [ 2910.039249] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:42 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x500, 0x1) [ 2910.063450] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2910.090132] loop2: detected capacity change from 0 to 288 09:34:42 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000) open_by_handle_at(r1, &(0x7f0000000000)=@ocfs2_parent={0x18, 0x2, {{0x5, 0x8, 0x2}, {0x2, 0x6c5, 0x15}}}, 0x101000) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r2, 0x0) [ 2910.119358] FAT-fs (loop2): bogus number of reserved sectors [ 2910.120282] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2910.176520] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2910.243534] loop0: detected capacity change from 0 to 256 [ 2910.271025] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2910.318749] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:53 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 64) 09:34:53 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x600, 0x1) 09:34:53 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 63) 09:34:53 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x700, 0x1) 09:34:53 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f800", 0x17}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:34:53 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 61) 09:34:53 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8007e) 09:34:53 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r2, r3, 0x0, 0x80000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000000)={0x1}) r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r4, 0x0) [ 2920.882138] loop2: detected capacity change from 0 to 288 [ 2920.897734] FAULT_INJECTION: forcing a failure. [ 2920.897734] name failslab, interval 1, probability 0, space 0, times 0 [ 2920.898778] FAT-fs (loop2): bogus number of FAT sectors [ 2920.899793] CPU: 1 UID: 0 PID: 16964 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2920.899830] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2920.899847] Call Trace: [ 2920.899857] [ 2920.899877] dump_stack_lvl+0xfa/0x120 [ 2920.899914] should_fail_ex+0x4d7/0x5e0 [ 2920.899965] ? __es_insert_extent+0xed2/0x1370 [ 2920.899996] should_failslab+0xc2/0x120 [ 2920.900040] kmem_cache_alloc_noprof+0x5f/0x470 [ 2920.900079] ? __pfx___es_remove_extent+0x10/0x10 [ 2920.900109] ? ext4_es_can_be_merged.isra.0+0x13b/0x160 [ 2920.900152] __es_insert_extent+0xed2/0x1370 [ 2920.900208] ext4_es_insert_extent+0x4d0/0x1100 [ 2920.900258] ? __pfx_ext4_es_insert_extent+0x10/0x10 [ 2920.900296] ? percpu_counter_add_batch+0x126/0x240 [ 2920.900342] ? find_held_lock+0x2b/0x80 [ 2920.900384] ? lock_release+0xc8/0x290 [ 2920.900417] ? do_raw_read_unlock+0x44/0xe0 [ 2920.900454] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2920.900501] ext4_map_blocks+0x815/0x15a0 [ 2920.900551] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2920.900583] ? lock_is_held_type+0x9e/0x120 [ 2920.900620] ? jbd2__journal_start+0xf6/0x6b0 [ 2920.900657] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2920.900696] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2920.900733] ? ext4_iomap_begin+0x5b8/0xe80 [ 2920.900780] ext4_iomap_begin+0xa62/0xe80 [ 2920.900840] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2920.900894] ? __create_object+0x59/0x80 [ 2920.900927] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2920.900969] iomap_iter+0x54a/0xdb0 [ 2920.901016] __iomap_dio_rw+0x6ac/0x1cf0 [ 2920.901075] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2920.901117] ? lock_release+0xc8/0x290 [ 2920.901146] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2920.901202] ? kasan_quarantine_put+0x84/0x1e0 [ 2920.901284] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2920.901315] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2920.901368] iomap_dio_rw+0x40/0xa0 [ 2920.901410] ext4_file_write_iter+0xe0b/0x1990 [ 2920.901467] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2920.901501] ? __kasan_kmalloc+0x7f/0x90 [ 2920.901527] ? trace_kmalloc+0x1f/0xb0 [ 2920.901552] ? __kmalloc_noprof+0x215/0x4b0 [ 2920.901587] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2920.901632] iter_file_splice_write+0x927/0x10c0 [ 2920.901693] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2920.901769] ? lock_is_held_type+0x9e/0x120 [ 2920.901795] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2920.901832] direct_splice_actor+0x192/0x7b0 [ 2920.901872] splice_direct_to_actor+0x347/0x9d0 [ 2920.901907] ? __pfx_direct_splice_actor+0x10/0x10 [ 2920.901950] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2920.901988] ? lock_acquire+0x15e/0x2f0 [ 2920.902025] do_splice_direct+0x179/0x250 [ 2920.902058] ? __pfx_do_splice_direct+0x10/0x10 [ 2920.902092] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2920.902131] ? security_file_permission+0x22/0x90 [ 2920.902170] do_sendfile+0xa8e/0xdc0 [ 2920.902219] ? __pfx_do_sendfile+0x10/0x10 [ 2920.902256] ? __fget_files+0x20d/0x3b0 [ 2920.902310] __x64_sys_sendfile64+0x1d3/0x210 [ 2920.902340] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2920.902385] do_syscall_64+0xbf/0x360 [ 2920.902419] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2920.902448] RIP: 0033:0x7fe5d2196b19 [ 2920.902469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2920.902496] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2920.902523] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2920.902542] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2920.902558] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2920.902575] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2920.902592] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2920.902638] [ 2920.932670] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2920.938360] loop0: detected capacity change from 0 to 256 [ 2920.949687] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2920.950512] loop6: detected capacity change from 0 to 256 09:34:53 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x700, 0x1) [ 2920.982292] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2921.029523] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:53 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f800", 0x17}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:34:53 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x804, 0x1) [ 2921.132371] loop6: detected capacity change from 0 to 256 [ 2921.145569] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2921.181083] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:53 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x900, 0x1) [ 2921.230716] loop0: detected capacity change from 0 to 256 09:34:53 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 65) [ 2921.279529] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:34:53 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 64) 09:34:53 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xd00, 0x1) 09:34:53 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 62) [ 2921.380820] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2921.430758] FAULT_INJECTION: forcing a failure. [ 2921.430758] name failslab, interval 1, probability 0, space 0, times 0 [ 2921.432448] CPU: 1 UID: 0 PID: 17002 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2921.432481] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2921.432495] Call Trace: [ 2921.432505] [ 2921.432515] dump_stack_lvl+0xfa/0x120 [ 2921.432550] should_fail_ex+0x4d7/0x5e0 [ 2921.432596] ? __es_insert_extent+0xed2/0x1370 [ 2921.432625] should_failslab+0xc2/0x120 [ 2921.432665] kmem_cache_alloc_noprof+0x5f/0x470 [ 2921.432700] ? __pfx___es_remove_extent+0x10/0x10 [ 2921.432727] ? ext4_es_can_be_merged.isra.0+0x13b/0x160 [ 2921.432765] __es_insert_extent+0xed2/0x1370 [ 2921.432814] ext4_es_insert_extent+0x4d0/0x1100 [ 2921.432869] ? __pfx_ext4_es_insert_extent+0x10/0x10 [ 2921.432903] ? percpu_counter_add_batch+0x126/0x240 [ 2921.432944] ? find_held_lock+0x2b/0x80 [ 2921.432982] ? lock_release+0xc8/0x290 [ 2921.433011] ? do_raw_read_unlock+0x44/0xe0 [ 2921.433045] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2921.433086] ext4_map_blocks+0x815/0x15a0 [ 2921.433130] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2921.433159] ? lock_is_held_type+0x9e/0x120 [ 2921.433192] ? jbd2__journal_start+0xf6/0x6b0 [ 2921.433226] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2921.433260] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2921.433294] ? ext4_iomap_begin+0x5b8/0xe80 [ 2921.433336] ext4_iomap_begin+0xa62/0xe80 [ 2921.433390] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2921.433438] ? __create_object+0x59/0x80 [ 2921.433468] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 2921.433506] iomap_iter+0x54a/0xdb0 [ 2921.433547] __iomap_dio_rw+0x6ac/0x1cf0 [ 2921.433599] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2921.433637] ? lock_release+0xc8/0x290 [ 2921.433667] ? __pfx___iomap_dio_rw+0x10/0x10 [ 2921.433718] ? kasan_quarantine_put+0x84/0x1e0 [ 2921.433789] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 2921.433817] ? __pfx_ext4_orphan_add+0x10/0x10 [ 2921.433864] iomap_dio_rw+0x40/0xa0 [ 2921.433902] ext4_file_write_iter+0xe0b/0x1990 [ 2921.433952] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2921.433983] ? __kasan_kmalloc+0x7f/0x90 [ 2921.434007] ? trace_kmalloc+0x1f/0xb0 [ 2921.434029] ? __kmalloc_noprof+0x215/0x4b0 [ 2921.434061] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2921.434102] iter_file_splice_write+0x927/0x10c0 [ 2921.434154] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2921.434221] ? lock_is_held_type+0x9e/0x120 [ 2921.434244] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2921.434278] direct_splice_actor+0x192/0x7b0 [ 2921.434312] splice_direct_to_actor+0x347/0x9d0 [ 2921.434344] ? __pfx_direct_splice_actor+0x10/0x10 [ 2921.434383] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2921.434416] ? lock_acquire+0x15e/0x2f0 [ 2921.434449] do_splice_direct+0x179/0x250 [ 2921.434478] ? __pfx_do_splice_direct+0x10/0x10 [ 2921.434509] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2921.434543] ? security_file_permission+0x22/0x90 [ 2921.434579] do_sendfile+0xa8e/0xdc0 [ 2921.434622] ? __pfx_do_sendfile+0x10/0x10 [ 2921.434674] __x64_sys_sendfile64+0x1d3/0x210 [ 2921.434700] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2921.434740] do_syscall_64+0xbf/0x360 [ 2921.434770] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2921.434796] RIP: 0033:0x7fe5d2196b19 [ 2921.434816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2921.434840] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2921.434864] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2921.434881] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2921.434908] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2921.434923] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2921.434939] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2921.434978] 09:35:03 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 63) 09:35:03 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 66) 09:35:03 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x804, 0x1) 09:35:03 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000000)={r2, 0x0, r0, 0x6d}) ftruncate(r1, 0x0) r3 = openat$cgroup_ro(r1, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x90000300}, 0xc, &(0x7f00000001c0)={&(0x7f0000000400)={0x42c, 0x1c, 0x10, 0x70bd28, 0x25dfdbfd, {0x1d}, [@generic="c10e7241dbdcf119cb7240d4010685929ef1e628157f4581c9312e7f9dedbefcc7cbab1d8d", @typed={0x4, 0x1b}, @nested={0x341, 0x8c, 0x0, 0x1, [@generic="3738e76a1b47f1f7016d16b73fbfedb85ac7146a8eca49c81d826615f49c731b2a6beab69c0de3444de301ef6a45bfae1a11482b70b14eb5fe7dbefc0754cd8993da67a8a2b5a5a6c03a546ae043b519dbf7298b690a44881431fdba6ef1ca42b0b1b2bbe0f95882cb16c7bbe2a639d14847fe249129b3f46d0aa590cf065d9449967aa40d4e0ad5705967857c19c479d34fe06a234324579df6c23b52e1f7afb5385116ddd02c37dbd7fe18726a27bb67f18a3ee4bc87efe073406ffffc783314ff09cf7423ae5d8e849df6b2e7ca1f1ea13acf3aef219d", @generic="bcf75d742a9a8bf616ba1a02ca405e9a1c8122557ea24409b4e143315b4b2b0e21de17e5288459e4f0181d3f74bfee8ff7b753e94da0fae12ccadfe6498a0c394f86569f55161e7ed85c9a7b6de57f19892bcd8e0249cb8f8807eeaaf887b8b86e4851d4d4133c435447719e4d0f7afc0345de634285a468c68d96c89640a1480a3ebdd31fc01148475c38", @generic="f0310c3911a135456b118b7c90f22e3a11298eb4a372ad79a7a0ea518b2d00f131bbda172f732fe217ff5b66d99d5d419c1614", @generic="4c36891c91671153be76310b6b337bc016ca9cec5c5ec108d935979abb0a5016a9c37057d9f79141113e4881bdd8412e97b82673d24f863c2bf89aa9cb9ebdf6cc4a6f25137dbcf82e4a159a3a62bca59e7445081cb7f279ccb6b0a47d3620ce56eb08715982ae093db61f3db8facc500421f872f6b4cbd10c1d6c992d9838947e736108546da6bcd762567f7923885d25e8b4106501711a", @generic="b14708c9bb4cff10963aa69434beba5e87a91a65cb89c3a516e13d4f8665040b941af0cbb69a7a6c0e840d7f8eca03565887ca2b762ee7d47cd711a601ebd5990626a9ac2dcba03022ae9860d43f123b0093d373528dbfc1d2119b9f402b7db02dc22fe4b9070949bfa1100b805e989606f7579fe074435f14859cac9967f073ec795cfdbd70c77d57cd55b643d3effd537c6243225ef0c195e902aa86ae1ce3d850c336d5772d32ca8020595cad", @typed={0x8, 0x67, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x19}}, @generic="6c5bd7c55ce6ede32955a3b5c917e75ddc354875475515099de9b1f68e3db572ff65032ac7e71962285f90ba624c156258b320ad3042448f436447ed1276d798b3f7b0dfcbca7f043b5a1f89ca326a5e475d9108c5787dd8ef"]}, @nested={0x1c, 0x1b, 0x0, 0x1, [@typed={0x4, 0x8b}, @typed={0xc, 0x60, 0x0, 0x0, @u64=0x7}, @typed={0x8, 0x6e, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}]}, @generic="ca02161a8239ed50a57ab473a192263fab72104d38d9a2c0ffe0a144b42bbfa0868ca771be6affcc582280258afe3203dcd909d45d48e57de5188b071fd5f09b0591ace77430ab78e0d7beef803765b78f2d8e305abeb79e499c7409ec7daf6d5338bc425a", @typed={0x26, 0x5c, 0x0, 0x0, @binary="baa7f5bc5eec3d71d368fd079fa69f4f3ee7561bdc3232b3677ee309b78c77fc166d"}]}, 0x42c}, 0x1, 0x0, 0x0, 0x800}, 0x4000) 09:35:03 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x800b3) 09:35:03 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f800", 0x17}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:35:03 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2000, 0x1) 09:35:03 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 65) [ 2931.233844] loop2: detected capacity change from 0 to 288 [ 2931.242262] FAT-fs (loop2): bogus number of FAT sectors [ 2931.242722] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2931.267685] loop0: detected capacity change from 0 to 256 [ 2931.270318] loop6: detected capacity change from 0 to 256 09:35:03 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000", 0x22}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2931.295325] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2931.297440] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2931.422412] loop2: detected capacity change from 0 to 288 [ 2931.448426] FAT-fs (loop2): bogus number of FAT sectors [ 2931.448959] FAT-fs (loop2): Can't find a valid FAT filesystem 09:35:03 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x900, 0x1) [ 2931.456896] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:35:03 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2100, 0x1) [ 2931.558187] loop6: detected capacity change from 0 to 256 [ 2931.573488] loop0: detected capacity change from 0 to 256 [ 2931.576617] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2931.583946] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2931.623401] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:35:16 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 66) 09:35:16 executing program 1: ioctl$TIOCL_SELLOADLUT(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x5, 0x6, 0x200, 0xffffffff, 0x9}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x0, &(0x7f0000000040)}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) dup(r0) ftruncate(0xffffffffffffffff, 0x0) 09:35:16 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xd00, 0x1) 09:35:16 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2200, 0x1) 09:35:16 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 64) 09:35:16 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000", 0x22}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:35:16 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x800f1) 09:35:16 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 67) [ 2944.172246] loop2: detected capacity change from 0 to 288 [ 2944.194728] FAT-fs (loop2): bogus number of FAT sectors [ 2944.195657] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2944.220487] loop6: detected capacity change from 0 to 256 [ 2944.238239] loop0: detected capacity change from 0 to 256 [ 2944.255424] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:35:16 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x8001, 0x81, 0x2, 0x2}, {0x2, 0x7f, 0x0, 0xffffffff}, {0x4, 0x6, 0x7, 0x6}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) ioctl$FS_IOC_READ_VERITY_METADATA(r2, 0xc0286687, &(0x7f00000001c0)={0x3, 0x0, 0xbf, &(0x7f0000000100)=""/191}) ftruncate(r0, 0x0) [ 2944.299492] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:35:16 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000", 0x22}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:35:16 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2300, 0x1) 09:35:16 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2000, 0x1) [ 2944.488815] loop2: detected capacity change from 0 to 288 [ 2944.498214] FAT-fs (loop2): bogus number of FAT sectors [ 2944.499326] FAT-fs (loop2): Can't find a valid FAT filesystem 09:35:17 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 67) 09:35:17 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:35:17 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 65) [ 2944.583484] loop0: detected capacity change from 0 to 256 09:35:17 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 68) [ 2944.597452] loop6: detected capacity change from 0 to 256 [ 2944.605306] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2944.609505] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:35:17 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2c00, 0x1) [ 2944.688310] loop2: detected capacity change from 0 to 288 [ 2944.716557] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:35:17 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2100, 0x1) 09:35:17 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x800f2) [ 2944.792041] FAULT_INJECTION: forcing a failure. [ 2944.792041] name failslab, interval 1, probability 0, space 0, times 0 [ 2944.793052] CPU: 0 UID: 0 PID: 17076 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2944.793070] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2944.793082] Call Trace: [ 2944.793088] [ 2944.793093] dump_stack_lvl+0xfa/0x120 [ 2944.793114] should_fail_ex+0x4d7/0x5e0 [ 2944.793139] ? jbd2__journal_start+0x193/0x6b0 [ 2944.793153] should_failslab+0xc2/0x120 [ 2944.793174] kmem_cache_alloc_noprof+0x5f/0x470 [ 2944.793192] ? lock_is_held_type+0x9e/0x120 [ 2944.793210] jbd2__journal_start+0x193/0x6b0 [ 2944.793226] __ext4_journal_start_sb+0x325/0x5d0 [ 2944.793246] ? ext4_convert_unwritten_extents+0x190/0x580 [ 2944.793264] ext4_convert_unwritten_extents+0x190/0x580 [ 2944.793281] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 2944.793305] ext4_dio_write_end_io+0x13a/0x710 [ 2944.793321] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2944.793338] iomap_dio_complete+0x14d/0x9e0 [ 2944.793362] iomap_dio_rw+0x73/0xa0 [ 2944.793380] ext4_file_write_iter+0xe0b/0x1990 [ 2944.793405] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2944.793421] ? __kasan_kmalloc+0x7f/0x90 [ 2944.793433] ? trace_kmalloc+0x1f/0xb0 [ 2944.793445] ? __kmalloc_noprof+0x215/0x4b0 [ 2944.793461] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2944.793482] iter_file_splice_write+0x927/0x10c0 [ 2944.793509] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2944.793542] ? lock_is_held_type+0x9e/0x120 [ 2944.793554] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2944.793571] direct_splice_actor+0x192/0x7b0 [ 2944.793588] splice_direct_to_actor+0x347/0x9d0 [ 2944.793605] ? __pfx_direct_splice_actor+0x10/0x10 [ 2944.793624] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2944.793643] ? lock_acquire+0x15e/0x2f0 [ 2944.793661] do_splice_direct+0x179/0x250 [ 2944.793675] ? __pfx_do_splice_direct+0x10/0x10 [ 2944.793690] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2944.793708] ? security_file_permission+0x22/0x90 [ 2944.793727] do_sendfile+0xa8e/0xdc0 [ 2944.793749] ? __pfx_do_sendfile+0x10/0x10 [ 2944.793775] ? perf_trace_preemptirq_template+0x259/0x430 [ 2944.793806] __x64_sys_sendfile64+0x1d3/0x210 [ 2944.793820] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2944.793840] do_syscall_64+0xbf/0x360 09:35:17 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080)={0x4, &(0x7f0000000000)=[{0x20, 0x3f, 0x8, 0x3f}, {0x101, 0xff, 0x1, 0x3}, {0x3, 0x3, 0x8, 0x3}, {0xf79, 0x0, 0x20, 0x5}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) 09:35:17 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2944.793856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2944.793869] RIP: 0033:0x7f85c6477b19 [ 2944.793880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2944.793892] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2944.793905] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2944.793913] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2944.793921] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2944.793930] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2944.793938] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2944.793958] [ 2944.813175] loop0: detected capacity change from 0 to 256 [ 2944.822121] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2944.847779] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2944.854803] loop6: detected capacity change from 0 to 256 [ 2944.873840] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:35:17 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2d00, 0x1) [ 2944.958538] loop2: detected capacity change from 0 to 288 09:35:17 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2200, 0x1) 09:35:17 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 69) 09:35:17 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 66) [ 2945.009472] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2945.017980] loop6: detected capacity change from 0 to 256 [ 2945.031098] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2945.129269] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2945.179613] loop0: detected capacity change from 0 to 256 [ 2945.191828] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:35:27 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 68) 09:35:27 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 67) 09:35:27 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000", 0x28}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:35:27 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 70) 09:35:27 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2e00, 0x1) 09:35:27 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80102) 09:35:27 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x5, 0xfe, 0x0, 0x7fff0000}]}) ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, &(0x7f00000002c0)=""/58) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r1, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) close_range(r0, r1, 0x0) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r3 = creat(&(0x7f0000000000)='./file0\x00', 0xce) ftruncate(r2, 0x0) vmsplice(r3, &(0x7f0000000280)=[{&(0x7f0000000080)="9e3d0dc2cb765a51ee84d4eb138813917d73bbd279d3af4cd758ab1dccc5807b62bd4beda36fa6e8ca90", 0x2a}, {&(0x7f0000000100)="f15831e71f986430a4ef6a95b71a9f41a970d519cdd74d4b899a06af3e6fab9d1de40c77734bb05b69bcf742aa48328fb60f7bd5f39e2ec921961129a1490b5386201f824c68742ef506e67870b105f5e7027e80b96efefc6010a913fc", 0x5d}, {&(0x7f0000000180)="4775a865a100ad4ed61fc17910acd125b0c97f4a3540c946d38cce651e29d4592b352f9e31e293b90b5efb44d96d756b13344428d1098891d974f616c6b7e164b354c879b2fe482e987bda8efc96f260d4e7e92234b33c8bc79763cb343f5cca8f1f35a33855758b65ba88703b9c898b38e00079dc12f3f2c23f9e2af7dc4747fa0ec2c7b5043bf0f9009220815b7cc368ce361b0b1563013b4c8d26cb8ffb63a5e74dbb736381e30e7206e6705c2f35304eb514f0b510c64c9926081d239e74479a91b42a663d9fbac40be16d15d4ad9de7331e58775179184a876c1aab30574506a149e92239796e962041eee0922b337028b5", 0xf4}], 0x3, 0x1) 09:35:27 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2300, 0x1) [ 2955.524737] loop6: detected capacity change from 0 to 256 [ 2955.557356] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2955.580330] loop0: detected capacity change from 0 to 256 [ 2955.595155] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2955.606364] loop2: detected capacity change from 0 to 288 [ 2955.620166] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:35:28 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2c00, 0x1) [ 2955.681123] FAULT_INJECTION: forcing a failure. [ 2955.681123] name failslab, interval 1, probability 0, space 0, times 0 [ 2955.682674] CPU: 0 UID: 0 PID: 17117 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2955.682701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2955.682714] Call Trace: [ 2955.682722] [ 2955.682730] dump_stack_lvl+0xfa/0x120 [ 2955.682762] should_fail_ex+0x4d7/0x5e0 [ 2955.682803] ? ext4_find_extent+0x7f5/0xa00 [ 2955.682823] should_failslab+0xc2/0x120 [ 2955.682863] __kmalloc_noprof+0xb4/0x4b0 [ 2955.682892] ? perf_trace_lock_acquire+0xc9/0x700 [ 2955.682926] ext4_find_extent+0x7f5/0xa00 [ 2955.682947] ? perf_trace_run_bpf_submit+0xef/0x180 [ 2955.682979] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2955.683010] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2955.683052] ? perf_trace_lock_acquire+0xc9/0x700 [ 2955.683075] ? perf_trace_lock_acquire+0xc9/0x700 [ 2955.683103] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2955.683141] ? lock_acquire+0x15e/0x2f0 [ 2955.683162] ? ext4_map_blocks+0x569/0x15a0 [ 2955.683203] ? down_write+0x119/0x1f0 [ 2955.683226] ? __pfx_down_write+0x10/0x10 [ 2955.683247] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2955.683282] ext4_map_blocks+0x630/0x15a0 [ 2955.683318] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2955.683342] ? lock_is_held_type+0x9e/0x120 [ 2955.683370] ? jbd2__journal_start+0xf6/0x6b0 [ 2955.683399] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2955.683439] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2955.683467] ? ext4_convert_unwritten_extents+0x190/0x580 [ 2955.683496] ext4_convert_unwritten_extents+0x1ca/0x580 [ 2955.683524] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 2955.683565] ext4_dio_write_end_io+0x13a/0x710 [ 2955.683591] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2955.683621] iomap_dio_complete+0x14d/0x9e0 [ 2955.683659] iomap_dio_rw+0x73/0xa0 [ 2955.683689] ext4_file_write_iter+0xe0b/0x1990 [ 2955.683731] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2955.683757] ? __kasan_kmalloc+0x7f/0x90 [ 2955.683777] ? trace_kmalloc+0x1f/0xb0 [ 2955.683796] ? __kmalloc_noprof+0x215/0x4b0 [ 2955.683822] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2955.683856] iter_file_splice_write+0x927/0x10c0 [ 2955.683901] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2955.683957] ? lock_is_held_type+0x9e/0x120 [ 2955.683977] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2955.684004] direct_splice_actor+0x192/0x7b0 [ 2955.684033] splice_direct_to_actor+0x347/0x9d0 [ 2955.684060] ? __pfx_direct_splice_actor+0x10/0x10 [ 2955.684093] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2955.684120] ? lock_acquire+0x15e/0x2f0 [ 2955.684147] do_splice_direct+0x179/0x250 [ 2955.684172] ? __pfx_do_splice_direct+0x10/0x10 [ 2955.684198] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2955.684228] ? security_file_permission+0x22/0x90 [ 2955.684258] do_sendfile+0xa8e/0xdc0 [ 2955.684294] ? __pfx_do_sendfile+0x10/0x10 [ 2955.684326] ? perf_trace_preemptirq_template+0x259/0x430 [ 2955.684364] __x64_sys_sendfile64+0x1d3/0x210 [ 2955.684386] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2955.684418] do_syscall_64+0xbf/0x360 [ 2955.684444] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2955.684465] RIP: 0033:0x7f85c6477b19 [ 2955.684482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2955.684501] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2955.684520] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2955.684534] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2955.684546] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2955.684558] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2955.684570] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2955.684604] [ 2955.729626] EXT4-fs warning (device sda): ext4_convert_unwritten_extents:4936: inode #16065: block 16: len 16: ext4_ext_map_blocks returned -12 [ 2955.755256] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2956.019722] loop0: detected capacity change from 0 to 256 [ 2956.028593] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:35:39 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2d00, 0x1) 09:35:39 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000000000", 0x2b}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:35:39 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 69) 09:35:39 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 71) 09:35:39 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2f00, 0x1) 09:35:39 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 68) 09:35:39 executing program 1: recvfrom$inet6(0xffffffffffffffff, &(0x7f0000000100)=""/203, 0xcb, 0x1, &(0x7f0000000200)={0xa, 0x4e22, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x6, &(0x7f0000000000)=[{0x7f, 0x5, 0x40, 0x80000000}, {0x6, 0x5, 0x40, 0x7}, {0x4, 0x1f, 0x2, 0x9}, {0x6, 0x3, 0x4b, 0x7ff}, {0x3, 0x5, 0x6, 0xffffffff}, {0x3ff, 0x1, 0x80}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x1) ftruncate(0xffffffffffffffff, 0x0) 09:35:39 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x801ee) [ 2967.391657] loop0: detected capacity change from 0 to 256 09:35:39 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x1f, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) [ 2967.416895] loop2: detected capacity change from 0 to 288 [ 2967.423808] loop6: detected capacity change from 0 to 256 [ 2967.430323] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2967.452723] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2967.456437] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2967.480355] FAULT_INJECTION: forcing a failure. [ 2967.480355] name failslab, interval 1, probability 0, space 0, times 0 [ 2967.481409] CPU: 0 UID: 0 PID: 17144 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2967.481427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2967.481436] Call Trace: [ 2967.481441] [ 2967.481446] dump_stack_lvl+0xfa/0x120 [ 2967.481469] should_fail_ex+0x4d7/0x5e0 [ 2967.481496] ? ext4_init_io_end+0x27/0x180 [ 2967.481511] should_failslab+0xc2/0x120 [ 2967.481532] kmem_cache_alloc_noprof+0x5f/0x470 [ 2967.481552] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 2967.481570] ext4_init_io_end+0x27/0x180 [ 2967.481584] ext4_do_writepages+0xaa4/0x3230 [ 2967.481622] ? __pfx_ext4_do_writepages+0x10/0x10 [ 2967.481648] ? lock_is_held_type+0x9e/0x120 [ 2967.481669] ext4_writepages+0x369/0x7a0 [ 2967.481688] ? __pfx_ext4_writepages+0x10/0x10 [ 2967.481705] ? __pfx_perf_trace_lock+0x10/0x10 [ 2967.481730] ? lock_release+0xc8/0x290 [ 2967.481745] ? do_raw_spin_unlock+0x53/0x220 [ 2967.481762] ? __pfx_ext4_writepages+0x10/0x10 [ 2967.481782] do_writepages+0x244/0x5c0 [ 2967.481801] filemap_fdatawrite_wbc+0x10b/0x150 [ 2967.481816] ? __pfx_invalidate_inode_pages2_range+0x10/0x10 [ 2967.481839] __filemap_fdatawrite_range+0xb9/0x100 [ 2967.481861] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 2967.481907] ? jbd2_journal_stop+0x184/0xe20 [ 2967.481925] ? __pfx_ext4_orphan_del+0x10/0x10 [ 2967.481949] file_write_and_wait_range+0xcc/0x140 [ 2967.481969] ext4_sync_file+0x2eb/0xe30 [ 2967.481988] ? __pfx_ext4_sync_file+0x10/0x10 [ 2967.482007] vfs_fsync_range+0x13d/0x230 [ 2967.482028] iomap_dio_complete+0x6b8/0x9e0 [ 2967.482051] iomap_dio_rw+0x73/0xa0 [ 2967.482069] ext4_file_write_iter+0xe0b/0x1990 [ 2967.482095] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2967.482111] ? __kasan_kmalloc+0x7f/0x90 [ 2967.482124] ? trace_kmalloc+0x1f/0xb0 [ 2967.482135] ? __kmalloc_noprof+0x215/0x4b0 [ 2967.482151] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2967.482172] iter_file_splice_write+0x927/0x10c0 [ 2967.482199] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2967.482233] ? lock_is_held_type+0x9e/0x120 [ 2967.482245] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2967.482262] direct_splice_actor+0x192/0x7b0 [ 2967.482280] splice_direct_to_actor+0x347/0x9d0 [ 2967.482296] ? __pfx_direct_splice_actor+0x10/0x10 [ 2967.482315] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2967.482333] ? lock_acquire+0x15e/0x2f0 [ 2967.482349] do_splice_direct+0x179/0x250 [ 2967.482365] ? __pfx_do_splice_direct+0x10/0x10 [ 2967.482380] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2967.482398] ? security_file_permission+0x22/0x90 [ 2967.482416] do_sendfile+0xa8e/0xdc0 [ 2967.482439] ? __pfx_do_sendfile+0x10/0x10 [ 2967.482456] ? __fget_files+0x20d/0x3b0 [ 2967.482482] __x64_sys_sendfile64+0x1d3/0x210 [ 2967.482498] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2967.482520] do_syscall_64+0xbf/0x360 [ 2967.482536] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2967.482550] RIP: 0033:0x7f85c6477b19 [ 2967.482562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2967.482574] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2967.482587] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2967.482595] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2967.482603] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2967.482611] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2967.482619] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2967.482640] [ 2967.532980] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:35:39 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000000000", 0x2b}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:35:40 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2e00, 0x1) 09:35:40 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3000, 0x1) 09:35:40 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x9, &(0x7f0000000100)=[{0x5, 0x2, 0x7, 0x80000000}, {0x5, 0x0, 0x9, 0x7}, {0x4, 0x5, 0x1, 0x10000}, {0x0, 0x8, 0x7f}, {0x7f, 0x1, 0x2, 0x2}, {0x2, 0x40, 0x1, 0x400}, {0x8, 0x8, 0x0, 0x10000}, {0x101, 0x1, 0xa8, 0x4}, {0xac, 0x6, 0x1, 0x5dd5}]}) ftruncate(r0, 0x0) 09:35:40 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 70) [ 2967.706021] loop2: detected capacity change from 0 to 288 [ 2967.710299] loop0: detected capacity change from 0 to 256 [ 2967.714728] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2967.755113] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2967.773749] loop6: detected capacity change from 0 to 256 [ 2967.783236] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2967.850465] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:35:51 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 69) 09:35:51 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2f00, 0x1) 09:35:51 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3100, 0x1) 09:35:51 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x3, 0x1f, 0x9, 0x5}, {0xb2f6, 0x93, 0x81}]}) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) dup3(r1, r0, 0x80000) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/pm_debug_messages', 0x200101, 0x80) recvmsg$unix(r3, &(0x7f0000001740)={&(0x7f0000000180), 0x6e, &(0x7f0000000340)=[{&(0x7f0000000200)=""/99, 0x63}, {&(0x7f0000000280)=""/22, 0x16}, {&(0x7f00000002c0)=""/70, 0x46}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000001400)=""/244, 0xf4}, {&(0x7f0000001500)=""/230, 0xe6}, {&(0x7f0000001600)=""/255, 0xff}], 0x7, &(0x7f0000001700)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x28}, 0x0) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r5, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x40182103, &(0x7f00000017c0)={0x0, 0x7, r5, 0x80000b, 0x80000}) ftruncate(r0, 0x0) 09:35:51 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001000000000000", 0x2b}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:35:51 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 71) 09:35:51 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 72) 09:35:51 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80201) [ 2979.312610] loop0: detected capacity change from 0 to 256 [ 2979.326423] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2979.341084] FAULT_INJECTION: forcing a failure. [ 2979.341084] name failslab, interval 1, probability 0, space 0, times 0 [ 2979.342418] CPU: 0 UID: 0 PID: 17179 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2979.342441] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2979.342452] Call Trace: [ 2979.342458] [ 2979.342465] dump_stack_lvl+0xfa/0x120 [ 2979.342490] should_fail_ex+0x4d7/0x5e0 [ 2979.342522] ? jbd2__journal_start+0x193/0x6b0 [ 2979.342539] should_failslab+0xc2/0x120 [ 2979.342566] kmem_cache_alloc_noprof+0x5f/0x470 [ 2979.342588] ? lock_is_held_type+0x9e/0x120 [ 2979.342611] jbd2__journal_start+0x193/0x6b0 [ 2979.342633] __ext4_journal_start_sb+0x325/0x5d0 [ 2979.342668] ? ext4_dio_write_end_io+0x2ba/0x710 [ 2979.342693] ? lock_is_held_type+0x9e/0x120 [ 2979.342711] ext4_dio_write_end_io+0x2ba/0x710 [ 2979.342732] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2979.342755] iomap_dio_complete+0x14d/0x9e0 [ 2979.342784] iomap_dio_rw+0x73/0xa0 [ 2979.342808] ext4_file_write_iter+0xe0b/0x1990 [ 2979.342840] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2979.342866] ? __kasan_kmalloc+0x7f/0x90 [ 2979.342882] ? trace_kmalloc+0x1f/0xb0 [ 2979.342897] ? __kmalloc_noprof+0x215/0x4b0 [ 2979.342917] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2979.342944] iter_file_splice_write+0x927/0x10c0 [ 2979.342978] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2979.343021] ? lock_is_held_type+0x9e/0x120 [ 2979.343035] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2979.343057] direct_splice_actor+0x192/0x7b0 [ 2979.343079] splice_direct_to_actor+0x347/0x9d0 [ 2979.343100] ? __pfx_direct_splice_actor+0x10/0x10 [ 2979.343125] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2979.343146] ? lock_acquire+0x15e/0x2f0 [ 2979.343169] do_splice_direct+0x179/0x250 [ 2979.343187] ? __pfx_do_splice_direct+0x10/0x10 [ 2979.343208] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2979.343230] ? security_file_permission+0x22/0x90 [ 2979.343253] do_sendfile+0xa8e/0xdc0 [ 2979.343282] ? __pfx_do_sendfile+0x10/0x10 [ 2979.343306] ? perf_trace_preemptirq_template+0x259/0x430 [ 2979.343338] __x64_sys_sendfile64+0x1d3/0x210 [ 2979.343355] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2979.343380] do_syscall_64+0xbf/0x360 [ 2979.343400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2979.343417] RIP: 0033:0x7f7b6ab9db19 [ 2979.343430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2979.343446] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2979.343461] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2979.343471] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2979.343481] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2979.343491] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2979.343501] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2979.343527] [ 2979.384038] loop2: detected capacity change from 0 to 288 [ 2979.389675] loop6: detected capacity change from 0 to 256 09:35:51 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3000, 0x1) [ 2979.415075] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2979.424296] FAULT_INJECTION: forcing a failure. [ 2979.424296] name failslab, interval 1, probability 0, space 0, times 0 [ 2979.425263] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2979.426193] CPU: 1 UID: 0 PID: 17185 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2979.426225] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2979.426240] Call Trace: [ 2979.426248] [ 2979.426258] dump_stack_lvl+0xfa/0x120 [ 2979.426291] should_fail_ex+0x4d7/0x5e0 [ 2979.426334] ? ext4_find_extent+0x7f5/0xa00 [ 2979.426355] should_failslab+0xc2/0x120 [ 2979.426392] __kmalloc_noprof+0xb4/0x4b0 [ 2979.426434] ext4_find_extent+0x7f5/0xa00 [ 2979.426466] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2979.426497] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2979.426548] ? perf_trace_lock_acquire+0xc9/0x700 [ 2979.426584] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2979.426626] ? lock_acquire+0x15e/0x2f0 [ 2979.426650] ? ext4_map_blocks+0x569/0x15a0 [ 2979.426695] ? down_write+0x119/0x1f0 [ 2979.426721] ? __pfx_down_write+0x10/0x10 [ 2979.426743] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2979.426783] ext4_map_blocks+0x630/0x15a0 [ 2979.426824] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2979.426851] ? lock_is_held_type+0x9e/0x120 [ 2979.426889] ? jbd2__journal_start+0xf6/0x6b0 [ 2979.426921] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2979.426953] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2979.426984] ? ext4_convert_unwritten_extents+0x190/0x580 [ 2979.427017] ext4_convert_unwritten_extents+0x1ca/0x580 [ 2979.427048] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 2979.427094] ext4_dio_write_end_io+0x13a/0x710 [ 2979.427123] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2979.427157] iomap_dio_complete+0x14d/0x9e0 [ 2979.427199] iomap_dio_rw+0x73/0xa0 [ 2979.427233] ext4_file_write_iter+0xe0b/0x1990 [ 2979.427280] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2979.427309] ? __kasan_kmalloc+0x7f/0x90 [ 2979.427331] ? trace_kmalloc+0x1f/0xb0 [ 2979.427352] ? __kmalloc_noprof+0x215/0x4b0 [ 2979.427381] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2979.427419] iter_file_splice_write+0x927/0x10c0 [ 2979.427470] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2979.427533] ? lock_is_held_type+0x9e/0x120 [ 2979.427555] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2979.427586] direct_splice_actor+0x192/0x7b0 [ 2979.427619] splice_direct_to_actor+0x347/0x9d0 [ 2979.427649] ? __pfx_direct_splice_actor+0x10/0x10 [ 2979.427685] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2979.427716] ? lock_acquire+0x15e/0x2f0 [ 2979.427747] do_splice_direct+0x179/0x250 [ 2979.427774] ? __pfx_do_splice_direct+0x10/0x10 [ 2979.427816] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2979.427849] ? security_file_permission+0x22/0x90 [ 2979.427882] do_sendfile+0xa8e/0xdc0 [ 2979.427923] ? __pfx_do_sendfile+0x10/0x10 [ 2979.427955] ? __fget_files+0x20d/0x3b0 [ 2979.428000] __x64_sys_sendfile64+0x1d3/0x210 [ 2979.428024] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2979.428062] do_syscall_64+0xbf/0x360 [ 2979.428091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2979.428115] RIP: 0033:0x7fe5d2196b19 [ 2979.428133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2979.428156] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2979.428178] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2979.428194] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2979.428208] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2979.428221] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 09:35:51 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f800002000400003000000000000000100000000000000", 0x2c}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2979.428235] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2979.428273] [ 2979.428465] EXT4-fs warning (device sda): ext4_convert_unwritten_extents:4936: inode #16059: block 16: len 16: ext4_ext_map_blocks returned -12 [ 2979.450345] FAULT_INJECTION: forcing a failure. [ 2979.450345] name failslab, interval 1, probability 0, space 0, times 0 [ 2979.450376] CPU: 0 UID: 0 PID: 17187 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2979.450396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2979.450407] Call Trace: [ 2979.450413] [ 2979.450419] dump_stack_lvl+0xfa/0x120 [ 2979.450446] should_fail_ex+0x4d7/0x5e0 [ 2979.450483] ? jbd2__journal_start+0x193/0x6b0 [ 2979.450501] should_failslab+0xc2/0x120 [ 2979.450528] kmem_cache_alloc_noprof+0x5f/0x470 [ 2979.450549] ? lock_is_held_type+0x9e/0x120 [ 2979.450570] jbd2__journal_start+0x193/0x6b0 09:35:51 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3200, 0x1) [ 2979.450590] __ext4_journal_start_sb+0x325/0x5d0 [ 2979.450613] ? ext4_dio_write_end_io+0x2ba/0x710 [ 2979.450631] ? lock_is_held_type+0x9e/0x120 [ 2979.450655] ext4_dio_write_end_io+0x2ba/0x710 [ 2979.450684] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2979.450717] iomap_dio_complete+0x14d/0x9e0 [ 2979.450746] iomap_dio_rw+0x73/0xa0 [ 2979.450767] ext4_file_write_iter+0xe0b/0x1990 [ 2979.450797] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2979.450816] ? __kasan_kmalloc+0x7f/0x90 [ 2979.450831] ? trace_kmalloc+0x1f/0xb0 [ 2979.450845] ? __kmalloc_noprof+0x215/0x4b0 [ 2979.450870] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2979.450897] iter_file_splice_write+0x927/0x10c0 [ 2979.450928] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2979.450968] ? lock_is_held_type+0x9e/0x120 [ 2979.450981] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2979.451001] direct_splice_actor+0x192/0x7b0 [ 2979.451022] splice_direct_to_actor+0x347/0x9d0 [ 2979.451042] ? __pfx_direct_splice_actor+0x10/0x10 [ 2979.451064] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2979.451085] ? lock_acquire+0x15e/0x2f0 [ 2979.451106] do_splice_direct+0x179/0x250 [ 2979.451124] ? __pfx_do_splice_direct+0x10/0x10 [ 2979.451142] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2979.451164] ? security_file_permission+0x22/0x90 [ 2979.451185] do_sendfile+0xa8e/0xdc0 [ 2979.451213] ? __pfx_do_sendfile+0x10/0x10 [ 2979.451233] ? __fget_files+0x20d/0x3b0 [ 2979.451263] __x64_sys_sendfile64+0x1d3/0x210 [ 2979.451279] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2979.451303] do_syscall_64+0xbf/0x360 [ 2979.451322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2979.451339] RIP: 0033:0x7f85c6477b19 [ 2979.451352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2979.451367] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2979.451381] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2979.451392] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2979.451401] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2979.451410] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2979.451420] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2979.451444] [ 2979.510251] loop0: detected capacity change from 0 to 256 [ 2979.547785] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:35:52 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 72) [ 2979.622335] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:35:52 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 73) 09:35:52 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 70) [ 2979.675388] loop6: detected capacity change from 0 to 256 [ 2979.720089] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2979.736595] loop2: detected capacity change from 0 to 288 09:35:52 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3100, 0x1) [ 2979.769195] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2979.841487] FAULT_INJECTION: forcing a failure. [ 2979.841487] name failslab, interval 1, probability 0, space 0, times 0 [ 2979.843224] CPU: 1 UID: 0 PID: 17207 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) 09:35:52 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3800, 0x1) [ 2979.843256] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2979.843269] Call Trace: [ 2979.843278] [ 2979.843288] dump_stack_lvl+0xfa/0x120 [ 2979.843321] should_fail_ex+0x4d7/0x5e0 [ 2979.843364] ? jbd2__journal_start+0x193/0x6b0 [ 2979.843389] should_failslab+0xc2/0x120 [ 2979.843426] kmem_cache_alloc_noprof+0x5f/0x470 [ 2979.843457] ? lock_is_held_type+0x9e/0x120 [ 2979.843488] jbd2__journal_start+0x193/0x6b0 [ 2979.843519] __ext4_journal_start_sb+0x325/0x5d0 [ 2979.843560] ? ext4_dio_write_end_io+0x2ba/0x710 09:35:52 executing program 1: r0 = socket$inet(0x2, 0x2, 0x4) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000240)={{{@in6=@mcast1, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@empty}}, &(0x7f0000000440)=0xe8) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00032bbd7000ffdbdf25060000003c0001800800030000aa9323c00002006261746164765f736c617663766c0003000300187aed426be317acd5a200"/70, @ANYRES32=r1, @ANYBLOB="1400018008000300030000000800030006000000"], 0x70}}, 0x20040004) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r2, 0x0) r3 = geteuid() setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000140)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@rand_addr=0x64010101, 0x4e20, 0x4597, 0x4e20, 0x7f, 0x2, 0xa0, 0x0, 0x32, 0x0, r3}, {0x1, 0x80, 0x6, 0xff, 0x1, 0x5, 0x6, 0x2}, {0x7, 0x8, 0x3ab8eae0, 0x3c3}, 0x0, 0x6e6bbc, 0x0, 0x1, 0x1, 0x1}, {{@in=@rand_addr=0x64010102, 0x4d2, 0x32}, 0x2, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3502, 0x2, 0x1, 0x6, 0x8, 0x80, 0x1}}, 0xe8) [ 2979.843588] ? lock_is_held_type+0x9e/0x120 [ 2979.843614] ext4_dio_write_end_io+0x2ba/0x710 [ 2979.843644] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2979.843678] iomap_dio_complete+0x14d/0x9e0 [ 2979.843720] iomap_dio_rw+0x73/0xa0 [ 2979.843754] ext4_file_write_iter+0xe0b/0x1990 [ 2979.843823] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2979.843860] ? __kasan_kmalloc+0x7f/0x90 [ 2979.843887] ? trace_kmalloc+0x1f/0xb0 [ 2979.843913] ? __kmalloc_noprof+0x215/0x4b0 [ 2979.843948] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2979.843996] iter_file_splice_write+0x927/0x10c0 [ 2979.844061] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2979.844149] ? lock_is_held_type+0x9e/0x120 [ 2979.844177] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2979.844216] direct_splice_actor+0x192/0x7b0 [ 2979.844261] splice_direct_to_actor+0x347/0x9d0 [ 2979.844299] ? __pfx_direct_splice_actor+0x10/0x10 [ 2979.844344] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2979.844385] ? lock_acquire+0x15e/0x2f0 [ 2979.844426] do_splice_direct+0x179/0x250 [ 2979.844459] ? __pfx_do_splice_direct+0x10/0x10 [ 2979.844495] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2979.844538] ? security_file_permission+0x22/0x90 [ 2979.844580] do_sendfile+0xa8e/0xdc0 [ 2979.844633] ? __pfx_do_sendfile+0x10/0x10 [ 2979.844681] ? perf_trace_preemptirq_template+0x259/0x430 [ 2979.844744] __x64_sys_sendfile64+0x1d3/0x210 [ 2979.844776] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2979.844822] do_syscall_64+0xbf/0x360 [ 2979.844853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2979.844880] RIP: 0033:0x7f85c6477b19 [ 2979.844900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2979.844925] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2979.844949] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2979.844966] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2979.844980] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2979.844996] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2979.845011] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2979.845053] [ 2979.896216] FAULT_INJECTION: forcing a failure. [ 2979.896216] name failslab, interval 1, probability 0, space 0, times 0 [ 2979.898369] CPU: 1 UID: 0 PID: 17208 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2979.898399] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2979.898413] Call Trace: [ 2979.898421] [ 2979.898431] dump_stack_lvl+0xfa/0x120 [ 2979.898461] should_fail_ex+0x4d7/0x5e0 [ 2979.898503] ? ext4_find_extent+0x7f5/0xa00 [ 2979.898524] should_failslab+0xc2/0x120 [ 2979.898560] __kmalloc_noprof+0xb4/0x4b0 [ 2979.898588] ? stack_depot_save_flags+0x2c/0xa20 [ 2979.898630] ext4_find_extent+0x7f5/0xa00 [ 2979.898651] ? kasan_save_stack+0x34/0x50 [ 2979.898674] ? __kasan_slab_free+0x38/0x50 [ 2979.898702] ext4_ext_map_blocks+0x1cc/0x5f30 [ 2979.898727] ? iter_file_splice_write+0x927/0x10c0 [ 2979.898759] ? do_syscall_64+0xbf/0x360 [ 2979.898782] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2979.898809] ? __pfx_perf_trace_lock+0x10/0x10 [ 2979.898847] ? perf_trace_lock_acquire+0xc9/0x700 [ 2979.898882] ? perf_trace_lock_acquire+0xc9/0x700 [ 2979.898914] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 2979.898957] ? lock_acquire+0x15e/0x2f0 [ 2979.898979] ? ext4_map_blocks+0x569/0x15a0 [ 2979.899025] ? down_write+0x119/0x1f0 [ 2979.899050] ? __pfx_down_write+0x10/0x10 [ 2979.899073] ? ext4_es_lookup_extent+0xc8/0xb20 [ 2979.899112] ext4_map_blocks+0x630/0x15a0 [ 2979.899153] ? __pfx_ext4_map_blocks+0x10/0x10 [ 2979.899179] ? lock_is_held_type+0x9e/0x120 [ 2979.899210] ? jbd2__journal_start+0xf6/0x6b0 [ 2979.899241] ? __ext4_journal_start_sb+0x325/0x5d0 [ 2979.899273] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 2979.899304] ? ext4_convert_unwritten_extents+0x190/0x580 [ 2979.899337] ext4_convert_unwritten_extents+0x1ca/0x580 [ 2979.899368] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 2979.899414] ext4_dio_write_end_io+0x13a/0x710 [ 2979.899443] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 2979.899477] iomap_dio_complete+0x14d/0x9e0 [ 2979.899518] iomap_dio_rw+0x73/0xa0 [ 2979.899553] ext4_file_write_iter+0xe0b/0x1990 [ 2979.899600] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2979.899628] ? __kasan_kmalloc+0x7f/0x90 [ 2979.899651] ? trace_kmalloc+0x1f/0xb0 [ 2979.899671] ? __kmalloc_noprof+0x215/0x4b0 [ 2979.899701] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2979.899738] iter_file_splice_write+0x927/0x10c0 [ 2979.899789] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2979.899865] ? lock_is_held_type+0x9e/0x120 [ 2979.899887] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2979.899918] direct_splice_actor+0x192/0x7b0 [ 2979.899951] splice_direct_to_actor+0x347/0x9d0 [ 2979.899981] ? __pfx_direct_splice_actor+0x10/0x10 [ 2979.900018] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2979.900049] ? lock_acquire+0x15e/0x2f0 [ 2979.900080] do_splice_direct+0x179/0x250 [ 2979.900107] ? __pfx_do_splice_direct+0x10/0x10 [ 2979.900135] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2979.900167] ? security_file_permission+0x22/0x90 [ 2979.900199] do_sendfile+0xa8e/0xdc0 [ 2979.900240] ? __pfx_do_sendfile+0x10/0x10 [ 2979.900271] ? __fget_files+0x20d/0x3b0 [ 2979.900317] __x64_sys_sendfile64+0x1d3/0x210 [ 2979.900341] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2979.900379] do_syscall_64+0xbf/0x360 [ 2979.900406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2979.900429] RIP: 0033:0x7fe5d2196b19 [ 2979.900447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2979.900469] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2979.900491] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 2979.900506] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2979.900520] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2979.900534] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2979.900548] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 2979.900586] [ 2979.953198] EXT4-fs warning (device sda): ext4_convert_unwritten_extents:4936: inode #16025: block 16: len 16: ext4_ext_map_blocks returned -12 09:35:52 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f800002000400003000000000000000100000000000000", 0x2c}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:35:52 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80300) [ 2979.972786] loop0: detected capacity change from 0 to 256 [ 2979.974036] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2980.018579] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2980.028980] loop2: detected capacity change from 0 to 288 [ 2980.036322] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2980.080002] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2980.155513] loop6: detected capacity change from 0 to 256 [ 2980.193621] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:36:02 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 74) 09:36:02 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3902, 0x1) 09:36:02 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = inotify_init1(0x800) pwritev2(r1, &(0x7f0000001340)=[{&(0x7f0000000180)="21eaabdc3d0a26533055137d6f275a1804dd68b204c8079f15fef640a302a4535d8fc699bc244659d088eccce6075a77a8e58ec1047748a0b4376a8e2faddc42a0930214a64196fd00593785cbc69e", 0x4f}, {&(0x7f0000000100)}, {&(0x7f0000000200)="041f2fd2efacfdb453bfbddd6b9728949dd2b0cdd8db1bee43946da4fa68b929938ad651fc892886f41b23a09c265f48092da28a928b1fa85c3de2fb1e537c211a55ca425964c98633f79c50d7be0c122eedc60f099d5710eadf5b9a695417c10d97b27edad8ca96b63a57433dc2052df1f9f515f70bef937051a3cc87d76900fb309b3727e12f1e02b571b2422277e09df8e4ee7379eb9a790fc8d680e8995e73972e3c409095d682a29f7308daa25222411580063efb3037c9248f1ae6554eac119b420266fe0f3dbedf309fca94ae97eec5cb45d948eb62114800f239bf6a9aee903b742a26a2ba01bb1a3e8fe9afe740866c475b3516c504a18165e139d0a19c6b2b58f1e703c082fa623ab582e3f84b6890a2efe1291c28944309bc4607b27816e8929c41d854eef85a90224c1e9e203999878836c764ec627b536c18f7a6fa7de05710f72d233b4f27feee627304e84451fc4ef6662aa6f60c298a82b73a91697ebcde261e9c59444c54319586ba5a531de7525f046675602990baad5fab6ee90d8fe44e5a7688fd796eaa030054e679cb3df75ed4f45da6e3a11f8ac6e3c3a1fb271249e33a43af99c15442c3b073cda4ef479c1bfd142d090934dd9433fe6d234267c96de23cd8deb55203967caa9635b0592246b8a9c30312dadb5f4a4ba5f7a88f2bed0b8cf2ebe6f25f28a2f4fd2c52196f66b25698431cecfc5de08eabf20c32dbc8e215258b2d411f44f7f4ccc13ed5610e5ed987d7caecb94bea97616686e393e4cd7086230aa3796b4e0b499ed55e834932cb97dee85127c4673fd5700316b8e3a3a78df67e6813598da3fad717dddbbecc2e0707201a59669234bb33fefa024926e78461a3511f208aeb5e4159d7cd6ab209fe3fb40e5a281190ac50a610d8541f8a15fc4ff003b78d4df87c99af8cab9858831ccceacc1e551e28d230077d91cb90ae7da2ae31b9b4a9d3ab997e2233c396dd19edd8154f5b62f1a87db9de525555586acb0e62cf8d2813642f31fb39be860860b51e52ffc717e2bd17df7725fc2a5b062589ba78572f3a1970942aa4fdd46272d37f51d2c0d1303ebce7f0f20852caa01ebe3f1e9ef50eb2300763129206a440728290cb569337ce273de49ecd3e0926a25f9b5039b062a640cecef5f51570785dc90e1359de47bdc8fb013e4aede6d56dd2000f05edab1ccc392c7ee74528f2d7b839b4f6f9cf52c9fee19c41c69042bda3fd51b2fbc45d23e0231f72ba2b8d1eea59d198a0d3f0de9aaf2159ab648e62012df9494a2a33d8ddd73d408205696867e7a9b20b2d508c91ddafe6e77f820a2e5ed00699702421276ea738c19dd70825656c4a1d278f89c09cbe8d07e2324a825fd0aaae80d9faddbd45c8b57fe925796e0d3e7736a3497d8c72c2bc00770ab91fa7e540e320b475b46c82a20efd25b0509d3cf92a622bb97764e7ac6d24c7164301468d7620865802ee06365cd3d4fb52721d0c195019f974464e6ae45a9375190c76ecc9e8284a849d4790411b017dbee59cdfa70b366bbcda81e800566bbcf1b007570a99d63861b495e33102c26a30e19db1e0b84fa7010e930dd05533f6fc30a9c2ba0d272a0d3f75c89d5b2e76eee8e913624b41b6c4f08ff8dd35319756a7dce13ea84f61e3e2edf1894ce089c594391ebb2d4a91c07be4cd7883d27bc1744dace2452e674fa9deeeefa09d6495f104c1cd6e1e2371948fbc2341292745f057a95e8167562a4fc88b479740a5ab706156ff27e9d332ddcfdeb2cfd92931fb5a36f3cf52d52824cb45d8cd62d6d774c60d131427320680fd301fb0ab576a04470fa4c4e04eed3bfbc4c55afddd659e643836f4da64ab58445ea128e136cae09b31704881153333cd57cb9a78e674e12458aae0c8a06f80c7a39667a5bbf61614d7f818a0600fbaafe45bd4d6bc8fb1823895c781c62a6a065f834fc00189ced6ab6310bfb3b99314384e43d8c3c253c3e091e24b0cc8da7e7eef40bacac727994cbaa21a10abba05ff713afe3faaaf86249f06a4509f2ed0d3c6f71fe198cb82e43a8767760fa8c00dbf503c0b30b86e1cfeac440f03916f6f30ac449ab548ecc91ff04e4143e34fba4a412b83f8de902b9a3c1c177884fa2c1aa9986d9ef4bb8b8ad804c1107260d4471a36c0d2e307888780602f850f0b4bc8e2fbc0a7de0e3631343c95da3e419a0827d511c3b4216f9e2e847d0d7a43def710dd5cad0f4de41130d297a9730dc347c6a250430858d2d5bac50d87f5efcdcfd554988d592108785f557c0df222d5a0bc17f55932103f3924d217c5f6671c0922ea1abed63ff8591b2083b431a06232584a1374a7dbeffb7d0a34f908fef992e1b8f2cf39408dc8ba2ccfaa106bbf9af0be79af64074158f00dd7ea2ca30656dcf7f0f0b20790be753f0504351101d688614fc2357c629c8a2e6985a2b69162f347393cda7a282a26d6514f79590dca5f2332839f5c4f1460a61331d3db2cef7bd8812ad5c0cfd4e99e00f965758379fa335e02d71376b9d469c43cf440d9581a96f8352090eacdb6e8b0d963fdfbeb654791b2aca0dca55058ad2a69fb65db324f1b011b5d80f00684afccd6068a7537b588cd0e664c0bfb0304757851c09221f0d34b9e3f4ba1278fee31523bc79a31ac2b0c5467351ca0915cfc0a2342864b1381faa142b5031a73bf53c0bb2d7706ff50b8220f75ed3380cbdbf88f418a148e15f30fd84b387d923d67c660c9930bc72dd3f391ea6d905a9c5071b301273fabb58fc43b0059f8511c919911feda2d9987a173eb9d583f3b696f0b949550968aeb1e98e1df735c3de8fd9adb04d43ab70a8c00ba0c0a76339f2ccdf7494e8429eb5a1deb16f12f7051ce37d24c67eebb8331b0f95fd6783a3d2ec9393b7a99dbcc2985bc4efe204b786dfd0100299526c7b0a43c8f9611c5eb4149d32ea82f00fcd99f75bfccf4929b90792445a607b547f99246f8bc0d1efd33c60220340da5537d889af0240fbc1477d54d99dac9e2c3b75226c7cc025715fe3d9d03aa96f2530a1b8b996958366b9b3ea52b6a5c5dd7361c10e1e38797803a969eb23d5462ac60060621a6bfcb293fe9bbd7082c64d21d4be2ad06fd8b193356942f9fe7a35587f5fb0a49c30d688e734754bd3f3505e8a00375242b101612f8b61a20c547575ee16c44b878c2f09a106dc7ed9baafe92f988dc5c7d9036f1fb936de68c2d8643cc8d83c63746ddaf978d92390cfed94f615e4307fe065b7e713d29295fdeac353941b8d4157d3f7340cb0fc4dce89e02a6e859d82d89d01b248e64f370ce62a12bcc67b66c6214659b579d8ecc62849c36ee8a207308c46e6ba613c17f89e01dba611be15a0d1862a84a7c1a676ca82b91fe54c48ed4f909b7aea6b371c118e3483df37db4b23179fc398969f128a5ffaaf731e9c10660d496a3815db9775ef2949c01e768366456402014e9f2dd2fbbc652121caac340a291a94ef9f800b0705d9783d595ecbd6c6e1e2e614b13b0a9ee2a18abda200972b1b5cea0d1c030a62a55078f97eb63d7ce252d20201600796d56597738449ee92a52f8dc7cb09e0e6a45c05aefbbf7fd52c52779aeba007ad5b6fa1421d3964f6398b4d2e5c18e9e8b61b73c581b97f5906f1857c2e7801f21d699f7107eed4a07d51ba64ec70737e3855bb51515866af629629fab7a5a625c38d7ddea0b8fe25ce4a522b7b7bca1874cdfb991c5d6fb41b80e027c03bb90171937931c983be19ce4c415f634952de7dffc74100642f70bb8d83bd93972bc20d7d30442a0f47a4c2ae1b96aee0244756ac4257c5d96daf8db4a89120171f0398c580e05656a2b596054218f465bb856b77721d9be3a16ef2a8417dbbbb803972463862dabeafb0972c8c5549f1ecb35879471e145bb4818dd1f2afda8f74cb60b398f261826f97680638283cc7706808efc1843628387a4025a25414fcee9f0184bbee608ee4e9281650f1d0341f676e000be218a610997b756f308eaa92ea10086e34c6f2e90acaa90de9e1946618b668f12ba0119feb8cfc3b7504c5a00bfc0e2d9454c0782fe640fefcc31be27efdfff0e23c8bb266fef1db12091061effcb54debfed4448396be16ee02939f4d2cfee4c115b0b7cadaba8a1fe94363c1641b829fee02266856fab49093cdb9e88888e3f6757058fd1e9b8ad1bee8a3832ff8b382e40cb02800c9cca12f21e2b52546eb31b1dc81275d67bbc8e3772ecb6aa7c05f6d3c7f2c595def6d9f39f01408aa118385e24e73493dcbaedf99ec9c366715577421a51eb993ad8a25c9b8ce8b8f2a1c58b6f67198a6a565fb3883e5892aba7dc84041430f3fb5326f2c02b8173ede1aba3755d6cc0e3b123cdad2f208f8bdade2afd13be655827b43890d384a98f1ecfaf47fcb6d9cbb0f59e93b3b8e4dec85658ea4450b1ab3f67ee5ac446801bd1943d4a594825debda9ccac93deeaf320e2ba171ebf24c10373ae2f9280b707acf957e3d4b851c2a35561485acb6cc7ffcbffa61352c851f76805cb1ac171f6ce3f854b198fe80e57c4649e37d65f65784bf6396274770c7065d88f128412b91dfe053b0dba8f0f19cdce83354589e88a4c57ff64f639eb71f124655accb31f8c0c38cad2aa9ed1b82f4bafbfd8138fe4b82cd97111164c46a8ef3d1334888cedb20e1d132d36224dd9134dd51841c6f8072fb6c9c76eacf99cbb6bdef5d0b48465179bf33fb40ad70fdef55750e5f91b8c969e7ed0358638504199e3b7b4016d20997215f0de9056d0ac8447debd38b637f5a8be7c195b4e7d6ca51342b4fd212adadf8f47abd6ed8e36d84add913f01da838cdddbad34fbc1eac32373dea914ab44c3afd61517c9ed1cddd192069a531c28e88f7f483061bc9bc2d3c05a7e8100e5fd5fe31580a243c2068bdba44a3c1b4708497d9fd7db88828b8e17d56e8940061da95192282d026cf68fded8f0780b424d74789bfdef4206c3560533d6f9e658d4ad109fdbea0628607b9b85dd1e6c2e9e4f4256e7daf40aea37476753f73cbdbcaa5bcac4673433277013bfc0ba2d7e109e20ca003540f83f9f2987f5e216cf422b9f422b3a300fa8228871d6aa582d0a60891dabe3caaedf36e2f1fd3279b17dd312acef7331ee0a5d49280a79b03beb5eaf2bb632b36b386c00d15ffd41a65cc248e66fbb0106aafda6ed5cdaa52eef108243fffcdf4f625abeca73eaa44fe1f99ebe5e57c96f1ae3b3ffb9873fa85782142e3dcc027ef0617a22256a0363259e694af925004f4f7ab89e22d5d9eb2a4e108f55e8909e874c0cf675df7a66a0516f5c5c81a8351569790af651435825dccd13959cdc31fe7746e685ead0ee1706c63b3f53508b608ec3cc33a1f88d6c2675629643f0d24222ed91531da4b8472e3851adab3e9342c097addf9fee761f3121673b2a40c445ac82ccddbebf698bcb2d2fe3cd03c42e84291212413a163339658ab41c5e956974d5a8fde3e32200b5ff5ad6da2f796eb84a71d6b65f52228fea5ef398636f023ee5d516bd87cd4f1894d1799046004051adc7c9662df8702430f5e00c776de4a0ce5a72c2f240222ec58c1a0edbd5a6b23fb8e5ff8043ceb12e24f7ae996352d198b46dd921b2bd4860a5850d7886c6cf1fb2d85c5fab21a1b8c5997791a563922fb6c04cb0b97a71f9e77ce41e69e964de4bf8506306437bfea3571e6c6b598948221fa1950707fbf2e5dd83b9b903907ee13aa212b87e964ef79cfcef135f21e9424d3487f6ec4f3cf604da06f65d1ec6", 0x1000}, {&(0x7f0000001200)="64ac01c5cd0f2c362eca215995063620a60b2071c34a943d96375423857245e8010dde04672a1f26d4c71b33b8ff0bf9990ec343d94075ba44bf1104fab3c66a118272420be735cbe519b1b61f9d6913731cfd7d59afc628cb8be016fea68f443b986b6fe29507b98885a06ad9a2a9", 0x6f}, {&(0x7f0000001280)="240f675c30101b1f8f6d11a505cbeffda1ac4c7070e4bdbb0b88a33dea5fb1fe17e05e1e97299da4c09cfaa22d1d150c116c7317d73879b1f2c6a07eb01a03bc6d6a8828819b7d3ca309808b91657b9fcafcb4f8e45b3380c3a72f51359c9f44ffe13a5dfb218e864f0c8901a95f49ec", 0x70}, {&(0x7f0000001300)="30b2df01a91b7db3a34b3d053757e8e1481c9d4c3e8d17c00b17271fb144fddf92de95798e4369153c17", 0x2a}], 0x6, 0x77aaf34, 0x1, 0x8) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='pagemap\x00') ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={0x0, 0x1, r0, 0x3, 0x80000}) r3 = creat(&(0x7f0000000140)='./file0\x00', 0x242) ftruncate(r3, 0x0) 09:36:02 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80321) 09:36:02 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f800002000400003000000000000000100000000000000", 0x2c}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:36:02 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 71) 09:36:02 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 73) 09:36:02 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3200, 0x1) [ 2989.926256] loop0: detected capacity change from 0 to 256 [ 2989.929250] loop2: detected capacity change from 0 to 288 [ 2989.942769] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2989.947884] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2989.960258] loop6: detected capacity change from 0 to 256 09:36:02 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000040)}) r1 = creat(&(0x7f00000003c0)='./file1\x00', 0x25) ftruncate(r1, 0x0) mq_timedreceive(r1, &(0x7f0000000400)=""/4096, 0x1000, 0x7, &(0x7f0000000000)={0x77359400}) pwritev2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r2, r3, 0x0, 0x80000) r4 = socket$packet(0x11, 0x2, 0x300) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000001500)=@proc={0x10, 0x0, 0x25dfdbfb, 0x4000}, 0xc, &(0x7f0000001540), 0x0, &(0x7f0000001580)=ANY=[@ANYBLOB="34000000000000000100000001000000", @ANYRES32, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r3, @ANYBLOB="0010190018000100000001000000", @ANYRES32=r4, @ANYRES32=r0], 0x50, 0x20}, 0x20000800) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r5, &(0x7f00000002c0)=[{&(0x7f0000000100)='!', 0x1}, {&(0x7f0000000300)="5a0da54defebc11c67412e206069ea0f9e56e5a923712f67e9c478e3a59e3778155d0aed86ae7eb95f6978d267bfa05dc1a7baf52cd2981c7f5eb9e92dda4ecbc88e2cec6bce7bc48af0a1323659c8ed42902f1c6e349e62316b", 0x5a}, {&(0x7f0000000140)="c6c78522538e9a5e2e61fd643b5cd9dd5c987d2a6bd6594383451ffdedda3cca8d555189358efe7fdc5b4e8db73b78ac24b06daa4d9686596fd38505d7e5200b3b5df9686e2ae8bd8ea6482b4b9dcb54c4f3fe04c35ed8ab2fadcd699b5d8bd0a38a7d814c3f712c28c86cfb5c31fd66be2a272674c16d2277b9c78cfb77cc2b532af7058ad9cf601a28be38faa9aa0bcae6f095aa93450833b8a5", 0x9b}, {&(0x7f0000000200)="761fdde8bead64c0293307c87beb7c52f780797f8aef11fc7ee10360f040fa5b6999fab2a729a934c3321ed489d3009853a8d698b0e14a7a32f534fafcda7fd6f97dd27bf074f318ef04b642e0acb582ae2c2524999283f9575150800d8ea1be4f9f4edf2c5019d0861a34ee7040de461305f29ec85d58f1adce7260178808c6c6e40a922f", 0x85}], 0x4, 0x7ffff, 0x8, 0x4) dup2(r5, r0) r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) preadv(r0, &(0x7f0000000380)=[{&(0x7f0000001400)=""/95, 0x5f}], 0x1, 0x1f, 0x56a8) ioctl$BTRFS_IOC_QGROUP_LIMIT(r6, 0x8030942b, &(0x7f0000001480)={0x4, {0x20, 0x100000001, 0x6, 0x6, 0x400}}) mknodat$loop(r6, &(0x7f0000000040)='./file1\x00', 0x1000, 0x0) flock(r1, 0x8) 09:36:02 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3300, 0x1) 09:36:02 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, 0x0) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2990.024346] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2990.030434] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 2990.036380] FAULT_INJECTION: forcing a failure. [ 2990.036380] name failslab, interval 1, probability 0, space 0, times 0 [ 2990.037447] CPU: 0 UID: 0 PID: 17244 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2990.037465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2990.037474] Call Trace: [ 2990.037480] [ 2990.037485] dump_stack_lvl+0xfa/0x120 [ 2990.037509] should_fail_ex+0x4d7/0x5e0 [ 2990.037536] ? ext4_init_io_end+0x27/0x180 [ 2990.037550] should_failslab+0xc2/0x120 [ 2990.037572] kmem_cache_alloc_noprof+0x5f/0x470 [ 2990.037592] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 2990.037610] ext4_init_io_end+0x27/0x180 [ 2990.037624] ext4_do_writepages+0xaa4/0x3230 [ 2990.037662] ? __pfx_ext4_do_writepages+0x10/0x10 [ 2990.037688] ? lock_is_held_type+0x9e/0x120 [ 2990.037705] ext4_writepages+0x369/0x7a0 [ 2990.037724] ? __pfx_ext4_writepages+0x10/0x10 [ 2990.037741] ? __pfx_perf_trace_lock+0x10/0x10 [ 2990.037766] ? lock_release+0xc8/0x290 [ 2990.037782] ? do_raw_spin_unlock+0x53/0x220 [ 2990.037798] ? __pfx_ext4_writepages+0x10/0x10 [ 2990.037817] do_writepages+0x244/0x5c0 [ 2990.037837] filemap_fdatawrite_wbc+0x10b/0x150 [ 2990.037856] ? __pfx_invalidate_inode_pages2_range+0x10/0x10 [ 2990.037878] __filemap_fdatawrite_range+0xb9/0x100 [ 2990.037897] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 2990.037948] ? jbd2_journal_stop+0x184/0xe20 [ 2990.037965] ? __pfx_ext4_orphan_del+0x10/0x10 [ 2990.037989] file_write_and_wait_range+0xcc/0x140 [ 2990.038010] ext4_sync_file+0x2eb/0xe30 [ 2990.038028] ? __pfx_ext4_sync_file+0x10/0x10 [ 2990.038047] vfs_fsync_range+0x13d/0x230 [ 2990.038068] iomap_dio_complete+0x6b8/0x9e0 [ 2990.038091] iomap_dio_rw+0x73/0xa0 [ 2990.038110] ext4_file_write_iter+0xe0b/0x1990 [ 2990.038135] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2990.038151] ? __kasan_kmalloc+0x7f/0x90 [ 2990.038164] ? trace_kmalloc+0x1f/0xb0 [ 2990.038176] ? __kmalloc_noprof+0x215/0x4b0 [ 2990.038192] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2990.038212] iter_file_splice_write+0x927/0x10c0 [ 2990.038239] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2990.038273] ? lock_is_held_type+0x9e/0x120 [ 2990.038285] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2990.038302] direct_splice_actor+0x192/0x7b0 [ 2990.038321] splice_direct_to_actor+0x347/0x9d0 [ 2990.038339] ? __pfx_direct_splice_actor+0x10/0x10 [ 2990.038359] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2990.038377] ? lock_acquire+0x15e/0x2f0 [ 2990.038393] do_splice_direct+0x179/0x250 [ 2990.038407] ? __pfx_do_splice_direct+0x10/0x10 [ 2990.038423] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2990.038440] ? security_file_permission+0x22/0x90 [ 2990.038459] do_sendfile+0xa8e/0xdc0 [ 2990.038482] ? __pfx_do_sendfile+0x10/0x10 [ 2990.038501] ? perf_trace_preemptirq_template+0x259/0x430 [ 2990.038527] __x64_sys_sendfile64+0x1d3/0x210 [ 2990.038540] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2990.038561] do_syscall_64+0xbf/0x360 [ 2990.038577] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2990.038590] RIP: 0033:0x7f85c6477b19 [ 2990.038602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2990.038615] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2990.038627] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2990.038636] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2990.038643] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2990.038651] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2990.038659] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2990.038680] [ 2990.142736] loop2: detected capacity change from 0 to 288 09:36:02 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3f00, 0x1) 09:36:02 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, 0x0) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2990.225342] loop2: detected capacity change from 0 to 288 [ 2990.239527] loop0: detected capacity change from 0 to 256 09:36:02 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, 0x0) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2990.298314] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:36:02 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 72) [ 2990.318380] loop2: detected capacity change from 0 to 288 09:36:02 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 75) 09:36:02 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 74) 09:36:02 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80500) [ 2990.402058] loop6: detected capacity change from 0 to 256 [ 2990.454810] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:36:02 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 76) 09:36:02 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 2990.583638] FAULT_INJECTION: forcing a failure. [ 2990.583638] name failslab, interval 1, probability 0, space 0, times 0 [ 2990.585552] CPU: 1 UID: 0 PID: 17280 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2990.585584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2990.585597] Call Trace: [ 2990.585605] [ 2990.585615] dump_stack_lvl+0xfa/0x120 [ 2990.585649] should_fail_ex+0x4d7/0x5e0 [ 2990.585695] ? ext4_init_io_end+0x27/0x180 [ 2990.585719] should_failslab+0xc2/0x120 [ 2990.585755] kmem_cache_alloc_noprof+0x5f/0x470 [ 2990.585789] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 2990.585821] ext4_init_io_end+0x27/0x180 [ 2990.585846] ext4_do_writepages+0xaa4/0x3230 [ 2990.585920] ? __pfx_ext4_do_writepages+0x10/0x10 [ 2990.585967] ? lock_is_held_type+0x9e/0x120 [ 2990.585996] ext4_writepages+0x369/0x7a0 [ 2990.586030] ? __pfx_ext4_writepages+0x10/0x10 [ 2990.586061] ? __pfx_perf_trace_lock+0x10/0x10 [ 2990.586104] ? lock_release+0xc8/0x290 [ 2990.586130] ? do_raw_spin_unlock+0x53/0x220 [ 2990.586160] ? __pfx_ext4_writepages+0x10/0x10 [ 2990.586194] do_writepages+0x244/0x5c0 [ 2990.586228] filemap_fdatawrite_wbc+0x10b/0x150 [ 2990.586253] ? __pfx_invalidate_inode_pages2_range+0x10/0x10 [ 2990.586293] __filemap_fdatawrite_range+0xb9/0x100 [ 2990.586326] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 2990.586358] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 2990.586441] ? jbd2_journal_stop+0x184/0xe20 [ 2990.586471] ? __pfx_ext4_orphan_del+0x10/0x10 [ 2990.586514] file_write_and_wait_range+0xcc/0x140 [ 2990.586551] ext4_sync_file+0x2eb/0xe30 [ 2990.586584] ? __pfx_ext4_sync_file+0x10/0x10 [ 2990.586619] vfs_fsync_range+0x13d/0x230 [ 2990.586655] iomap_dio_complete+0x6b8/0x9e0 [ 2990.586696] iomap_dio_rw+0x73/0xa0 [ 2990.586730] ext4_file_write_iter+0xe0b/0x1990 [ 2990.586775] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2990.586804] ? __kasan_kmalloc+0x7f/0x90 [ 2990.586826] ? trace_kmalloc+0x1f/0xb0 [ 2990.586846] ? __kmalloc_noprof+0x215/0x4b0 [ 2990.586875] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2990.586912] iter_file_splice_write+0x927/0x10c0 [ 2990.586961] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2990.587028] ? lock_is_held_type+0x9e/0x120 [ 2990.587049] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2990.587080] direct_splice_actor+0x192/0x7b0 [ 2990.587112] splice_direct_to_actor+0x347/0x9d0 [ 2990.587142] ? __pfx_direct_splice_actor+0x10/0x10 [ 2990.587177] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2990.587208] ? lock_acquire+0x15e/0x2f0 [ 2990.587238] do_splice_direct+0x179/0x250 [ 2990.587265] ? __pfx_do_splice_direct+0x10/0x10 [ 2990.587293] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2990.587324] ? security_file_permission+0x22/0x90 [ 2990.587357] do_sendfile+0xa8e/0xdc0 [ 2990.587397] ? __pfx_do_sendfile+0x10/0x10 [ 2990.587428] ? __fget_files+0x20d/0x3b0 [ 2990.587473] __x64_sys_sendfile64+0x1d3/0x210 [ 2990.587497] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2990.587534] do_syscall_64+0xbf/0x360 [ 2990.587562] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2990.587586] RIP: 0033:0x7f7b6ab9db19 [ 2990.587604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2990.587626] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2990.587649] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 2990.587664] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2990.587678] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 2990.587692] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2990.587706] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 2990.587743] [ 2990.615149] FAULT_INJECTION: forcing a failure. [ 2990.615149] name failslab, interval 1, probability 0, space 0, times 0 [ 2990.622530] loop2: detected capacity change from 0 to 288 [ 2990.622599] CPU: 0 UID: 0 PID: 17279 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 2990.622618] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2990.622627] Call Trace: [ 2990.622633] [ 2990.622639] dump_stack_lvl+0xfa/0x120 [ 2990.622664] should_fail_ex+0x4d7/0x5e0 [ 2990.622693] ? ext4_init_io_end+0x27/0x180 [ 2990.622710] should_failslab+0xc2/0x120 [ 2990.622733] kmem_cache_alloc_noprof+0x5f/0x470 [ 2990.622753] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 2990.622772] ext4_init_io_end+0x27/0x180 [ 2990.622786] ext4_do_writepages+0xaa4/0x3230 [ 2990.622825] ? __pfx_ext4_do_writepages+0x10/0x10 [ 2990.622851] ? lock_is_held_type+0x9e/0x120 [ 2990.622874] ext4_writepages+0x369/0x7a0 [ 2990.622893] ? __pfx_ext4_writepages+0x10/0x10 [ 2990.622910] ? __pfx_perf_trace_lock+0x10/0x10 [ 2990.622936] ? lock_release+0xc8/0x290 [ 2990.622952] ? do_raw_spin_unlock+0x53/0x220 [ 2990.622970] ? __pfx_ext4_writepages+0x10/0x10 [ 2990.622989] do_writepages+0x244/0x5c0 [ 2990.623009] filemap_fdatawrite_wbc+0x10b/0x150 [ 2990.623025] ? __pfx_invalidate_inode_pages2_range+0x10/0x10 [ 2990.623049] __filemap_fdatawrite_range+0xb9/0x100 [ 2990.623068] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 2990.623113] ? jbd2_journal_stop+0x184/0xe20 [ 2990.623132] ? __pfx_ext4_orphan_del+0x10/0x10 [ 2990.623157] file_write_and_wait_range+0xcc/0x140 [ 2990.623177] ext4_sync_file+0x2eb/0xe30 [ 2990.623196] ? __pfx_ext4_sync_file+0x10/0x10 [ 2990.623215] vfs_fsync_range+0x13d/0x230 [ 2990.623237] iomap_dio_complete+0x6b8/0x9e0 [ 2990.623260] iomap_dio_rw+0x73/0xa0 [ 2990.623279] ext4_file_write_iter+0xe0b/0x1990 [ 2990.623306] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 2990.623323] ? __kasan_kmalloc+0x7f/0x90 [ 2990.623337] ? trace_kmalloc+0x1f/0xb0 [ 2990.623349] ? __kmalloc_noprof+0x215/0x4b0 [ 2990.623365] ? splice_from_pipe_next.part.0+0x165/0x510 [ 2990.623387] iter_file_splice_write+0x927/0x10c0 [ 2990.623413] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2990.623448] ? lock_is_held_type+0x9e/0x120 [ 2990.623459] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2990.623476] direct_splice_actor+0x192/0x7b0 [ 2990.623495] splice_direct_to_actor+0x347/0x9d0 [ 2990.623511] ? __pfx_direct_splice_actor+0x10/0x10 [ 2990.623531] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2990.623549] ? lock_acquire+0x15e/0x2f0 [ 2990.623566] do_splice_direct+0x179/0x250 [ 2990.623581] ? __pfx_do_splice_direct+0x10/0x10 [ 2990.623596] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2990.623614] ? security_file_permission+0x22/0x90 [ 2990.623634] do_sendfile+0xa8e/0xdc0 [ 2990.623657] ? __pfx_do_sendfile+0x10/0x10 [ 2990.623674] ? __fget_files+0x20d/0x3b0 [ 2990.623700] __x64_sys_sendfile64+0x1d3/0x210 [ 2990.623714] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2990.623735] do_syscall_64+0xbf/0x360 [ 2990.623751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2990.623766] RIP: 0033:0x7f85c6477b19 [ 2990.623777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2990.623790] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2990.623803] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 2990.623812] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 2990.623820] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2990.623828] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 2990.623837] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 2990.623857] [ 2990.725055] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:36:13 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 75) 09:36:13 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 77) 09:36:13 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100)) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) ioctl$LOOP_SET_CAPACITY(r2, 0x4c07) 09:36:13 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x4000, 0x1) 09:36:13 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 73) 09:36:13 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:36:13 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80600) 09:36:13 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3800, 0x1) [ 3000.657000] loop0: detected capacity change from 0 to 256 [ 3000.659216] loop2: detected capacity change from 0 to 288 [ 3000.665762] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3000.671808] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3000.704190] loop6: detected capacity change from 0 to 256 09:36:13 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3902, 0x1) [ 3000.739147] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3000.776563] FAULT_INJECTION: forcing a failure. [ 3000.776563] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3000.778741] CPU: 1 UID: 0 PID: 17303 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3000.778776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3000.778792] Call Trace: [ 3000.778802] [ 3000.778813] dump_stack_lvl+0xfa/0x120 [ 3000.778850] should_fail_ex+0x4d7/0x5e0 [ 3000.778906] should_fail_alloc_page+0xe0/0x110 [ 3000.778952] prepare_alloc_pages+0x1af/0x500 [ 3000.778981] ? __pfx_perf_trace_lock+0x10/0x10 [ 3000.779017] alloc_pages_bulk_noprof+0x130/0xf20 [ 3000.779057] ? find_held_lock+0x2b/0x80 [ 3000.779101] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 3000.779134] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 3000.779181] ? __kasan_kmalloc+0x7f/0x90 [ 3000.779209] ? trace_kmalloc+0x1f/0xb0 [ 3000.779234] ? __kmalloc_noprof+0x215/0x4b0 [ 3000.779279] copy_splice_read+0x192/0xb70 [ 3000.779321] ? __pfx_copy_splice_read+0x10/0x10 [ 3000.779350] ? __pfx_perf_trace_lock+0x10/0x10 [ 3000.779391] ? find_held_lock+0x2b/0x80 [ 3000.779427] ? splice_direct_to_actor+0x347/0x9d0 [ 3000.779460] ? __pfx_copy_splice_read+0x10/0x10 [ 3000.779492] do_splice_read+0x1f8/0x2a0 [ 3000.779526] splice_direct_to_actor+0x2a8/0x9d0 [ 3000.779560] ? __pfx_direct_splice_actor+0x10/0x10 [ 3000.779600] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3000.779635] ? lock_acquire+0x15e/0x2f0 [ 3000.779669] do_splice_direct+0x179/0x250 [ 3000.779699] ? __pfx_do_splice_direct+0x10/0x10 [ 3000.779731] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3000.779767] ? security_file_permission+0x22/0x90 [ 3000.779804] do_sendfile+0xa8e/0xdc0 [ 3000.779849] ? __pfx_do_sendfile+0x10/0x10 [ 3000.779885] ? __fget_files+0x20d/0x3b0 [ 3000.779935] __x64_sys_sendfile64+0x1d3/0x210 [ 3000.779963] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3000.780004] do_syscall_64+0xbf/0x360 [ 3000.780036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3000.780063] RIP: 0033:0x7f7b6ab9db19 [ 3000.780084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3000.780109] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3000.780150] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 3000.780168] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3000.780183] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 3000.780201] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3000.780219] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 3000.780259] [ 3000.877614] loop0: detected capacity change from 0 to 256 [ 3000.889802] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:36:24 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000080)={0x0, 0x3, 0x5c7, 0x7fff}) 09:36:24 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:36:24 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 78) 09:36:24 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 76) 09:36:24 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1) 09:36:24 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80900) 09:36:24 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3f00, 0x1) 09:36:24 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 74) [ 3011.726370] loop2: detected capacity change from 0 to 288 [ 3011.736995] loop0: detected capacity change from 0 to 256 [ 3011.737720] loop6: detected capacity change from 0 to 256 [ 3011.756838] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3011.759137] FAULT_INJECTION: forcing a failure. [ 3011.759137] name failslab, interval 1, probability 0, space 0, times 0 [ 3011.760237] CPU: 1 UID: 0 PID: 17327 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3011.760254] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3011.760262] Call Trace: [ 3011.760267] [ 3011.760272] dump_stack_lvl+0xfa/0x120 [ 3011.760302] should_fail_ex+0x4d7/0x5e0 [ 3011.760326] ? copy_splice_read+0x15b/0xb70 [ 3011.760340] should_failslab+0xc2/0x120 [ 3011.760337] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3011.760360] __kmalloc_noprof+0xb4/0x4b0 [ 3011.760382] copy_splice_read+0x15b/0xb70 [ 3011.760396] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3011.760416] ? __pfx_copy_splice_read+0x10/0x10 [ 3011.760430] ? __pfx_perf_trace_lock+0x10/0x10 [ 3011.760451] ? find_held_lock+0x2b/0x80 [ 3011.760468] ? splice_direct_to_actor+0x347/0x9d0 [ 3011.760484] ? __pfx_copy_splice_read+0x10/0x10 [ 3011.760499] do_splice_read+0x1f8/0x2a0 [ 3011.760515] splice_direct_to_actor+0x2a8/0x9d0 [ 3011.760531] ? __pfx_direct_splice_actor+0x10/0x10 [ 3011.760549] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3011.760566] ? lock_acquire+0x15e/0x2f0 [ 3011.760582] do_splice_direct+0x179/0x250 [ 3011.760596] ? __pfx_do_splice_direct+0x10/0x10 [ 3011.760611] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3011.760628] ? security_file_permission+0x22/0x90 [ 3011.760646] do_sendfile+0xa8e/0xdc0 [ 3011.760668] ? __pfx_do_sendfile+0x10/0x10 [ 3011.760685] ? __fget_files+0x20d/0x3b0 [ 3011.760709] __x64_sys_sendfile64+0x1d3/0x210 [ 3011.760722] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3011.760742] do_syscall_64+0xbf/0x360 [ 3011.760757] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3011.760771] RIP: 0033:0x7f7b6ab9db19 [ 3011.760781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3011.760797] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3011.760810] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 3011.760818] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3011.760826] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 3011.760833] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3011.760841] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 3011.760860] [ 3011.814404] FAULT_INJECTION: forcing a failure. [ 3011.814404] name failslab, interval 1, probability 0, space 0, times 0 [ 3011.815335] CPU: 1 UID: 0 PID: 17328 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) 09:36:24 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100)) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000240)={0x3, 0x3ff, 0x0, 0x5, 0x4, [{0x8, 0x9, 0x6, '\x00', 0x802}, {0x30000, 0x2, 0x7, '\x00', 0x180}, {0x20, 0x3, 0x800, '\x00', 0x3a82}, {0x10001, 0xda40, 0x7, '\x00', 0x100}]}) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x400000, 0x82) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r4, 0x89fa, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000180)={'syztnl1\x00', 0x0, 0x4, 0x6, 0xa0, 0x444, 0x29, @private2={0xfc, 0x2, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x40, 0x8000, 0x1, 0x4}}) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r5, 0x0) [ 3011.815352] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3011.815360] Call Trace: [ 3011.815364] [ 3011.815370] dump_stack_lvl+0xfa/0x120 [ 3011.815390] should_fail_ex+0x4d7/0x5e0 [ 3011.815413] ? iter_file_splice_write+0x1cd/0x10c0 [ 3011.815429] should_failslab+0xc2/0x120 [ 3011.815450] __kmalloc_noprof+0xb4/0x4b0 [ 3011.815473] iter_file_splice_write+0x1cd/0x10c0 [ 3011.815491] ? kfree+0x281/0x470 [ 3011.815505] ? copy_splice_read+0x83d/0xb70 [ 3011.815523] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3011.815540] ? __lock_acquire+0xc65/0x1b70 [ 3011.815569] ? lock_is_held_type+0x9e/0x120 [ 3011.815582] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3011.815599] direct_splice_actor+0x192/0x7b0 [ 3011.815616] splice_direct_to_actor+0x347/0x9d0 [ 3011.815632] ? __pfx_direct_splice_actor+0x10/0x10 [ 3011.815651] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3011.815668] ? lock_acquire+0x15e/0x2f0 [ 3011.815684] do_splice_direct+0x179/0x250 [ 3011.815699] ? __pfx_do_splice_direct+0x10/0x10 [ 3011.815714] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3011.815731] ? security_file_permission+0x22/0x90 [ 3011.815749] do_sendfile+0xa8e/0xdc0 [ 3011.815772] ? __pfx_do_sendfile+0x10/0x10 [ 3011.815789] ? __fget_files+0x20d/0x3b0 [ 3011.815813] __x64_sys_sendfile64+0x1d3/0x210 [ 3011.815826] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3011.815846] do_syscall_64+0xbf/0x360 [ 3011.815866] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3011.815880] RIP: 0033:0x7f85c6477b19 [ 3011.815890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3011.815902] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3011.815914] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 3011.815922] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3011.815930] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3011.815937] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3011.815945] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 3011.815965] [ 3011.819912] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:36:24 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 77) [ 3011.890708] FAULT_INJECTION: forcing a failure. [ 3011.890708] name failslab, interval 1, probability 0, space 0, times 0 [ 3011.893012] CPU: 0 UID: 0 PID: 17336 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3011.893046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3011.893061] Call Trace: [ 3011.893070] [ 3011.893080] dump_stack_lvl+0xfa/0x120 [ 3011.893115] should_fail_ex+0x4d7/0x5e0 [ 3011.893165] ? ext4_init_io_end+0x27/0x180 [ 3011.893197] should_failslab+0xc2/0x120 [ 3011.893236] kmem_cache_alloc_noprof+0x5f/0x470 [ 3011.893272] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 3011.893307] ext4_init_io_end+0x27/0x180 [ 3011.893334] ext4_do_writepages+0xaa4/0x3230 [ 3011.893407] ? __pfx_ext4_do_writepages+0x10/0x10 [ 3011.893458] ? lock_is_held_type+0x9e/0x120 [ 3011.893489] ext4_writepages+0x369/0x7a0 [ 3011.893526] ? __pfx_ext4_writepages+0x10/0x10 [ 3011.893560] ? __pfx_perf_trace_lock+0x10/0x10 [ 3011.893607] ? lock_release+0xc8/0x290 [ 3011.893635] ? do_raw_spin_unlock+0x53/0x220 [ 3011.893667] ? __pfx_ext4_writepages+0x10/0x10 [ 3011.893704] do_writepages+0x244/0x5c0 [ 3011.893740] filemap_fdatawrite_wbc+0x10b/0x150 [ 3011.893768] ? __pfx_invalidate_inode_pages2_range+0x10/0x10 [ 3011.893810] __filemap_fdatawrite_range+0xb9/0x100 [ 3011.893845] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 3011.893888] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3011.893978] ? jbd2_journal_stop+0x184/0xe20 [ 3011.894010] ? __pfx_ext4_orphan_del+0x10/0x10 [ 3011.894056] file_write_and_wait_range+0xcc/0x140 [ 3011.894096] ext4_sync_file+0x2eb/0xe30 [ 3011.894132] ? __pfx_ext4_sync_file+0x10/0x10 [ 3011.894169] vfs_fsync_range+0x13d/0x230 [ 3011.894207] iomap_dio_complete+0x6b8/0x9e0 [ 3011.894252] iomap_dio_rw+0x73/0xa0 [ 3011.894288] ext4_file_write_iter+0xe0b/0x1990 [ 3011.894339] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3011.894369] ? __kasan_kmalloc+0x7f/0x90 [ 3011.894393] ? trace_kmalloc+0x1f/0xb0 [ 3011.894415] ? __kmalloc_noprof+0x215/0x4b0 [ 3011.894446] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3011.894486] iter_file_splice_write+0x927/0x10c0 [ 3011.894539] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3011.894607] ? lock_is_held_type+0x9e/0x120 [ 3011.894631] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3011.894664] direct_splice_actor+0x192/0x7b0 [ 3011.894699] splice_direct_to_actor+0x347/0x9d0 [ 3011.894731] ? __pfx_direct_splice_actor+0x10/0x10 [ 3011.894770] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3011.894803] ? lock_acquire+0x15e/0x2f0 [ 3011.894836] do_splice_direct+0x179/0x250 [ 3011.894865] ? __pfx_do_splice_direct+0x10/0x10 [ 3011.894895] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3011.894930] ? security_file_permission+0x22/0x90 [ 3011.894964] do_sendfile+0xa8e/0xdc0 [ 3011.895008] ? __pfx_do_sendfile+0x10/0x10 [ 3011.895042] ? __fget_files+0x20d/0x3b0 [ 3011.895090] __x64_sys_sendfile64+0x1d3/0x210 [ 3011.895116] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3011.895156] do_syscall_64+0xbf/0x360 [ 3011.895187] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3011.895212] RIP: 0033:0x7fe5d2196b19 [ 3011.895231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3011.895255] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3011.895278] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3011.895295] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3011.895310] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3011.895325] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3011.895340] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3011.895381] 09:36:24 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 79) 09:36:24 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x8004, 0x1) 09:36:24 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, 0x0, 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 3012.034257] FAULT_INJECTION: forcing a failure. [ 3012.034257] name failslab, interval 1, probability 0, space 0, times 0 [ 3012.035359] CPU: 1 UID: 0 PID: 17345 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3012.035376] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3012.035384] Call Trace: [ 3012.035389] [ 3012.035394] dump_stack_lvl+0xfa/0x120 [ 3012.035415] should_fail_ex+0x4d7/0x5e0 [ 3012.035439] ? iter_file_splice_write+0x1cd/0x10c0 [ 3012.035455] should_failslab+0xc2/0x120 [ 3012.035476] __kmalloc_noprof+0xb4/0x4b0 [ 3012.035499] iter_file_splice_write+0x1cd/0x10c0 [ 3012.035517] ? kfree+0x281/0x470 [ 3012.035531] ? copy_splice_read+0x83d/0xb70 [ 3012.035550] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3012.035566] ? __lock_acquire+0xc65/0x1b70 [ 3012.035595] ? lock_is_held_type+0x9e/0x120 [ 3012.035608] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3012.035625] direct_splice_actor+0x192/0x7b0 [ 3012.035642] splice_direct_to_actor+0x347/0x9d0 [ 3012.035658] ? __pfx_direct_splice_actor+0x10/0x10 [ 3012.035678] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3012.035694] ? lock_acquire+0x15e/0x2f0 [ 3012.035710] do_splice_direct+0x179/0x250 [ 3012.035724] ? __pfx_do_splice_direct+0x10/0x10 [ 3012.035739] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3012.035756] ? security_file_permission+0x22/0x90 [ 3012.035774] do_sendfile+0xa8e/0xdc0 [ 3012.035797] ? __pfx_do_sendfile+0x10/0x10 [ 3012.035813] ? __fget_files+0x20d/0x3b0 [ 3012.035838] __x64_sys_sendfile64+0x1d3/0x210 [ 3012.035850] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3012.035874] do_syscall_64+0xbf/0x360 [ 3012.035890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3012.035906] RIP: 0033:0x7f85c6477b19 [ 3012.035916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3012.035928] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3012.035941] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 3012.035950] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3012.035957] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3012.035964] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3012.035972] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 3012.035992] [ 3012.076343] loop2: detected capacity change from 0 to 288 [ 3012.082240] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:36:24 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x4000, 0x1) [ 3012.136437] loop6: detected capacity change from 0 to 256 [ 3012.159244] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3012.225471] loop0: detected capacity change from 0 to 256 [ 3012.265441] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3012.330164] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:36:35 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 75) 09:36:35 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xf000, 0x1) 09:36:35 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 80) 09:36:35 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x26) ftruncate(r0, 0x0) 09:36:35 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 78) 09:36:35 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80a9f) 09:36:35 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1) 09:36:35 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, 0x0, 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) [ 3023.452534] loop2: detected capacity change from 0 to 288 [ 3023.453678] loop0: detected capacity change from 0 to 256 [ 3023.467018] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3023.467974] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3023.493241] loop6: detected capacity change from 0 to 256 [ 3023.511066] FAULT_INJECTION: forcing a failure. [ 3023.511066] name failslab, interval 1, probability 0, space 0, times 0 [ 3023.512014] CPU: 1 UID: 0 PID: 17372 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3023.512031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3023.512039] Call Trace: [ 3023.512044] [ 3023.512050] dump_stack_lvl+0xfa/0x120 [ 3023.512071] should_fail_ex+0x4d7/0x5e0 [ 3023.512095] ? jbd2__journal_start+0x193/0x6b0 [ 3023.512108] should_failslab+0xc2/0x120 [ 3023.512129] kmem_cache_alloc_noprof+0x5f/0x470 [ 3023.512148] ? lock_is_held_type+0x9e/0x120 [ 3023.512165] jbd2__journal_start+0x193/0x6b0 [ 3023.512182] __ext4_journal_start_sb+0x325/0x5d0 [ 3023.512200] ? ext4_dirty_inode+0xa5/0x130 [ 3023.512222] ext4_dirty_inode+0xa5/0x130 [ 3023.512242] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 3023.512259] __mark_inode_dirty+0x1b7/0xd00 [ 3023.512283] generic_update_time+0xcb/0xf0 [ 3023.512304] file_modified+0x1f0/0x230 [ 3023.512317] ext4_file_write_iter+0xca3/0x1990 [ 3023.512342] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3023.512357] ? __kasan_kmalloc+0x7f/0x90 [ 3023.512370] ? trace_kmalloc+0x1f/0xb0 [ 3023.512381] ? __kmalloc_noprof+0x215/0x4b0 [ 3023.512397] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3023.512417] iter_file_splice_write+0x927/0x10c0 [ 3023.512444] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3023.512486] ? lock_is_held_type+0x9e/0x120 [ 3023.512497] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3023.512514] direct_splice_actor+0x192/0x7b0 [ 3023.512531] splice_direct_to_actor+0x347/0x9d0 [ 3023.512548] ? __pfx_direct_splice_actor+0x10/0x10 [ 3023.512567] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3023.512584] ? lock_acquire+0x15e/0x2f0 [ 3023.512602] do_splice_direct+0x179/0x250 [ 3023.512616] ? __pfx_do_splice_direct+0x10/0x10 [ 3023.512631] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3023.512649] ? security_file_permission+0x22/0x90 [ 3023.512667] do_sendfile+0xa8e/0xdc0 [ 3023.512689] ? __pfx_do_sendfile+0x10/0x10 [ 3023.512705] ? __fget_files+0x20d/0x3b0 [ 3023.512730] __x64_sys_sendfile64+0x1d3/0x210 [ 3023.512743] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3023.512763] do_syscall_64+0xbf/0x360 [ 3023.512778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3023.512792] RIP: 0033:0x7f85c6477b19 [ 3023.512802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3023.512814] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3023.512827] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 3023.512835] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3023.512846] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3023.512856] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3023.512864] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 3023.512884] [ 3023.536639] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:36:36 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x8004, 0x1) 09:36:36 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x40000, 0x1) 09:36:36 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, 0x0, 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:36:36 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000180)) r2 = openat$cgroup_ro(r1, &(0x7f0000000000)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000200)) ftruncate(r1, 0x0) [ 3023.610206] FAULT_INJECTION: forcing a failure. [ 3023.610206] name failslab, interval 1, probability 0, space 0, times 0 [ 3023.611896] CPU: 0 UID: 0 PID: 17379 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3023.611927] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3023.611941] Call Trace: [ 3023.611951] [ 3023.611961] dump_stack_lvl+0xfa/0x120 [ 3023.611992] should_fail_ex+0x4d7/0x5e0 [ 3023.612035] ? ext4_init_io_end+0x27/0x180 [ 3023.612059] should_failslab+0xc2/0x120 [ 3023.612096] kmem_cache_alloc_noprof+0x5f/0x470 [ 3023.612130] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 3023.612162] ext4_init_io_end+0x27/0x180 [ 3023.612188] ext4_do_writepages+0xaa4/0x3230 [ 3023.612256] ? __pfx_ext4_do_writepages+0x10/0x10 [ 3023.612304] ? lock_is_held_type+0x9e/0x120 [ 3023.612333] ext4_writepages+0x369/0x7a0 [ 3023.612368] ? __pfx_ext4_writepages+0x10/0x10 [ 3023.612399] ? __pfx_perf_trace_lock+0x10/0x10 [ 3023.612443] ? lock_release+0xc8/0x290 [ 3023.612483] ? do_raw_spin_unlock+0x53/0x220 [ 3023.612515] ? __pfx_ext4_writepages+0x10/0x10 [ 3023.612549] do_writepages+0x244/0x5c0 [ 3023.612584] filemap_fdatawrite_wbc+0x10b/0x150 [ 3023.612609] ? __pfx_invalidate_inode_pages2_range+0x10/0x10 [ 3023.612650] __filemap_fdatawrite_range+0xb9/0x100 [ 3023.612683] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 3023.612716] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3023.612800] ? jbd2_journal_stop+0x184/0xe20 [ 3023.612830] ? __pfx_ext4_orphan_del+0x10/0x10 [ 3023.612880] file_write_and_wait_range+0xcc/0x140 [ 3023.612917] ext4_sync_file+0x2eb/0xe30 [ 3023.612950] ? __pfx_ext4_sync_file+0x10/0x10 [ 3023.612985] vfs_fsync_range+0x13d/0x230 [ 3023.613021] iomap_dio_complete+0x6b8/0x9e0 [ 3023.613062] iomap_dio_rw+0x73/0xa0 [ 3023.613096] ext4_file_write_iter+0xe0b/0x1990 [ 3023.613143] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3023.613171] ? __kasan_kmalloc+0x7f/0x90 [ 3023.613194] ? trace_kmalloc+0x1f/0xb0 [ 3023.613214] ? __kmalloc_noprof+0x215/0x4b0 [ 3023.613243] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3023.613280] iter_file_splice_write+0x927/0x10c0 [ 3023.613329] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3023.613392] ? lock_is_held_type+0x9e/0x120 [ 3023.613414] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3023.613445] direct_splice_actor+0x192/0x7b0 [ 3023.613478] splice_direct_to_actor+0x347/0x9d0 [ 3023.613508] ? __pfx_direct_splice_actor+0x10/0x10 [ 3023.613544] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3023.613575] ? lock_acquire+0x15e/0x2f0 [ 3023.613606] do_splice_direct+0x179/0x250 [ 3023.613633] ? __pfx_do_splice_direct+0x10/0x10 [ 3023.613661] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3023.613693] ? security_file_permission+0x22/0x90 [ 3023.613726] do_sendfile+0xa8e/0xdc0 [ 3023.613767] ? __pfx_do_sendfile+0x10/0x10 [ 3023.613798] ? __fget_files+0x20d/0x3b0 [ 3023.613843] __x64_sys_sendfile64+0x1d3/0x210 [ 3023.613867] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3023.613905] do_syscall_64+0xbf/0x360 [ 3023.613934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3023.613958] RIP: 0033:0x7fe5d2196b19 [ 3023.613976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3023.613998] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3023.614021] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3023.614036] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3023.614050] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3023.614064] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3023.614078] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3023.614116] [ 3023.678423] FAULT_INJECTION: forcing a failure. [ 3023.678423] name failslab, interval 1, probability 0, space 0, times 0 [ 3023.679992] CPU: 0 UID: 0 PID: 17375 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3023.680022] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3023.680035] Call Trace: [ 3023.680043] [ 3023.680053] dump_stack_lvl+0xfa/0x120 [ 3023.680080] should_fail_ex+0x4d7/0x5e0 [ 3023.680120] ? iter_file_splice_write+0x1cd/0x10c0 [ 3023.680146] should_failslab+0xc2/0x120 [ 3023.680181] __kmalloc_noprof+0xb4/0x4b0 [ 3023.680223] iter_file_splice_write+0x1cd/0x10c0 [ 3023.680256] ? kfree+0x281/0x470 [ 3023.680282] ? copy_splice_read+0x83d/0xb70 [ 3023.680317] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3023.680347] ? __lock_acquire+0xc65/0x1b70 [ 3023.680404] ? lock_is_held_type+0x9e/0x120 [ 3023.680425] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3023.680457] direct_splice_actor+0x192/0x7b0 [ 3023.680511] splice_direct_to_actor+0x347/0x9d0 [ 3023.680540] ? __pfx_direct_splice_actor+0x10/0x10 [ 3023.680576] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3023.680607] ? lock_acquire+0x15e/0x2f0 [ 3023.680637] do_splice_direct+0x179/0x250 [ 3023.680664] ? __pfx_do_splice_direct+0x10/0x10 [ 3023.680692] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3023.680724] ? security_file_permission+0x22/0x90 [ 3023.680754] do_sendfile+0xa8e/0xdc0 [ 3023.680793] ? __pfx_do_sendfile+0x10/0x10 [ 3023.680829] ? perf_trace_preemptirq_template+0x259/0x430 [ 3023.680879] __x64_sys_sendfile64+0x1d3/0x210 [ 3023.680903] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3023.680940] do_syscall_64+0xbf/0x360 [ 3023.680967] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3023.680990] RIP: 0033:0x7f7b6ab9db19 [ 3023.681007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3023.681029] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3023.681051] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 3023.681066] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3023.681079] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 3023.681094] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3023.681107] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 3023.681144] [ 3023.701659] loop6: detected capacity change from 0 to 256 09:36:36 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 79) [ 3023.773554] loop0: detected capacity change from 0 to 256 [ 3023.795025] loop2: detected capacity change from 0 to 288 [ 3023.796360] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3023.802070] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3023.810903] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:36:36 executing program 1: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x1, 0x7e9}}, './file0\x00'}) sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000080)={&(0x7f0000000400)={0x478, 0x0, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0x64, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xeb4d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf3a}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1d}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}]}]}, @TIPC_NLA_NODE={0xe0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x47, 0x4, {'gcm(aes)\x00', 0x1f, "b5fd2fa8861c4966cb3751ae47ed9f2208588feb943cdeae78b604158b7c99"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_NODE_ID={0x81, 0x3, "af48a638484a09f53722f4fcdc1016b1d4c11d2c8db82eed2994ad75523eae06c4bac73e53bff813ffc9ee3d8b904914a58950f94a89083d59da17797a7e2c68f6617853acba61f57cee759d691081aa76c09f0b1d99c28829fd203730ad1a5076e08a37915529d2dded891e3e4a710c66c05caba2891efe6afa399b6e"}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_BEARER={0x1c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x180}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7a5}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xfffffffb}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x25df2be6}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x81}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x34b}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x10000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x10001}]}, @TIPC_NLA_BEARER={0x1b4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @loopback}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x5, @empty, 0x7fff}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x7, @empty, 0x7fffffff}}, {0x14, 0x2, @in={0x2, 0x4e24, @loopback}}}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}]}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}]}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_BEARER_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffff5b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x6}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x7, @mcast1, 0xfffffff8}}}}, @TIPC_NLA_BEARER_NAME={0x14, 0x1, @l2={'ib', 0x3a, 'bond_slave_1\x00'}}, @TIPC_NLA_BEARER_NAME={0xe, 0x1, @l2={'eth', 0x3a, 'veth0\x00'}}]}, @TIPC_NLA_MEDIA={0x68, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x81}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xba}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x400}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_NET={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xa513}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x10001}]}, @TIPC_NLA_NET={0x68, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x4}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x100000000}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6f0617eb}, @TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2f504eb3}, @TIPC_NLA_NET_NODEID={0xc}]}]}, 0x478}, 0x1, 0x0, 0x0, 0x80}, 0x80) 09:36:36 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 81) 09:36:36 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xf000, 0x1) [ 3023.916047] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3023.938501] FAULT_INJECTION: forcing a failure. [ 3023.938501] name failslab, interval 1, probability 0, space 0, times 0 [ 3023.939474] CPU: 1 UID: 0 PID: 17396 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3023.939491] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3023.939500] Call Trace: [ 3023.939505] [ 3023.939511] dump_stack_lvl+0xfa/0x120 [ 3023.939532] should_fail_ex+0x4d7/0x5e0 [ 3023.939559] ? jbd2__journal_start+0x193/0x6b0 [ 3023.939573] should_failslab+0xc2/0x120 [ 3023.939594] kmem_cache_alloc_noprof+0x5f/0x470 [ 3023.939612] ? lock_is_held_type+0x9e/0x120 [ 3023.939629] jbd2__journal_start+0x193/0x6b0 [ 3023.939646] __ext4_journal_start_sb+0x325/0x5d0 [ 3023.939664] ? ext4_dirty_inode+0xa5/0x130 [ 3023.939687] ext4_dirty_inode+0xa5/0x130 [ 3023.939706] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 3023.939724] __mark_inode_dirty+0x1b7/0xd00 [ 3023.939748] generic_update_time+0xcb/0xf0 [ 3023.939769] file_modified+0x1f0/0x230 [ 3023.939783] ext4_file_write_iter+0xca3/0x1990 [ 3023.939808] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3023.939824] ? __kasan_kmalloc+0x7f/0x90 [ 3023.939836] ? trace_kmalloc+0x1f/0xb0 [ 3023.939847] ? __kmalloc_noprof+0x215/0x4b0 [ 3023.939867] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3023.939888] iter_file_splice_write+0x927/0x10c0 [ 3023.939914] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3023.939948] ? lock_is_held_type+0x9e/0x120 [ 3023.939959] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3023.939976] direct_splice_actor+0x192/0x7b0 [ 3023.939996] splice_direct_to_actor+0x347/0x9d0 [ 3023.940012] ? __pfx_direct_splice_actor+0x10/0x10 [ 3023.940031] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3023.940048] ? lock_acquire+0x15e/0x2f0 [ 3023.940066] do_splice_direct+0x179/0x250 [ 3023.940080] ? __pfx_do_splice_direct+0x10/0x10 [ 3023.940095] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3023.940113] ? security_file_permission+0x22/0x90 [ 3023.940131] do_sendfile+0xa8e/0xdc0 [ 3023.940153] ? __pfx_do_sendfile+0x10/0x10 [ 3023.940170] ? __fget_files+0x20d/0x3b0 [ 3023.940194] __x64_sys_sendfile64+0x1d3/0x210 [ 3023.940207] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3023.940228] do_syscall_64+0xbf/0x360 [ 3023.940243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3023.940257] RIP: 0033:0x7f85c6477b19 [ 3023.940267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3023.940279] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3023.940292] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 3023.940300] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3023.940307] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3023.940315] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3023.940323] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 3023.940343] [ 3023.985630] FAULT_INJECTION: forcing a failure. [ 3023.985630] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3023.987584] CPU: 0 UID: 0 PID: 17394 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3023.987616] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3023.987630] Call Trace: [ 3023.987639] [ 3023.987649] dump_stack_lvl+0xfa/0x120 [ 3023.987681] should_fail_ex+0x4d7/0x5e0 [ 3023.987725] should_fail_alloc_page+0xe0/0x110 [ 3023.987765] prepare_alloc_pages+0x1af/0x500 [ 3023.987790] ? __pfx_perf_trace_lock+0x10/0x10 [ 3023.987823] alloc_pages_bulk_noprof+0x130/0xf20 [ 3023.987863] ? find_held_lock+0x2b/0x80 [ 3023.987902] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 3023.987931] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 3023.987974] ? __kasan_kmalloc+0x7f/0x90 [ 3023.987999] ? trace_kmalloc+0x1f/0xb0 [ 3023.988020] ? __kmalloc_noprof+0x215/0x4b0 [ 3023.988059] copy_splice_read+0x192/0xb70 [ 3023.988096] ? __pfx_copy_splice_read+0x10/0x10 [ 3023.988121] ? __pfx_perf_trace_lock+0x10/0x10 [ 3023.988158] ? find_held_lock+0x2b/0x80 [ 3023.988188] ? splice_direct_to_actor+0x347/0x9d0 [ 3023.988218] ? __pfx_copy_splice_read+0x10/0x10 [ 3023.988246] do_splice_read+0x1f8/0x2a0 [ 3023.988276] splice_direct_to_actor+0x2a8/0x9d0 [ 3023.988305] ? __pfx_direct_splice_actor+0x10/0x10 [ 3023.988341] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3023.988371] ? lock_acquire+0x15e/0x2f0 [ 3023.988401] do_splice_direct+0x179/0x250 [ 3023.988428] ? __pfx_do_splice_direct+0x10/0x10 [ 3023.988456] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3023.988502] ? security_file_permission+0x22/0x90 [ 3023.988535] do_sendfile+0xa8e/0xdc0 [ 3023.988575] ? __pfx_do_sendfile+0x10/0x10 [ 3023.988610] ? perf_trace_preemptirq_template+0x259/0x430 [ 3023.988653] __x64_sys_sendfile64+0x1d3/0x210 [ 3023.988677] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3023.988713] do_syscall_64+0xbf/0x360 [ 3023.988742] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3023.988766] RIP: 0033:0x7f7b6ab9db19 [ 3023.988785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3023.988808] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3023.988831] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 3023.988847] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3023.988861] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 3023.988875] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3023.988889] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 3023.988926] 09:36:36 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 76) 09:36:36 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80000, 0x1) 09:36:36 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:36:36 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80d00) 09:36:36 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 80) 09:36:36 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x5, &(0x7f0000000000)=[{0x5, 0x81, 0x52}, {0x4, 0x1, 0x4, 0xffffffff}, {0x1, 0x8, 0x81}, {0x401, 0x50, 0x7f, 0x4}, {0x7, 0x7, 0xe9, 0x9}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x2) ftruncate(r0, 0x0) [ 3024.194833] loop0: detected capacity change from 0 to 256 [ 3024.232448] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3024.237671] loop2: detected capacity change from 0 to 288 [ 3024.256467] loop6: detected capacity change from 0 to 256 [ 3024.263711] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3024.271653] FAULT_INJECTION: forcing a failure. [ 3024.271653] name failslab, interval 1, probability 0, space 0, times 0 [ 3024.272668] CPU: 1 UID: 0 PID: 17408 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3024.272686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3024.272693] Call Trace: [ 3024.272699] [ 3024.272704] dump_stack_lvl+0xfa/0x120 [ 3024.272725] should_fail_ex+0x4d7/0x5e0 [ 3024.272749] ? jbd2__journal_start+0x193/0x6b0 [ 3024.272763] should_failslab+0xc2/0x120 [ 3024.272784] kmem_cache_alloc_noprof+0x5f/0x470 [ 3024.272802] ? lock_is_held_type+0x9e/0x120 [ 3024.272819] jbd2__journal_start+0x193/0x6b0 [ 3024.272836] __ext4_journal_start_sb+0x325/0x5d0 [ 3024.272859] ? ext4_dirty_inode+0xa5/0x130 [ 3024.272882] ext4_dirty_inode+0xa5/0x130 [ 3024.272901] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 3024.272919] __mark_inode_dirty+0x1b7/0xd00 [ 3024.272943] generic_update_time+0xcb/0xf0 [ 3024.272968] file_modified+0x1f0/0x230 [ 3024.272981] ext4_file_write_iter+0xca3/0x1990 [ 3024.273007] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3024.273022] ? __kasan_kmalloc+0x7f/0x90 [ 3024.273035] ? trace_kmalloc+0x1f/0xb0 [ 3024.273046] ? __kmalloc_noprof+0x215/0x4b0 [ 3024.273062] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3024.273082] iter_file_splice_write+0x927/0x10c0 [ 3024.273109] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3024.273143] ? lock_is_held_type+0x9e/0x120 [ 3024.273154] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3024.273171] direct_splice_actor+0x192/0x7b0 [ 3024.273188] splice_direct_to_actor+0x347/0x9d0 [ 3024.273204] ? __pfx_direct_splice_actor+0x10/0x10 [ 3024.273224] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3024.273241] ? lock_acquire+0x15e/0x2f0 [ 3024.273259] do_splice_direct+0x179/0x250 [ 3024.273273] ? __pfx_do_splice_direct+0x10/0x10 [ 3024.273288] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3024.273306] ? security_file_permission+0x22/0x90 [ 3024.273324] do_sendfile+0xa8e/0xdc0 [ 3024.273346] ? __pfx_do_sendfile+0x10/0x10 [ 3024.273362] ? __fget_files+0x20d/0x3b0 [ 3024.273386] __x64_sys_sendfile64+0x1d3/0x210 [ 3024.273400] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3024.273419] do_syscall_64+0xbf/0x360 [ 3024.273435] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3024.273449] RIP: 0033:0x7f7b6ab9db19 [ 3024.273460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3024.273472] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3024.273485] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 3024.273493] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3024.273502] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 3024.273511] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3024.273519] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 3024.273541] [ 3024.275920] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:36:47 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 82) 09:36:47 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80f00) 09:36:47 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x100000, 0x1) 09:36:47 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 77) 09:36:47 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:36:47 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x40000, 0x1) 09:36:47 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 81) 09:36:47 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file1\x00', 0x82) ftruncate(r0, 0x0) [ 3035.259790] loop6: detected capacity change from 0 to 256 [ 3035.276842] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3035.315411] loop0: detected capacity change from 0 to 256 [ 3035.332412] loop2: detected capacity change from 0 to 288 [ 3035.337386] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3035.384622] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3035.388136] FAULT_INJECTION: forcing a failure. [ 3035.388136] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3035.389990] CPU: 1 UID: 0 PID: 17435 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3035.390022] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3035.390036] Call Trace: [ 3035.390045] [ 3035.390054] dump_stack_lvl+0xfa/0x120 [ 3035.390088] should_fail_ex+0x4d7/0x5e0 [ 3035.390131] should_fail_alloc_page+0xe0/0x110 [ 3035.390170] prepare_alloc_pages+0x1af/0x500 [ 3035.390195] ? __pfx_perf_trace_lock+0x10/0x10 [ 3035.390228] alloc_pages_bulk_noprof+0x130/0xf20 [ 3035.390261] ? find_held_lock+0x2b/0x80 [ 3035.390300] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 3035.390329] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 3035.390370] ? __kasan_kmalloc+0x7f/0x90 [ 3035.390393] ? trace_kmalloc+0x1f/0xb0 [ 3035.390414] ? __kmalloc_noprof+0x215/0x4b0 [ 3035.390452] copy_splice_read+0x192/0xb70 [ 3035.390490] ? __pfx_copy_splice_read+0x10/0x10 [ 3035.390515] ? __pfx_perf_trace_lock+0x10/0x10 [ 3035.390551] ? find_held_lock+0x2b/0x80 [ 3035.390581] ? splice_direct_to_actor+0x347/0x9d0 [ 3035.390610] ? __pfx_copy_splice_read+0x10/0x10 [ 3035.390638] do_splice_read+0x1f8/0x2a0 [ 3035.390668] splice_direct_to_actor+0x2a8/0x9d0 [ 3035.390697] ? __pfx_direct_splice_actor+0x10/0x10 [ 3035.390732] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3035.390762] ? lock_acquire+0x15e/0x2f0 [ 3035.390792] do_splice_direct+0x179/0x250 [ 3035.390818] ? __pfx_do_splice_direct+0x10/0x10 [ 3035.390846] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3035.390885] ? security_file_permission+0x22/0x90 [ 3035.390917] do_sendfile+0xa8e/0xdc0 [ 3035.390957] ? __pfx_do_sendfile+0x10/0x10 [ 3035.390988] ? __fget_files+0x20d/0x3b0 [ 3035.391032] __x64_sys_sendfile64+0x1d3/0x210 [ 3035.391056] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3035.391092] do_syscall_64+0xbf/0x360 [ 3035.391120] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3035.391143] RIP: 0033:0x7fe5d2196b19 [ 3035.391161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3035.391183] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3035.391205] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3035.391221] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3035.391235] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3035.391249] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3035.391263] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3035.391299] 09:36:47 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x7fff, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r1, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {r1}}, './file0\x00'}) fdatasync(r1) ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r2, 0x8040942d, &(0x7f0000000080)) 09:36:47 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x200000, 0x1) [ 3035.441215] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3035.442986] FAULT_INJECTION: forcing a failure. [ 3035.442986] name failslab, interval 1, probability 0, space 0, times 0 [ 3035.444764] CPU: 0 UID: 0 PID: 17437 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3035.444799] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3035.444814] Call Trace: [ 3035.444824] [ 3035.444835] dump_stack_lvl+0xfa/0x120 [ 3035.444877] should_fail_ex+0x4d7/0x5e0 [ 3035.444923] ? jbd2__journal_start+0x193/0x6b0 [ 3035.444949] should_failslab+0xc2/0x120 [ 3035.444989] kmem_cache_alloc_noprof+0x5f/0x470 09:36:47 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80000, 0x1) [ 3035.445023] ? lock_is_held_type+0x9e/0x120 [ 3035.445057] jbd2__journal_start+0x193/0x6b0 [ 3035.445090] __ext4_journal_start_sb+0x325/0x5d0 [ 3035.445126] ? ext4_dirty_inode+0xa5/0x130 [ 3035.445170] ext4_dirty_inode+0xa5/0x130 [ 3035.445208] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 3035.445244] __mark_inode_dirty+0x1b7/0xd00 [ 3035.445290] generic_update_time+0xcb/0xf0 [ 3035.445330] file_modified+0x1f0/0x230 [ 3035.445357] ext4_file_write_iter+0xca3/0x1990 [ 3035.445406] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3035.445437] ? __kasan_kmalloc+0x7f/0x90 [ 3035.445462] ? trace_kmalloc+0x1f/0xb0 [ 3035.445484] ? __kmalloc_noprof+0x215/0x4b0 [ 3035.445516] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3035.445555] iter_file_splice_write+0x927/0x10c0 [ 3035.445609] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3035.445675] ? lock_is_held_type+0x9e/0x120 [ 3035.445699] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3035.445732] direct_splice_actor+0x192/0x7b0 [ 3035.445767] splice_direct_to_actor+0x347/0x9d0 [ 3035.445799] ? __pfx_direct_splice_actor+0x10/0x10 [ 3035.445837] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3035.445870] ? lock_acquire+0x15e/0x2f0 [ 3035.445904] do_splice_direct+0x179/0x250 [ 3035.445933] ? __pfx_do_splice_direct+0x10/0x10 [ 3035.445964] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3035.445998] ? security_file_permission+0x22/0x90 [ 3035.446034] do_sendfile+0xa8e/0xdc0 [ 3035.446077] ? __pfx_do_sendfile+0x10/0x10 [ 3035.446115] ? perf_trace_preemptirq_template+0x259/0x430 [ 3035.446164] __x64_sys_sendfile64+0x1d3/0x210 [ 3035.446190] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3035.446230] do_syscall_64+0xbf/0x360 [ 3035.446261] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3035.446287] RIP: 0033:0x7f7b6ab9db19 [ 3035.446307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3035.446331] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3035.446356] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 3035.446373] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3035.446387] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 3035.446402] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3035.446418] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 3035.446458] [ 3035.504471] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:36:48 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x80, 0x1) 09:36:48 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 78) 09:36:48 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 83) [ 3035.749925] loop6: detected capacity change from 0 to 256 [ 3035.782454] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3035.796229] loop0: detected capacity change from 0 to 256 [ 3035.810568] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3035.840449] loop2: detected capacity change from 0 to 288 [ 3035.853635] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3035.954987] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3035.970590] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3036.009539] FAULT_INJECTION: forcing a failure. [ 3036.009539] name failslab, interval 1, probability 0, space 0, times 0 [ 3036.011609] CPU: 0 UID: 0 PID: 17454 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3036.011643] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3036.011658] Call Trace: [ 3036.011667] [ 3036.011677] dump_stack_lvl+0xfa/0x120 [ 3036.011712] should_fail_ex+0x4d7/0x5e0 [ 3036.011757] ? iter_file_splice_write+0x1cd/0x10c0 [ 3036.011786] should_failslab+0xc2/0x120 [ 3036.011825] __kmalloc_noprof+0xb4/0x4b0 [ 3036.011877] iter_file_splice_write+0x1cd/0x10c0 [ 3036.011913] ? kfree+0x281/0x470 [ 3036.011941] ? copy_splice_read+0x83d/0xb70 [ 3036.011978] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3036.012011] ? __lock_acquire+0xc65/0x1b70 [ 3036.012068] ? lock_is_held_type+0x9e/0x120 [ 3036.012092] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3036.012125] direct_splice_actor+0x192/0x7b0 [ 3036.012160] splice_direct_to_actor+0x347/0x9d0 [ 3036.012191] ? __pfx_direct_splice_actor+0x10/0x10 [ 3036.012230] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3036.012263] ? lock_acquire+0x15e/0x2f0 [ 3036.012295] do_splice_direct+0x179/0x250 [ 3036.012323] ? __pfx_do_splice_direct+0x10/0x10 [ 3036.012354] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3036.012388] ? security_file_permission+0x22/0x90 [ 3036.012422] do_sendfile+0xa8e/0xdc0 [ 3036.012466] ? __pfx_do_sendfile+0x10/0x10 [ 3036.012499] ? __fget_files+0x20d/0x3b0 [ 3036.012547] __x64_sys_sendfile64+0x1d3/0x210 [ 3036.012573] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3036.012613] do_syscall_64+0xbf/0x360 [ 3036.012645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3036.012683] RIP: 0033:0x7fe5d2196b19 [ 3036.012702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3036.012725] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3036.012749] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3036.012766] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3036.012781] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3036.012796] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3036.012811] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3036.012851] [ 3036.137692] FAULT_INJECTION: forcing a failure. [ 3036.137692] name failslab, interval 1, probability 0, space 0, times 0 [ 3036.139361] CPU: 1 UID: 0 PID: 17457 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3036.139392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3036.139406] Call Trace: [ 3036.139415] [ 3036.139425] dump_stack_lvl+0xfa/0x120 [ 3036.139458] should_fail_ex+0x4d7/0x5e0 [ 3036.139501] ? jbd2__journal_start+0x193/0x6b0 [ 3036.139525] should_failslab+0xc2/0x120 [ 3036.139563] kmem_cache_alloc_noprof+0x5f/0x470 [ 3036.139594] ? lock_is_held_type+0x9e/0x120 [ 3036.139626] jbd2__journal_start+0x193/0x6b0 [ 3036.139657] __ext4_journal_start_sb+0x325/0x5d0 [ 3036.139691] ? ext4_file_write_iter+0xd74/0x1990 [ 3036.139727] ext4_file_write_iter+0xd74/0x1990 [ 3036.139774] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3036.139802] ? __kasan_kmalloc+0x7f/0x90 [ 3036.139825] ? trace_kmalloc+0x1f/0xb0 [ 3036.139845] ? __kmalloc_noprof+0x215/0x4b0 [ 3036.139882] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3036.139920] iter_file_splice_write+0x927/0x10c0 [ 3036.139970] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3036.140032] ? lock_is_held_type+0x9e/0x120 [ 3036.140054] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3036.140085] direct_splice_actor+0x192/0x7b0 [ 3036.140117] splice_direct_to_actor+0x347/0x9d0 [ 3036.140147] ? __pfx_direct_splice_actor+0x10/0x10 [ 3036.140183] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3036.140214] ? lock_acquire+0x15e/0x2f0 [ 3036.140246] do_splice_direct+0x179/0x250 [ 3036.140273] ? __pfx_do_splice_direct+0x10/0x10 [ 3036.140301] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3036.140333] ? security_file_permission+0x22/0x90 [ 3036.140366] do_sendfile+0xa8e/0xdc0 [ 3036.140406] ? __pfx_do_sendfile+0x10/0x10 [ 3036.140438] ? __fget_files+0x20d/0x3b0 [ 3036.140482] __x64_sys_sendfile64+0x1d3/0x210 [ 3036.140506] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3036.140544] do_syscall_64+0xbf/0x360 [ 3036.140572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3036.140596] RIP: 0033:0x7f85c6477b19 [ 3036.140614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3036.140637] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3036.140675] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 3036.140690] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3036.140704] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3036.140718] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3036.140732] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 3036.140770] 09:36:58 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 84) 09:36:58 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 79) 09:36:58 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r2, r3, 0x0, 0x80000) ioctl$F2FS_IOC_DEFRAGMENT(r3, 0xc010f508, &(0x7f0000000180)={0x7fffffff, 0x5}) ftruncate(r1, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0}) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r5, r6, 0x0, 0x80000) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x1, r6, 0xffff}) 09:36:58 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x810b3) 09:36:58 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, 0x0, 0x80, 0x1) 09:36:58 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x400000, 0x1) 09:36:58 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x100000, 0x1) 09:36:58 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 82) [ 3045.659258] loop2: detected capacity change from 0 to 288 [ 3045.685830] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3045.706240] loop0: detected capacity change from 0 to 256 [ 3045.711053] loop6: detected capacity change from 0 to 256 [ 3045.733485] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3045.739638] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3045.790430] FAULT_INJECTION: forcing a failure. [ 3045.790430] name failslab, interval 1, probability 0, space 0, times 0 [ 3045.792408] CPU: 0 UID: 0 PID: 17475 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3045.792440] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3045.792455] Call Trace: [ 3045.792464] [ 3045.792474] dump_stack_lvl+0xfa/0x120 [ 3045.792506] should_fail_ex+0x4d7/0x5e0 [ 3045.792550] ? jbd2__journal_start+0x193/0x6b0 [ 3045.792575] should_failslab+0xc2/0x120 [ 3045.792614] kmem_cache_alloc_noprof+0x5f/0x470 [ 3045.792646] ? lock_is_held_type+0x9e/0x120 [ 3045.792680] jbd2__journal_start+0x193/0x6b0 [ 3045.792713] __ext4_journal_start_sb+0x325/0x5d0 [ 3045.792749] ? ext4_file_write_iter+0xd74/0x1990 [ 3045.792787] ext4_file_write_iter+0xd74/0x1990 [ 3045.792849] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3045.792885] ? __kasan_kmalloc+0x7f/0x90 [ 3045.792909] ? trace_kmalloc+0x1f/0xb0 [ 3045.792931] ? __kmalloc_noprof+0x215/0x4b0 [ 3045.792962] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3045.793002] iter_file_splice_write+0x927/0x10c0 [ 3045.793055] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3045.793122] ? lock_is_held_type+0x9e/0x120 [ 3045.793146] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3045.793179] direct_splice_actor+0x192/0x7b0 [ 3045.793213] splice_direct_to_actor+0x347/0x9d0 [ 3045.793246] ? __pfx_direct_splice_actor+0x10/0x10 [ 3045.793284] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3045.793317] ? lock_acquire+0x15e/0x2f0 [ 3045.793351] do_splice_direct+0x179/0x250 [ 3045.793380] ? __pfx_do_splice_direct+0x10/0x10 [ 3045.793410] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3045.793445] ? security_file_permission+0x22/0x90 [ 3045.793479] do_sendfile+0xa8e/0xdc0 [ 3045.793522] ? __pfx_do_sendfile+0x10/0x10 [ 3045.793555] ? __fget_files+0x20d/0x3b0 [ 3045.793602] __x64_sys_sendfile64+0x1d3/0x210 [ 3045.793629] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3045.793669] do_syscall_64+0xbf/0x360 [ 3045.793699] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3045.793724] RIP: 0033:0x7f85c6477b19 [ 3045.793744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3045.793768] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3045.793792] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 3045.793809] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3045.793824] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3045.793839] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3045.793854] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 3045.793894] [ 3045.852844] FAULT_INJECTION: forcing a failure. [ 3045.852844] name failslab, interval 1, probability 0, space 0, times 0 [ 3045.855185] CPU: 1 UID: 0 PID: 17478 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3045.855217] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3045.855230] Call Trace: [ 3045.855239] [ 3045.855249] dump_stack_lvl+0xfa/0x120 [ 3045.855280] should_fail_ex+0x4d7/0x5e0 [ 3045.855322] ? iter_file_splice_write+0x1cd/0x10c0 [ 3045.855350] should_failslab+0xc2/0x120 [ 3045.855386] __kmalloc_noprof+0xb4/0x4b0 [ 3045.855441] iter_file_splice_write+0x1cd/0x10c0 [ 3045.855493] ? kfree+0x281/0x470 [ 3045.855526] ? copy_splice_read+0x83d/0xb70 [ 3045.855561] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3045.855591] ? __lock_acquire+0xc65/0x1b70 [ 3045.855644] ? lock_is_held_type+0x9e/0x120 [ 3045.855666] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3045.855697] direct_splice_actor+0x192/0x7b0 [ 3045.855730] splice_direct_to_actor+0x347/0x9d0 [ 3045.855759] ? __pfx_direct_splice_actor+0x10/0x10 [ 3045.855795] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3045.855825] ? lock_acquire+0x15e/0x2f0 [ 3045.855863] do_splice_direct+0x179/0x250 [ 3045.855890] ? __pfx_do_splice_direct+0x10/0x10 [ 3045.855918] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3045.855950] ? security_file_permission+0x22/0x90 [ 3045.855982] do_sendfile+0xa8e/0xdc0 [ 3045.856022] ? __pfx_do_sendfile+0x10/0x10 [ 3045.856053] ? __fget_files+0x20d/0x3b0 [ 3045.856097] __x64_sys_sendfile64+0x1d3/0x210 [ 3045.856122] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3045.856159] do_syscall_64+0xbf/0x360 [ 3045.856187] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3045.856214] RIP: 0033:0x7fe5d2196b19 [ 3045.856234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3045.856256] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3045.856278] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3045.856294] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3045.856308] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3045.856322] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3045.856336] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3045.856373] [ 3045.916279] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:36:58 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, 0x0, 0x80, 0x1) 09:36:58 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 85) 09:36:58 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x200000, 0x1) 09:36:58 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 80) [ 3046.110242] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:36:58 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x600000, 0x1) [ 3046.219514] loop0: detected capacity change from 0 to 256 [ 3046.243951] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:36:58 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 83) [ 3046.285548] FAULT_INJECTION: forcing a failure. [ 3046.285548] name failslab, interval 1, probability 0, space 0, times 0 [ 3046.287518] CPU: 0 UID: 0 PID: 17492 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3046.287553] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3046.287569] Call Trace: [ 3046.287579] [ 3046.287589] dump_stack_lvl+0xfa/0x120 [ 3046.287626] should_fail_ex+0x4d7/0x5e0 [ 3046.287676] ? jbd2__journal_start+0x193/0x6b0 [ 3046.287703] should_failslab+0xc2/0x120 [ 3046.287746] kmem_cache_alloc_noprof+0x5f/0x470 [ 3046.287782] ? lock_is_held_type+0x9e/0x120 09:36:58 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x81f00) [ 3046.287817] jbd2__journal_start+0x193/0x6b0 [ 3046.287852] __ext4_journal_start_sb+0x325/0x5d0 [ 3046.287904] ? ext4_dirty_inode+0xa5/0x130 [ 3046.287950] ext4_dirty_inode+0xa5/0x130 [ 3046.287991] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 3046.288028] __mark_inode_dirty+0x1b7/0xd00 [ 3046.288077] generic_update_time+0xcb/0xf0 [ 3046.288119] file_modified+0x1f0/0x230 [ 3046.288147] ext4_file_write_iter+0xca3/0x1990 [ 3046.288200] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3046.288232] ? __kasan_kmalloc+0x7f/0x90 [ 3046.288259] ? trace_kmalloc+0x1f/0xb0 [ 3046.288282] ? __kmalloc_noprof+0x215/0x4b0 [ 3046.288315] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3046.288357] iter_file_splice_write+0x927/0x10c0 [ 3046.288414] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3046.288485] ? lock_is_held_type+0x9e/0x120 [ 3046.288510] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3046.288545] direct_splice_actor+0x192/0x7b0 [ 3046.288582] splice_direct_to_actor+0x347/0x9d0 [ 3046.288616] ? __pfx_direct_splice_actor+0x10/0x10 [ 3046.288656] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3046.288691] ? lock_acquire+0x15e/0x2f0 [ 3046.288729] do_splice_direct+0x179/0x250 [ 3046.288759] ? __pfx_do_splice_direct+0x10/0x10 [ 3046.288791] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3046.288868] ? security_file_permission+0x22/0x90 [ 3046.288907] do_sendfile+0xa8e/0xdc0 [ 3046.288953] ? __pfx_do_sendfile+0x10/0x10 [ 3046.288988] ? __fget_files+0x20d/0x3b0 [ 3046.289039] __x64_sys_sendfile64+0x1d3/0x210 [ 3046.289067] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3046.289109] do_syscall_64+0xbf/0x360 [ 3046.289142] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3046.289168] RIP: 0033:0x7fe5d2196b19 [ 3046.289189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3046.289213] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3046.289239] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3046.289256] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3046.289272] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3046.289288] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3046.289305] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3046.289347] [ 3046.363378] loop6: detected capacity change from 0 to 256 09:36:58 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, 0x0, 0x80, 0x1) [ 3046.369375] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3046.431014] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3046.481381] loop2: detected capacity change from 0 to 288 [ 3046.486520] FAULT_INJECTION: forcing a failure. [ 3046.486520] name failslab, interval 1, probability 0, space 0, times 0 [ 3046.488204] CPU: 1 UID: 0 PID: 17498 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3046.488235] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3046.488249] Call Trace: [ 3046.488258] [ 3046.488267] dump_stack_lvl+0xfa/0x120 [ 3046.488301] should_fail_ex+0x4d7/0x5e0 [ 3046.488344] ? jbd2__journal_start+0x193/0x6b0 [ 3046.488368] should_failslab+0xc2/0x120 [ 3046.488406] kmem_cache_alloc_noprof+0x5f/0x470 [ 3046.488437] ? lock_is_held_type+0x9e/0x120 [ 3046.488469] jbd2__journal_start+0x193/0x6b0 [ 3046.488500] __ext4_journal_start_sb+0x325/0x5d0 [ 3046.488533] ? ext4_file_write_iter+0xd74/0x1990 [ 3046.488569] ext4_file_write_iter+0xd74/0x1990 [ 3046.488616] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3046.488644] ? __kasan_kmalloc+0x7f/0x90 [ 3046.488667] ? trace_kmalloc+0x1f/0xb0 [ 3046.488687] ? __kmalloc_noprof+0x215/0x4b0 [ 3046.488716] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3046.488755] iter_file_splice_write+0x927/0x10c0 [ 3046.488804] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3046.488884] ? lock_is_held_type+0x9e/0x120 [ 3046.488906] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3046.488937] direct_splice_actor+0x192/0x7b0 [ 3046.488970] splice_direct_to_actor+0x347/0x9d0 [ 3046.489000] ? __pfx_direct_splice_actor+0x10/0x10 [ 3046.489036] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3046.489067] ? lock_acquire+0x15e/0x2f0 [ 3046.489099] do_splice_direct+0x179/0x250 [ 3046.489126] ? __pfx_do_splice_direct+0x10/0x10 [ 3046.489154] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3046.489186] ? security_file_permission+0x22/0x90 [ 3046.489219] do_sendfile+0xa8e/0xdc0 [ 3046.489260] ? __pfx_do_sendfile+0x10/0x10 [ 3046.489291] ? __fget_files+0x20d/0x3b0 [ 3046.489336] __x64_sys_sendfile64+0x1d3/0x210 [ 3046.489360] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3046.489397] do_syscall_64+0xbf/0x360 [ 3046.489426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3046.489450] RIP: 0033:0x7f7b6ab9db19 [ 3046.489468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3046.489491] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3046.489513] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 3046.489529] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3046.489543] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 3046.489557] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3046.489571] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 3046.489608] [ 3046.573741] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:37:09 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x82000) 09:37:09 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020", 0x4b, 0x12000}], 0x0, &(0x7f0000011200)) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) 09:37:09 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80ffff, 0x1) 09:37:09 executing program 1: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001a00), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000009000000faff010000000000050807000000cf1779870800132b0000d8c16f17f5e65509e47f79ed58f350ebe77d93af53c986f517052cdf9555be300a0198e4b7bcbae83dfd76fef1360a86f96754e43b3dce5ad902cdba5012e580523aa1b3903a6551de3a0da72b3cb30d4c7a3772e2c7c58965c37ca91ef88023e1c76ed48d02407c3a2a6eec84fb17eb8d1e810b1a930459e38aff325a1e1ff18cc68a7b8443360c74642305717cfa9ac3ceb380a13912c8d09442dad24a125be50527741cdb732f637fa649ecb320233cc61b5b3ef6982eeab8ea6f0b87dc56189911d36938742c972d528773ec1b9f2e2c37783352fd2143e8cd62703d2a331c53f2f05ffa9b2807000000608e99b38d9829b086e7520f4364f87d136c87bffb4291ac11b096c905fcdb6a194d018ebec5dab3f3d4fcdff5a3a422"], 0x2c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan4\x00'}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wpan1\x00'}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r2, 0x0) creat(&(0x7f0000000000)='./file1\x00', 0x4) 09:37:09 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 81) 09:37:09 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 84) 09:37:09 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 86) [ 3056.825144] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3056.832243] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 09:37:09 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x400000, 0x1) [ 3056.859252] loop6: detected capacity change from 0 to 256 [ 3056.873020] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3056.894053] loop2: detected capacity change from 0 to 288 09:37:09 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x89) signalfd4(r1, &(0x7f0000000080)={[0xbc7d]}, 0x8, 0x80800) [ 3056.911846] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3056.923173] loop0: detected capacity change from 0 to 256 09:37:09 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xc0ffff, 0x1) [ 3056.963356] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3056.986735] loop6: detected capacity change from 0 to 256 [ 3056.990196] FAULT_INJECTION: forcing a failure. [ 3056.990196] name failslab, interval 1, probability 0, space 0, times 0 [ 3056.992198] CPU: 1 UID: 0 PID: 17527 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3056.992232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3056.992246] Call Trace: [ 3056.992255] [ 3056.992265] dump_stack_lvl+0xfa/0x120 [ 3056.992299] should_fail_ex+0x4d7/0x5e0 [ 3056.992344] ? jbd2__journal_start+0x193/0x6b0 [ 3056.992369] should_failslab+0xc2/0x120 [ 3056.992409] kmem_cache_alloc_noprof+0x5f/0x470 [ 3056.992442] ? lock_is_held_type+0x9e/0x120 [ 3056.992475] jbd2__journal_start+0x193/0x6b0 [ 3056.992508] __ext4_journal_start_sb+0x325/0x5d0 [ 3056.992544] ? ext4_file_write_iter+0xd74/0x1990 [ 3056.992583] ext4_file_write_iter+0xd74/0x1990 [ 3056.992632] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3056.992663] ? __kasan_kmalloc+0x7f/0x90 [ 3056.992687] ? trace_kmalloc+0x1f/0xb0 [ 3056.992709] ? __kmalloc_noprof+0x215/0x4b0 [ 3056.992740] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3056.992781] iter_file_splice_write+0x927/0x10c0 [ 3056.992834] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3056.992908] ? lock_is_held_type+0x9e/0x120 [ 3056.992932] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3056.992965] direct_splice_actor+0x192/0x7b0 [ 3056.993012] splice_direct_to_actor+0x347/0x9d0 [ 3056.993044] ? __pfx_direct_splice_actor+0x10/0x10 [ 3056.993082] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3056.993116] ? lock_acquire+0x15e/0x2f0 [ 3056.993149] do_splice_direct+0x179/0x250 [ 3056.993178] ? __pfx_do_splice_direct+0x10/0x10 [ 3056.993208] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3056.993243] ? security_file_permission+0x22/0x90 [ 3056.993278] do_sendfile+0xa8e/0xdc0 [ 3056.993321] ? __pfx_do_sendfile+0x10/0x10 [ 3056.993355] ? __fget_files+0x20d/0x3b0 [ 3056.993403] __x64_sys_sendfile64+0x1d3/0x210 [ 3056.993429] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3056.993469] do_syscall_64+0xbf/0x360 [ 3056.993499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3056.993524] RIP: 0033:0x7f7b6ab9db19 [ 3056.993544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3056.993572] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3056.993596] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 3056.993613] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3056.993628] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 3056.993643] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3056.993658] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 3056.993698] [ 3056.994615] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3057.090065] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:37:09 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x600000, 0x1) 09:37:09 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 85) 09:37:09 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 82) 09:37:09 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x2, 0x3, 0xff, 0x1}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) 09:37:09 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 87) 09:37:09 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xf0ffff, 0x1) [ 3057.287714] loop0: detected capacity change from 0 to 256 [ 3057.310806] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:37:09 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x820b3) [ 3057.354793] FAULT_INJECTION: forcing a failure. [ 3057.354793] name failslab, interval 1, probability 0, space 0, times 0 [ 3057.356699] CPU: 1 UID: 0 PID: 17544 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3057.356730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3057.356745] Call Trace: [ 3057.356753] [ 3057.356763] dump_stack_lvl+0xfa/0x120 [ 3057.356795] should_fail_ex+0x4d7/0x5e0 [ 3057.356840] should_failslab+0xc2/0x120 [ 3057.356884] __kmalloc_cache_noprof+0x73/0x470 [ 3057.356912] ? __ext4_journal_stop+0xe2/0x1f0 [ 3057.356944] ? ext4_file_write_iter+0xdbd/0x1990 [ 3057.356973] ? iter_file_splice_write+0x927/0x10c0 [ 3057.357013] ? direct_splice_actor+0x192/0x7b0 [ 3057.357037] ? splice_direct_to_actor+0x347/0x9d0 [ 3057.357061] ? __iomap_dio_rw+0x270/0x1cf0 [ 3057.357089] ? do_sendfile+0xa8e/0xdc0 [ 3057.357119] ? do_syscall_64+0xbf/0x360 [ 3057.357148] ? __iomap_dio_rw+0x270/0x1cf0 [ 3057.357177] __iomap_dio_rw+0x270/0x1cf0 09:37:09 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x4000, 0x1) [ 3057.357206] ? __pfx_perf_trace_lock+0x10/0x10 [ 3057.357240] ? lock_acquire+0x15e/0x2f0 [ 3057.357263] ? __virt_addr_valid+0x1c6/0x5d0 [ 3057.357302] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3057.357335] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3057.357372] ? lock_release+0xc8/0x290 [ 3057.357397] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3057.357434] ? mark_held_locks+0x49/0x80 [ 3057.357463] ? kasan_quarantine_put+0x84/0x1e0 [ 3057.357529] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3057.357556] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3057.357600] iomap_dio_rw+0x40/0xa0 [ 3057.357635] ext4_file_write_iter+0xe0b/0x1990 [ 3057.357682] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3057.357710] ? __kasan_kmalloc+0x7f/0x90 [ 3057.357733] ? trace_kmalloc+0x1f/0xb0 [ 3057.357753] ? __kmalloc_noprof+0x215/0x4b0 [ 3057.357782] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3057.357819] iter_file_splice_write+0x927/0x10c0 [ 3057.357868] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3057.357931] ? lock_is_held_type+0x9e/0x120 [ 3057.357953] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3057.357985] direct_splice_actor+0x192/0x7b0 [ 3057.358017] splice_direct_to_actor+0x347/0x9d0 [ 3057.358047] ? __pfx_direct_splice_actor+0x10/0x10 [ 3057.358083] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3057.358114] ? lock_acquire+0x15e/0x2f0 [ 3057.358144] do_splice_direct+0x179/0x250 [ 3057.358171] ? __pfx_do_splice_direct+0x10/0x10 [ 3057.358199] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3057.358231] ? security_file_permission+0x22/0x90 [ 3057.358263] do_sendfile+0xa8e/0xdc0 [ 3057.358303] ? __pfx_do_sendfile+0x10/0x10 [ 3057.358334] ? __fget_files+0x20d/0x3b0 [ 3057.358378] __x64_sys_sendfile64+0x1d3/0x210 [ 3057.358403] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3057.358440] do_syscall_64+0xbf/0x360 [ 3057.358467] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3057.358491] RIP: 0033:0x7f7b6ab9db19 [ 3057.358510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3057.358532] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3057.358555] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 3057.358571] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3057.358585] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 3057.358598] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3057.358612] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 3057.358650] [ 3057.487206] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3057.489175] loop2: detected capacity change from 0 to 256 [ 3057.530034] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3057.559758] loop6: detected capacity change from 0 to 256 [ 3057.584452] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:37:22 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x82103) 09:37:22 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 88) 09:37:22 executing program 2: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80070) 09:37:22 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 86) 09:37:22 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x2, &(0x7f0000000040)=[{0x6, 0x20, 0x1, 0xfa}, {0x5, 0xd0, 0x6, 0x4}]}) r0 = creat(&(0x7f0000000080)='./file0/file0\x00', 0x80) ftruncate(r0, 0x0) 09:37:22 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x1000000, 0x1) 09:37:22 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 83) 09:37:22 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80ffff, 0x1) [ 3069.833599] loop6: detected capacity change from 0 to 256 [ 3069.837091] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:37:22 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2000000, 0x1) [ 3069.856815] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3069.908471] loop6: detected capacity change from 0 to 256 [ 3069.929071] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3069.954798] FAULT_INJECTION: forcing a failure. [ 3069.954798] name failslab, interval 1, probability 0, space 0, times 0 [ 3069.955492] loop0: detected capacity change from 0 to 256 [ 3069.956617] CPU: 0 UID: 0 PID: 17577 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3069.956634] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3069.956642] Call Trace: [ 3069.956647] [ 3069.956652] dump_stack_lvl+0xfa/0x120 [ 3069.956673] should_fail_ex+0x4d7/0x5e0 [ 3069.956697] ? ext4_init_io_end+0x27/0x180 [ 3069.956711] should_failslab+0xc2/0x120 [ 3069.956732] kmem_cache_alloc_noprof+0x5f/0x470 [ 3069.956750] ? ext4_ext_index_trans_blocks+0x160/0x1a0 [ 3069.956768] ext4_init_io_end+0x27/0x180 [ 3069.956782] ext4_do_writepages+0xaa4/0x3230 [ 3069.956819] ? __pfx_ext4_do_writepages+0x10/0x10 [ 3069.956844] ? lock_is_held_type+0x9e/0x120 [ 3069.956865] ext4_writepages+0x369/0x7a0 [ 3069.956886] ? __pfx_ext4_writepages+0x10/0x10 [ 3069.956903] ? __pfx_perf_trace_lock+0x10/0x10 [ 3069.956927] ? lock_release+0xc8/0x290 [ 3069.956942] ? do_raw_spin_unlock+0x53/0x220 [ 3069.956958] ? __pfx_ext4_writepages+0x10/0x10 [ 3069.956977] do_writepages+0x244/0x5c0 [ 3069.956996] filemap_fdatawrite_wbc+0x10b/0x150 [ 3069.957013] __filemap_fdatawrite_range+0xb9/0x100 [ 3069.957031] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 3069.957049] ? kasan_save_stack+0x34/0x50 [ 3069.957088] ? __create_object+0x59/0x80 [ 3069.957104] ? __kmalloc_cache_noprof+0x369/0x470 [ 3069.957119] ? __ext4_journal_stop+0xe2/0x1f0 [ 3069.957140] filemap_write_and_wait_range.part.0+0x89/0x110 [ 3069.957174] kiocb_invalidate_pages+0xe4/0x180 [ 3069.957193] __iomap_dio_rw+0xf9f/0x1cf0 [ 3069.957220] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3069.957240] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3069.957257] ? lock_release+0xc8/0x290 [ 3069.957270] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3069.957290] ? mark_held_locks+0x49/0x80 [ 3069.957306] ? kasan_quarantine_put+0x84/0x1e0 [ 3069.957342] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3069.957356] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3069.957380] iomap_dio_rw+0x40/0xa0 [ 3069.957399] ext4_file_write_iter+0xe0b/0x1990 [ 3069.957425] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3069.957440] ? __kasan_kmalloc+0x7f/0x90 [ 3069.957452] ? trace_kmalloc+0x1f/0xb0 [ 3069.957463] ? __kmalloc_noprof+0x215/0x4b0 [ 3069.957478] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3069.957499] iter_file_splice_write+0x927/0x10c0 [ 3069.957526] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3069.957559] ? lock_is_held_type+0x9e/0x120 [ 3069.957571] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3069.957588] direct_splice_actor+0x192/0x7b0 [ 3069.957606] splice_direct_to_actor+0x347/0x9d0 [ 3069.957622] ? __pfx_direct_splice_actor+0x10/0x10 [ 3069.957641] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3069.957658] ? lock_acquire+0x15e/0x2f0 [ 3069.957674] do_splice_direct+0x179/0x250 [ 3069.957689] ? __pfx_do_splice_direct+0x10/0x10 [ 3069.957704] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3069.957721] ? security_file_permission+0x22/0x90 [ 3069.957740] do_sendfile+0xa8e/0xdc0 [ 3069.957762] ? __pfx_do_sendfile+0x10/0x10 [ 3069.957781] ? perf_trace_preemptirq_template+0x259/0x430 [ 3069.957804] __x64_sys_sendfile64+0x1d3/0x210 [ 3069.957817] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3069.957837] do_syscall_64+0xbf/0x360 [ 3069.957853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3069.957867] RIP: 0033:0x7f7b6ab9db19 [ 3069.957877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3069.957890] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3069.957902] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 3069.957911] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3069.957918] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 3069.957926] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3069.957934] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 3069.957954] [ 3070.012061] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3070.036266] FAULT_INJECTION: forcing a failure. [ 3070.036266] name failslab, interval 1, probability 0, space 0, times 0 [ 3070.038042] CPU: 1 UID: 0 PID: 17580 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3070.038074] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3070.038089] Call Trace: [ 3070.038098] [ 3070.038108] dump_stack_lvl+0xfa/0x120 [ 3070.038143] should_fail_ex+0x4d7/0x5e0 [ 3070.038188] ? jbd2__journal_start+0x193/0x6b0 [ 3070.038213] should_failslab+0xc2/0x120 [ 3070.038253] kmem_cache_alloc_noprof+0x5f/0x470 [ 3070.038288] ? lock_is_held_type+0x9e/0x120 [ 3070.038321] jbd2__journal_start+0x193/0x6b0 [ 3070.038354] __ext4_journal_start_sb+0x325/0x5d0 [ 3070.038390] ? ext4_iomap_begin+0x5b8/0xe80 [ 3070.038432] ext4_iomap_begin+0x5b8/0xe80 [ 3070.038486] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3070.038534] ? __create_object+0x59/0x80 [ 3070.038563] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3070.038601] iomap_iter+0x54a/0xdb0 [ 3070.038642] __iomap_dio_rw+0x6ac/0x1cf0 [ 3070.038694] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3070.038732] ? lock_release+0xc8/0x290 [ 3070.038759] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3070.038808] ? kasan_quarantine_put+0x84/0x1e0 [ 3070.038886] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3070.038914] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3070.038960] iomap_dio_rw+0x40/0xa0 [ 3070.038998] ext4_file_write_iter+0xe0b/0x1990 [ 3070.039048] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3070.039078] ? __kasan_kmalloc+0x7f/0x90 [ 3070.039103] ? trace_kmalloc+0x1f/0xb0 [ 3070.039125] ? __kmalloc_noprof+0x215/0x4b0 [ 3070.039156] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3070.039196] iter_file_splice_write+0x927/0x10c0 [ 3070.039249] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3070.039316] ? lock_is_held_type+0x9e/0x120 [ 3070.039339] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3070.039373] direct_splice_actor+0x192/0x7b0 [ 3070.039407] splice_direct_to_actor+0x347/0x9d0 [ 3070.039439] ? __pfx_direct_splice_actor+0x10/0x10 [ 3070.039478] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3070.039511] ? lock_acquire+0x15e/0x2f0 [ 3070.039544] do_splice_direct+0x179/0x250 [ 3070.039573] ? __pfx_do_splice_direct+0x10/0x10 [ 3070.039603] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3070.039637] ? security_file_permission+0x22/0x90 [ 3070.039672] do_sendfile+0xa8e/0xdc0 [ 3070.039715] ? __pfx_do_sendfile+0x10/0x10 [ 3070.039749] ? __fget_files+0x20d/0x3b0 [ 3070.039796] __x64_sys_sendfile64+0x1d3/0x210 [ 3070.039822] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3070.039862] do_syscall_64+0xbf/0x360 [ 3070.039897] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3070.039923] RIP: 0033:0x7f85c6477b19 [ 3070.039942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3070.039965] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3070.039989] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 3070.040005] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3070.040020] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3070.040035] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3070.040049] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 3070.040090] [ 3070.118359] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:37:31 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 84) 09:37:31 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3000000, 0x1) 09:37:31 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x82f00) 09:37:31 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 87) 09:37:31 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xc0ffff, 0x1) 09:37:31 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 89) 09:37:31 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:37:31 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[{0x8001, 0x81, 0x1, 0x23c6800}, {0x6, 0x7, 0xa6, 0x3}, {0x9, 0x2, 0x8, 0x7}, {0x52da, 0xa3, 0x3f, 0x4}, {0xfd, 0xff, 0x8, 0x7}, {0xff7f, 0xa0, 0x5, 0x9}, {0x4, 0x1, 0x1f, 0x6}]}) ftruncate(r0, 0x0) listen(r0, 0xf1) [ 3079.179011] loop6: detected capacity change from 0 to 256 [ 3079.181014] loop2: detected capacity change from 0 to 256 [ 3079.192344] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3079.193774] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3079.240365] loop0: detected capacity change from 0 to 256 [ 3079.253550] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3079.258042] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3079.265576] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3079.293408] FAULT_INJECTION: forcing a failure. [ 3079.293408] name failslab, interval 1, probability 0, space 0, times 0 [ 3079.294332] CPU: 0 UID: 0 PID: 17608 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3079.294350] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3079.294358] Call Trace: [ 3079.294364] [ 3079.294370] dump_stack_lvl+0xfa/0x120 [ 3079.294390] should_fail_ex+0x4d7/0x5e0 [ 3079.294415] ? jbd2__journal_start+0x193/0x6b0 [ 3079.294430] should_failslab+0xc2/0x120 [ 3079.294451] kmem_cache_alloc_noprof+0x5f/0x470 [ 3079.294468] ? lock_is_held_type+0x9e/0x120 [ 3079.294486] jbd2__journal_start+0x193/0x6b0 [ 3079.294503] __ext4_journal_start_sb+0x325/0x5d0 [ 3079.294522] ? ext4_file_write_iter+0xd74/0x1990 [ 3079.294542] ext4_file_write_iter+0xd74/0x1990 [ 3079.294568] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3079.294583] ? __kasan_kmalloc+0x7f/0x90 [ 3079.294595] ? trace_kmalloc+0x1f/0xb0 [ 3079.294607] ? __kmalloc_noprof+0x215/0x4b0 [ 3079.294623] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3079.294644] iter_file_splice_write+0x927/0x10c0 [ 3079.294671] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3079.294704] ? lock_is_held_type+0x9e/0x120 [ 3079.294716] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3079.294733] direct_splice_actor+0x192/0x7b0 [ 3079.294750] splice_direct_to_actor+0x347/0x9d0 [ 3079.294766] ? __pfx_direct_splice_actor+0x10/0x10 [ 3079.294786] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3079.294802] ? lock_acquire+0x15e/0x2f0 [ 3079.294821] do_splice_direct+0x179/0x250 [ 3079.294835] ? __pfx_do_splice_direct+0x10/0x10 [ 3079.294856] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3079.294873] ? security_file_permission+0x22/0x90 [ 3079.294891] do_sendfile+0xa8e/0xdc0 [ 3079.294913] ? __pfx_do_sendfile+0x10/0x10 [ 3079.294930] ? __fget_files+0x20d/0x3b0 [ 3079.294955] __x64_sys_sendfile64+0x1d3/0x210 [ 3079.294968] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3079.294988] do_syscall_64+0xbf/0x360 [ 3079.295005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3079.295018] RIP: 0033:0x7fe5d2196b19 [ 3079.295029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3079.295041] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3079.295053] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3079.295061] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3079.295069] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3079.295077] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3079.295084] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3079.295104] 09:37:31 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:37:31 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x4000000, 0x1) [ 3079.326706] FAULT_INJECTION: forcing a failure. [ 3079.326706] name failslab, interval 1, probability 0, space 0, times 0 [ 3079.328527] CPU: 1 UID: 0 PID: 17598 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3079.328559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3079.328574] Call Trace: [ 3079.328583] [ 3079.328593] dump_stack_lvl+0xfa/0x120 [ 3079.328627] should_fail_ex+0x4d7/0x5e0 [ 3079.328678] ? jbd2__journal_start+0x193/0x6b0 [ 3079.328703] should_failslab+0xc2/0x120 [ 3079.328741] kmem_cache_alloc_noprof+0x5f/0x470 [ 3079.328774] ? lock_is_held_type+0x9e/0x120 [ 3079.328806] jbd2__journal_start+0x193/0x6b0 [ 3079.328837] __ext4_journal_start_sb+0x325/0x5d0 [ 3079.328879] ? ext4_iomap_begin+0x5b8/0xe80 [ 3079.328917] ext4_iomap_begin+0x5b8/0xe80 [ 3079.328968] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3079.329013] ? __create_object+0x59/0x80 [ 3079.329041] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3079.329076] iomap_iter+0x54a/0xdb0 [ 3079.329115] __iomap_dio_rw+0x6ac/0x1cf0 [ 3079.329164] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3079.329199] ? lock_release+0xc8/0x290 [ 3079.329225] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3079.329271] ? kasan_quarantine_put+0x84/0x1e0 [ 3079.329350] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3079.329375] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3079.329419] iomap_dio_rw+0x40/0xa0 [ 3079.329454] ext4_file_write_iter+0xe0b/0x1990 [ 3079.329502] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3079.329530] ? __kasan_kmalloc+0x7f/0x90 [ 3079.329553] ? trace_kmalloc+0x1f/0xb0 [ 3079.329574] ? __kmalloc_noprof+0x215/0x4b0 [ 3079.329603] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3079.329642] iter_file_splice_write+0x927/0x10c0 [ 3079.329691] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3079.329753] ? lock_is_held_type+0x9e/0x120 [ 3079.329775] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3079.329806] direct_splice_actor+0x192/0x7b0 [ 3079.329838] splice_direct_to_actor+0x347/0x9d0 [ 3079.329868] ? __pfx_direct_splice_actor+0x10/0x10 [ 3079.329904] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3079.329935] ? lock_acquire+0x15e/0x2f0 [ 3079.329965] do_splice_direct+0x179/0x250 [ 3079.329992] ? __pfx_do_splice_direct+0x10/0x10 [ 3079.330020] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3079.330052] ? security_file_permission+0x22/0x90 [ 3079.330084] do_sendfile+0xa8e/0xdc0 [ 3079.330124] ? __pfx_do_sendfile+0x10/0x10 [ 3079.330155] ? __fget_files+0x20d/0x3b0 [ 3079.330200] __x64_sys_sendfile64+0x1d3/0x210 [ 3079.330225] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3079.330262] do_syscall_64+0xbf/0x360 [ 3079.330291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3079.330315] RIP: 0033:0x7f85c6477b19 [ 3079.330334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3079.330357] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3079.330379] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 3079.330394] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3079.330407] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3079.330421] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3079.330435] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 3079.330472] [ 3079.338420] loop6: detected capacity change from 0 to 256 09:37:31 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 85) 09:37:31 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xf0ffff, 0x1) 09:37:31 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x4, 0x0, 0x0, 0x401}, {0x3f, 0x5, 0x0, 0x8}, {0x3, 0x6b, 0x5, 0x5}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x80, 0x0) pwritev(r2, &(0x7f0000000600)=[{&(0x7f0000000480)="0732a0228c9c3155f1a5590112ee53433b9c594029a217fd90825fbe34e30eafdc3db89c53c876d8515e25a740b6ac", 0x2f}, {&(0x7f00000004c0)="ef09fe82dca8bbc5bd08c0c16d47afa91c4f91b21a0c8edf709a54b9a338a9fad527b5a3862ef0c53a3cff2495598217fa417dc228ae277755e346dd7cbc4480c023612cbf488d49b2a3088f54c1622213b5bf60e6042e9dea3ebc1975aba38082727e2e90266f137bfdc675051ce7b09372d77052029df5cfe0e7bf0cb45cb18ed35df22cad8883153c9cd41fe9e8ea50d18c33f5531ff5b9719a0357e63c6baf372fdbb129f06177c323655587a1e2014f1ef244e7b31613fa7529cfe0f5518b6e7aa05f09557c0e446e76f000b4edd18ffe6754da66e5d65376c5b236225b20fdb280a73128f3", 0xe8}, {&(0x7f00000005c0)}], 0x3, 0x7, 0x1) sendfile(r0, r1, 0x0, 0x80000) r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000000)={0x0, 0x0, r3, 0x8, 0x80000}) r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r4, 0x0) [ 3079.450841] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3079.453015] loop2: detected capacity change from 0 to 256 09:37:31 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 90) [ 3079.488036] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3079.526588] loop0: detected capacity change from 0 to 256 09:37:32 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x5000000, 0x1) [ 3079.552023] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3079.565755] FAULT_INJECTION: forcing a failure. [ 3079.565755] name failslab, interval 1, probability 0, space 0, times 0 09:37:32 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:37:32 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 88) [ 3079.567751] CPU: 1 UID: 0 PID: 17623 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3079.567782] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3079.567796] Call Trace: [ 3079.567804] [ 3079.567814] dump_stack_lvl+0xfa/0x120 [ 3079.567848] should_fail_ex+0x4d7/0x5e0 [ 3079.567899] should_failslab+0xc2/0x120 [ 3079.567936] __kmalloc_cache_noprof+0x73/0x470 [ 3079.567964] ? __ext4_journal_stop+0xe2/0x1f0 [ 3079.567995] ? ext4_file_write_iter+0xdbd/0x1990 [ 3079.568024] ? iter_file_splice_write+0x927/0x10c0 [ 3079.568050] ? direct_splice_actor+0x192/0x7b0 [ 3079.568075] ? splice_direct_to_actor+0x347/0x9d0 [ 3079.568099] ? __iomap_dio_rw+0x270/0x1cf0 [ 3079.568128] ? do_sendfile+0xa8e/0xdc0 [ 3079.568157] ? do_syscall_64+0xbf/0x360 [ 3079.568187] ? __iomap_dio_rw+0x270/0x1cf0 [ 3079.568215] __iomap_dio_rw+0x270/0x1cf0 [ 3079.568245] ? __pfx_perf_trace_lock+0x10/0x10 [ 3079.568279] ? lock_acquire+0x15e/0x2f0 [ 3079.568302] ? __virt_addr_valid+0x1c6/0x5d0 [ 3079.568340] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3079.568374] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3079.568406] ? lock_release+0xc8/0x290 [ 3079.568430] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3079.568468] ? mark_held_locks+0x49/0x80 [ 3079.568497] ? kasan_quarantine_put+0x84/0x1e0 [ 3079.568563] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3079.568590] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3079.568634] iomap_dio_rw+0x40/0xa0 [ 3079.568669] ext4_file_write_iter+0xe0b/0x1990 [ 3079.568716] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3079.568744] ? __kasan_kmalloc+0x7f/0x90 [ 3079.568767] ? trace_kmalloc+0x1f/0xb0 [ 3079.568787] ? __kmalloc_noprof+0x215/0x4b0 [ 3079.568816] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3079.568853] iter_file_splice_write+0x927/0x10c0 [ 3079.568903] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3079.568966] ? lock_is_held_type+0x9e/0x120 [ 3079.568988] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3079.569019] direct_splice_actor+0x192/0x7b0 [ 3079.569052] splice_direct_to_actor+0x347/0x9d0 [ 3079.569081] ? __pfx_direct_splice_actor+0x10/0x10 [ 3079.569117] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3079.569148] ? lock_acquire+0x15e/0x2f0 [ 3079.569178] do_splice_direct+0x179/0x250 [ 3079.569205] ? __pfx_do_splice_direct+0x10/0x10 [ 3079.569233] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3079.569265] ? security_file_permission+0x22/0x90 [ 3079.569297] do_sendfile+0xa8e/0xdc0 [ 3079.569351] ? __pfx_do_sendfile+0x10/0x10 [ 3079.569382] ? __fget_files+0x20d/0x3b0 [ 3079.569427] __x64_sys_sendfile64+0x1d3/0x210 [ 3079.569451] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3079.569489] do_syscall_64+0xbf/0x360 [ 3079.569517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3079.569540] RIP: 0033:0x7fe5d2196b19 [ 3079.569559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3079.569581] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3079.569603] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3079.569618] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3079.569632] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3079.569645] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3079.569659] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3079.569697] [ 3079.625327] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:37:32 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x83000) 09:37:32 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x1000000, 0x1) 09:37:32 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 86) [ 3079.779214] loop6: detected capacity change from 0 to 256 [ 3079.797471] loop2: detected capacity change from 0 to 256 09:37:32 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 91) [ 3079.820396] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3079.823174] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3079.846587] loop0: detected capacity change from 0 to 256 [ 3079.873950] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3079.878995] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3079.914429] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3080.001188] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3080.371948] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 3080.373301] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 3080.374962] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 3080.375593] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 3080.376791] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 3080.378167] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 3080.378775] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 3080.380106] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 3081.589058] Bluetooth: hci0: command 0x0406 tx timeout [ 3082.421105] Bluetooth: hci1: command 0x0c1a tx timeout [ 3082.422926] Bluetooth: hci7: command 0x0406 tx timeout [ 3082.423966] Bluetooth: hci6: command 0x0406 tx timeout [ 3082.424981] Bluetooth: hci5: command 0x0406 tx timeout [ 3082.425998] Bluetooth: hci4: command 0x0406 tx timeout [ 3082.427007] Bluetooth: hci3: command 0x0406 tx timeout [ 3082.428011] Bluetooth: hci2: command 0x0406 tx timeout 09:37:42 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/101, 0x65}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000002400)=""/140, 0x8c}, {&(0x7f0000001400)=""/4096, 0x1000}, {&(0x7f0000000340)=""/89, 0x59}], 0x5, 0x5, 0x4) ftruncate(r0, 0x0) 09:37:42 executing program 2: mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:37:42 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2000000, 0x1) 09:37:42 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x6000000, 0x1) 09:37:42 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 89) 09:37:42 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 87) 09:37:42 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x830b3) 09:37:42 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 92) [ 3089.662194] loop0: detected capacity change from 0 to 256 [ 3089.687561] loop6: detected capacity change from 0 to 256 [ 3089.705122] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3089.724130] FAULT_INJECTION: forcing a failure. [ 3089.724130] name failslab, interval 1, probability 0, space 0, times 0 [ 3089.725106] CPU: 0 UID: 0 PID: 17669 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3089.725124] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3089.725132] Call Trace: [ 3089.725137] [ 3089.725143] dump_stack_lvl+0xfa/0x120 [ 3089.725165] should_fail_ex+0x4d7/0x5e0 [ 3089.725189] ? ext4_mb_new_blocks+0x64e/0x4570 [ 3089.725206] should_failslab+0xc2/0x120 [ 3089.725228] kmem_cache_alloc_noprof+0x5f/0x470 [ 3089.725244] ? ext4_dirty_inode+0xf1/0x130 [ 3089.725264] ? __mark_inode_dirty+0x254/0xd00 [ 3089.725288] ext4_mb_new_blocks+0x64e/0x4570 [ 3089.725313] ? kasan_save_track+0x14/0x30 [ 3089.725326] ? __kasan_kmalloc+0x7f/0x90 [ 3089.725341] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 3089.725359] ? ext4_ext_search_right+0x2e8/0xbd0 [ 3089.725387] ext4_ext_map_blocks+0x1c55/0x5f30 [ 3089.725411] ? unwind_next_frame+0x3bc/0x2540 [ 3089.725429] ? do_syscall_64+0xbf/0x360 [ 3089.725443] ? perf_trace_lock_acquire+0xc9/0x700 [ 3089.725471] ? perf_trace_lock_acquire+0xc9/0x700 [ 3089.725489] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 3089.725512] ? lock_acquire+0x15e/0x2f0 [ 3089.725525] ? ext4_map_blocks+0x569/0x15a0 [ 3089.725551] ? __pfx_down_write+0x10/0x10 [ 3089.725565] ? ext4_es_lookup_extent+0xc8/0xb20 [ 3089.725586] ext4_map_blocks+0x630/0x15a0 [ 3089.725608] ? __pfx_ext4_map_blocks+0x10/0x10 [ 3089.725622] ? lock_is_held_type+0x9e/0x120 [ 3089.725639] ? jbd2__journal_start+0xf6/0x6b0 [ 3089.725656] ? __ext4_journal_start_sb+0x325/0x5d0 [ 3089.725673] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 3089.725690] ? ext4_iomap_begin+0x5b8/0xe80 [ 3089.725711] ext4_iomap_begin+0xa62/0xe80 [ 3089.725738] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3089.725762] ? __create_object+0x59/0x80 [ 3089.725778] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3089.725797] iomap_iter+0x54a/0xdb0 [ 3089.725819] __iomap_dio_rw+0x6ac/0x1cf0 [ 3089.725845] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3089.725869] ? lock_release+0xc8/0x290 [ 3089.725882] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3089.725907] ? kasan_quarantine_put+0x84/0x1e0 [ 3089.725943] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3089.725957] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3089.725981] iomap_dio_rw+0x40/0xa0 [ 3089.726000] ext4_file_write_iter+0xe0b/0x1990 [ 3089.726025] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3089.726041] ? __kasan_kmalloc+0x7f/0x90 [ 3089.726053] ? trace_kmalloc+0x1f/0xb0 [ 3089.726063] ? __kmalloc_noprof+0x215/0x4b0 [ 3089.726079] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3089.726099] iter_file_splice_write+0x927/0x10c0 [ 3089.726126] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3089.726160] ? lock_is_held_type+0x9e/0x120 [ 3089.726172] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3089.726188] direct_splice_actor+0x192/0x7b0 [ 3089.726206] splice_direct_to_actor+0x347/0x9d0 [ 3089.726222] ? __pfx_direct_splice_actor+0x10/0x10 [ 3089.726241] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3089.726258] ? lock_acquire+0x15e/0x2f0 [ 3089.726274] do_splice_direct+0x179/0x250 [ 3089.726288] ? __pfx_do_splice_direct+0x10/0x10 [ 3089.726303] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3089.726321] ? security_file_permission+0x22/0x90 [ 3089.726339] do_sendfile+0xa8e/0xdc0 [ 3089.726361] ? __pfx_do_sendfile+0x10/0x10 [ 3089.726380] ? perf_trace_preemptirq_template+0x259/0x430 [ 3089.726403] __x64_sys_sendfile64+0x1d3/0x210 [ 3089.726416] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3089.726437] do_syscall_64+0xbf/0x360 [ 3089.726451] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3089.726465] RIP: 0033:0x7f7b6ab9db19 [ 3089.726475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3089.726487] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3089.726503] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 3089.726512] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3089.726519] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 3089.726526] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3089.726534] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 3089.726555] [ 3089.776375] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:37:42 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000040)}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x3, 0x4, 0x13, 0x1}, {0x8, 0x6, 0xdb, 0x80000000}, {0x3f, 0x7, 0x0, 0x7}, {0x5, 0x6, 0x3, 0x7b64}, {0x2, 0xff, 0x2f, 0x400}, {0x1f, 0x40, 0x0, 0x5}]}) ftruncate(r0, 0x0) 09:37:42 executing program 2: mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) [ 3089.811326] FAULT_INJECTION: forcing a failure. [ 3089.811326] name failslab, interval 1, probability 0, space 0, times 0 [ 3089.812987] CPU: 1 UID: 0 PID: 17665 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3089.813021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3089.813036] Call Trace: [ 3089.813046] [ 3089.813059] dump_stack_lvl+0xfa/0x120 [ 3089.813097] should_fail_ex+0x4d7/0x5e0 [ 3089.813144] ? __es_insert_extent+0xed2/0x1370 [ 3089.813172] should_failslab+0xc2/0x120 [ 3089.813213] kmem_cache_alloc_noprof+0x5f/0x470 [ 3089.813248] ? __pfx___es_remove_extent+0x10/0x10 [ 3089.813276] ? ext4_es_can_be_merged.isra.0+0x13b/0x160 [ 3089.813314] __es_insert_extent+0xed2/0x1370 [ 3089.813364] ext4_es_insert_extent+0x4d0/0x1100 [ 3089.813408] ? __pfx_ext4_es_insert_extent+0x10/0x10 [ 3089.813442] ? percpu_counter_add_batch+0x126/0x240 [ 3089.813496] ? find_held_lock+0x2b/0x80 [ 3089.813535] ? lock_release+0xc8/0x290 [ 3089.813564] ? do_raw_read_unlock+0x44/0xe0 [ 3089.813598] ? ext4_es_lookup_extent+0xc8/0xb20 [ 3089.813639] ext4_map_blocks+0x815/0x15a0 [ 3089.813684] ? __pfx_ext4_map_blocks+0x10/0x10 [ 3089.813713] ? lock_is_held_type+0x9e/0x120 [ 3089.813747] ? jbd2__journal_start+0xf6/0x6b0 [ 3089.813780] ? __ext4_journal_start_sb+0x325/0x5d0 [ 3089.813815] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 3089.813849] ? ext4_iomap_begin+0x5b8/0xe80 [ 3089.813898] ext4_iomap_begin+0xa62/0xe80 [ 3089.813951] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3089.814000] ? __create_object+0x59/0x80 [ 3089.814030] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3089.814067] iomap_iter+0x54a/0xdb0 [ 3089.814109] __iomap_dio_rw+0x6ac/0x1cf0 [ 3089.814161] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3089.814198] ? lock_release+0xc8/0x290 [ 3089.814224] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3089.814274] ? kasan_quarantine_put+0x84/0x1e0 [ 3089.814345] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3089.814373] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3089.814421] iomap_dio_rw+0x40/0xa0 [ 3089.814458] ext4_file_write_iter+0xe0b/0x1990 [ 3089.814508] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3089.814539] ? __kasan_kmalloc+0x7f/0x90 [ 3089.814563] ? trace_kmalloc+0x1f/0xb0 [ 3089.814586] ? __kmalloc_noprof+0x215/0x4b0 [ 3089.814618] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3089.814659] iter_file_splice_write+0x927/0x10c0 [ 3089.814712] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3089.814778] ? lock_is_held_type+0x9e/0x120 [ 3089.814802] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3089.814835] direct_splice_actor+0x192/0x7b0 [ 3089.814870] splice_direct_to_actor+0x347/0x9d0 [ 3089.814903] ? __pfx_direct_splice_actor+0x10/0x10 [ 3089.814941] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3089.814975] ? lock_acquire+0x15e/0x2f0 [ 3089.815007] do_splice_direct+0x179/0x250 [ 3089.815036] ? __pfx_do_splice_direct+0x10/0x10 [ 3089.815066] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3089.815101] ? security_file_permission+0x22/0x90 [ 3089.815136] do_sendfile+0xa8e/0xdc0 [ 3089.815179] ? __pfx_do_sendfile+0x10/0x10 [ 3089.815213] ? __fget_files+0x20d/0x3b0 [ 3089.815261] __x64_sys_sendfile64+0x1d3/0x210 [ 3089.815288] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3089.815328] do_syscall_64+0xbf/0x360 [ 3089.815358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3089.815384] RIP: 0033:0x7f85c6477b19 [ 3089.815404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3089.815429] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3089.815453] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 3089.815470] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3089.815485] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3089.815500] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3089.815515] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 3089.815555] [ 3089.895141] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:37:42 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x7000000, 0x1) 09:37:42 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3000000, 0x1) [ 3089.961087] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:37:42 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 90) [ 3090.012704] loop6: detected capacity change from 0 to 256 09:37:42 executing program 2: mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) [ 3090.025979] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:37:42 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 88) [ 3090.114484] loop0: detected capacity change from 0 to 256 [ 3090.128056] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3090.174016] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:37:42 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 93) [ 3090.192054] FAULT_INJECTION: forcing a failure. [ 3090.192054] name failslab, interval 1, probability 0, space 0, times 0 [ 3090.193131] CPU: 0 UID: 0 PID: 17686 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3090.193148] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3090.193157] Call Trace: [ 3090.193162] [ 3090.193167] dump_stack_lvl+0xfa/0x120 [ 3090.193187] should_fail_ex+0x4d7/0x5e0 [ 3090.193212] ? jbd2__journal_start+0x193/0x6b0 [ 3090.193226] should_failslab+0xc2/0x120 [ 3090.193247] kmem_cache_alloc_noprof+0x5f/0x470 [ 3090.193265] ? lock_is_held_type+0x9e/0x120 [ 3090.193282] jbd2__journal_start+0x193/0x6b0 [ 3090.193299] __ext4_journal_start_sb+0x325/0x5d0 [ 3090.193317] ? ext4_iomap_begin+0x5b8/0xe80 [ 3090.193338] ext4_iomap_begin+0x5b8/0xe80 [ 3090.193366] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3090.193390] ? __create_object+0x59/0x80 [ 3090.193405] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3090.193424] iomap_iter+0x54a/0xdb0 [ 3090.193446] __iomap_dio_rw+0x6ac/0x1cf0 [ 3090.193483] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3090.193503] ? lock_release+0xc8/0x290 [ 3090.193518] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3090.193543] ? kasan_quarantine_put+0x84/0x1e0 [ 3090.193578] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3090.193592] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3090.193616] iomap_dio_rw+0x40/0xa0 [ 3090.193635] ext4_file_write_iter+0xe0b/0x1990 [ 3090.193660] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3090.193676] ? __kasan_kmalloc+0x7f/0x90 [ 3090.193688] ? trace_kmalloc+0x1f/0xb0 [ 3090.193699] ? __kmalloc_noprof+0x215/0x4b0 [ 3090.193715] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3090.193736] iter_file_splice_write+0x927/0x10c0 [ 3090.193765] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3090.193801] ? lock_is_held_type+0x9e/0x120 [ 3090.193813] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3090.193830] direct_splice_actor+0x192/0x7b0 [ 3090.193851] splice_direct_to_actor+0x347/0x9d0 [ 3090.193867] ? __pfx_direct_splice_actor+0x10/0x10 [ 3090.193890] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3090.193907] ? lock_acquire+0x15e/0x2f0 [ 3090.193924] do_splice_direct+0x179/0x250 [ 3090.193938] ? __pfx_do_splice_direct+0x10/0x10 [ 3090.193954] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3090.193971] ? security_file_permission+0x22/0x90 [ 3090.193989] do_sendfile+0xa8e/0xdc0 [ 3090.194011] ? __pfx_do_sendfile+0x10/0x10 [ 3090.194027] ? __fget_files+0x20d/0x3b0 [ 3090.194052] __x64_sys_sendfile64+0x1d3/0x210 [ 3090.194065] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3090.194086] do_syscall_64+0xbf/0x360 [ 3090.194101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3090.194115] RIP: 0033:0x7fe5d2196b19 [ 3090.194125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3090.194138] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3090.194150] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3090.194158] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3090.194165] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3090.194173] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3090.194180] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3090.194200] [ 3090.255140] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3090.260794] FAULT_INJECTION: forcing a failure. [ 3090.260794] name failslab, interval 1, probability 0, space 0, times 0 [ 3090.262760] CPU: 1 UID: 0 PID: 17688 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3090.262793] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3090.262809] Call Trace: [ 3090.262818] [ 3090.262828] dump_stack_lvl+0xfa/0x120 [ 3090.262870] should_fail_ex+0x4d7/0x5e0 [ 3090.262921] ? ext4_find_extent+0x7f5/0xa00 [ 3090.262946] should_failslab+0xc2/0x120 [ 3090.262986] __kmalloc_noprof+0xb4/0x4b0 [ 3090.263030] ext4_find_extent+0x7f5/0xa00 [ 3090.263064] ext4_ext_map_blocks+0x1cc/0x5f30 [ 3090.263109] ? unwind_next_frame+0x3bc/0x2540 [ 3090.263144] ? do_syscall_64+0xbf/0x360 [ 3090.263172] ? perf_trace_lock_acquire+0xc9/0x700 [ 3090.263202] ? perf_trace_lock_acquire+0xc9/0x700 [ 3090.263235] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 3090.263280] ? lock_acquire+0x15e/0x2f0 [ 3090.263305] ? ext4_map_blocks+0x569/0x15a0 [ 3090.263353] ? down_write+0x119/0x1f0 [ 3090.263381] ? __pfx_down_write+0x10/0x10 [ 3090.263405] ? ext4_es_lookup_extent+0xc8/0xb20 [ 3090.263446] ext4_map_blocks+0x630/0x15a0 [ 3090.263489] ? __pfx_ext4_map_blocks+0x10/0x10 [ 3090.263519] ? lock_is_held_type+0x9e/0x120 [ 3090.263551] ? jbd2__journal_start+0xf6/0x6b0 [ 3090.263585] ? __ext4_journal_start_sb+0x325/0x5d0 [ 3090.263619] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 3090.263654] ? ext4_iomap_begin+0x5b8/0xe80 [ 3090.263695] ext4_iomap_begin+0xa62/0xe80 [ 3090.263749] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3090.263797] ? __create_object+0x59/0x80 [ 3090.263827] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3090.263865] iomap_iter+0x54a/0xdb0 [ 3090.263914] __iomap_dio_rw+0x6ac/0x1cf0 [ 3090.263969] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3090.264008] ? lock_release+0xc8/0x290 [ 3090.264034] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3090.264083] ? kasan_quarantine_put+0x84/0x1e0 [ 3090.264154] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3090.264182] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3090.264230] iomap_dio_rw+0x40/0xa0 [ 3090.264267] ext4_file_write_iter+0xe0b/0x1990 [ 3090.264317] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3090.264348] ? __kasan_kmalloc+0x7f/0x90 [ 3090.264373] ? trace_kmalloc+0x1f/0xb0 [ 3090.264395] ? __kmalloc_noprof+0x215/0x4b0 [ 3090.264426] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3090.264467] iter_file_splice_write+0x927/0x10c0 [ 3090.264520] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3090.264586] ? lock_is_held_type+0x9e/0x120 [ 3090.264609] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3090.264643] direct_splice_actor+0x192/0x7b0 [ 3090.264677] splice_direct_to_actor+0x347/0x9d0 [ 3090.264709] ? __pfx_direct_splice_actor+0x10/0x10 [ 3090.264748] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3090.264781] ? lock_acquire+0x15e/0x2f0 [ 3090.264813] do_splice_direct+0x179/0x250 [ 3090.264842] ? __pfx_do_splice_direct+0x10/0x10 [ 3090.264873] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3090.264907] ? security_file_permission+0x22/0x90 [ 3090.264942] do_sendfile+0xa8e/0xdc0 [ 3090.264985] ? __pfx_do_sendfile+0x10/0x10 [ 3090.265019] ? __fget_files+0x20d/0x3b0 [ 3090.265067] __x64_sys_sendfile64+0x1d3/0x210 [ 3090.265093] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3090.265133] do_syscall_64+0xbf/0x360 [ 3090.265162] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3090.265188] RIP: 0033:0x7f7b6ab9db19 [ 3090.265206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3090.265230] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3090.265254] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 3090.265270] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3090.265285] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 3090.265300] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3090.265315] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 3090.265355] 09:37:52 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 94) 09:37:52 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x8000000, 0x1) 09:37:52 executing program 1: r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0xc0709411, &(0x7f0000000240)={{0x0, 0x100000001, 0x7, 0x8, 0x6, 0x9ac, 0x4, 0x101, 0x0, 0x7, 0x3, 0x8, 0xa5, 0x2, 0x20000}, 0x28, [0x0, 0x0, 0x0, 0x0, 0x0]}) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r2, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18}, './file0\x00'}) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r4, 0x0) preadv(r3, &(0x7f0000000080)=[{&(0x7f0000000140)=""/250, 0xfa}], 0x1, 0x9, 0xdc) 09:37:52 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x4000000, 0x1) 09:37:52 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:37:52 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x83f00) 09:37:52 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 89) 09:37:52 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 91) [ 3100.093288] loop0: detected capacity change from 0 to 256 [ 3100.101402] loop6: detected capacity change from 0 to 256 [ 3100.132306] loop2: detected capacity change from 0 to 256 [ 3100.146338] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3100.150737] FAULT_INJECTION: forcing a failure. [ 3100.150737] name failslab, interval 1, probability 0, space 0, times 0 [ 3100.151692] CPU: 0 UID: 0 PID: 17705 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3100.151710] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3100.151718] Call Trace: [ 3100.151724] [ 3100.151730] dump_stack_lvl+0xfa/0x120 [ 3100.151751] should_fail_ex+0x4d7/0x5e0 [ 3100.151776] ? jbd2__journal_start+0x193/0x6b0 [ 3100.151790] should_failslab+0xc2/0x120 [ 3100.151812] kmem_cache_alloc_noprof+0x5f/0x470 [ 3100.151830] ? lock_is_held_type+0x9e/0x120 [ 3100.151852] jbd2__journal_start+0x193/0x6b0 [ 3100.151869] __ext4_journal_start_sb+0x325/0x5d0 [ 3100.151888] ? ext4_iomap_begin+0x5b8/0xe80 [ 3100.151910] ext4_iomap_begin+0x5b8/0xe80 [ 3100.151937] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3100.151961] ? __create_object+0x59/0x80 [ 3100.151977] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3100.151996] iomap_iter+0x54a/0xdb0 [ 3100.152018] __iomap_dio_rw+0x6ac/0x1cf0 [ 3100.152044] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3100.152064] ? lock_release+0xc8/0x290 [ 3100.152079] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3100.152104] ? kasan_quarantine_put+0x84/0x1e0 [ 3100.152140] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3100.152154] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3100.152178] iomap_dio_rw+0x40/0xa0 [ 3100.152197] ext4_file_write_iter+0xe0b/0x1990 [ 3100.152223] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3100.152238] ? __kasan_kmalloc+0x7f/0x90 [ 3100.152251] ? trace_kmalloc+0x1f/0xb0 [ 3100.152262] ? __kmalloc_noprof+0x215/0x4b0 [ 3100.152277] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3100.152298] iter_file_splice_write+0x927/0x10c0 [ 3100.152325] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3100.152359] ? lock_is_held_type+0x9e/0x120 [ 3100.152370] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3100.152387] direct_splice_actor+0x192/0x7b0 [ 3100.152405] splice_direct_to_actor+0x347/0x9d0 [ 3100.152421] ? __pfx_direct_splice_actor+0x10/0x10 [ 3100.152441] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3100.152458] ? lock_acquire+0x15e/0x2f0 [ 3100.152474] do_splice_direct+0x179/0x250 [ 3100.152488] ? __pfx_do_splice_direct+0x10/0x10 [ 3100.152504] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3100.152521] ? security_file_permission+0x22/0x90 [ 3100.152539] do_sendfile+0xa8e/0xdc0 [ 3100.152561] ? __pfx_do_sendfile+0x10/0x10 [ 3100.152577] ? __fget_files+0x20d/0x3b0 [ 3100.152603] __x64_sys_sendfile64+0x1d3/0x210 [ 3100.152616] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3100.152636] do_syscall_64+0xbf/0x360 [ 3100.152651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3100.152665] RIP: 0033:0x7fe5d2196b19 [ 3100.152675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3100.152687] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3100.152700] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3100.152708] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3100.152716] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3100.152723] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3100.152730] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3100.152751] [ 3100.194633] FAULT_INJECTION: forcing a failure. [ 3100.194633] name failslab, interval 1, probability 0, space 0, times 0 [ 3100.195953] CPU: 0 UID: 0 PID: 17704 Comm: syz-executor.5 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3100.195971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3100.195979] Call Trace: [ 3100.195984] [ 3100.195989] dump_stack_lvl+0xfa/0x120 [ 3100.196006] should_fail_ex+0x4d7/0x5e0 [ 3100.196030] ? __es_insert_extent+0xed2/0x1370 [ 3100.196044] should_failslab+0xc2/0x120 [ 3100.196067] kmem_cache_alloc_noprof+0x5f/0x470 [ 3100.196084] ? __pfx___es_remove_extent+0x10/0x10 [ 3100.196098] ? ext4_es_can_be_merged.isra.0+0x13b/0x160 [ 3100.196117] __es_insert_extent+0xed2/0x1370 [ 3100.196142] ext4_es_insert_extent+0x4d0/0x1100 [ 3100.196165] ? __pfx_ext4_es_insert_extent+0x10/0x10 [ 3100.196180] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 3100.196198] ? percpu_counter_add_batch+0x126/0x240 [ 3100.196219] ? find_held_lock+0x2b/0x80 [ 3100.196237] ? lock_release+0xc8/0x290 [ 3100.196252] ? do_raw_read_unlock+0x44/0xe0 [ 3100.196268] ? ext4_es_lookup_extent+0xc8/0xb20 [ 3100.196289] ext4_map_blocks+0x815/0x15a0 [ 3100.196312] ? __pfx_ext4_map_blocks+0x10/0x10 [ 3100.196326] ? lock_is_held_type+0x9e/0x120 [ 3100.196343] ? jbd2__journal_start+0xf6/0x6b0 [ 3100.196360] ? __ext4_journal_start_sb+0x325/0x5d0 [ 3100.196377] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 3100.196394] ? ext4_iomap_begin+0x5b8/0xe80 [ 3100.196415] ext4_iomap_begin+0xa62/0xe80 [ 3100.196442] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3100.196466] ? __create_object+0x59/0x80 [ 3100.196480] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3100.196499] iomap_iter+0x54a/0xdb0 [ 3100.196521] __iomap_dio_rw+0x6ac/0x1cf0 [ 3100.196547] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3100.196566] ? lock_release+0xc8/0x290 [ 3100.196579] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3100.196604] ? kasan_quarantine_put+0x84/0x1e0 [ 3100.196640] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3100.196654] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3100.196678] iomap_dio_rw+0x40/0xa0 [ 3100.196697] ext4_file_write_iter+0xe0b/0x1990 [ 3100.196723] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3100.196738] ? __kasan_kmalloc+0x7f/0x90 [ 3100.196750] ? trace_kmalloc+0x1f/0xb0 [ 3100.196762] ? __kmalloc_noprof+0x215/0x4b0 [ 3100.196777] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3100.196798] iter_file_splice_write+0x927/0x10c0 [ 3100.196825] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3100.196863] ? lock_is_held_type+0x9e/0x120 [ 3100.196875] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3100.196892] direct_splice_actor+0x192/0x7b0 [ 3100.196909] splice_direct_to_actor+0x347/0x9d0 [ 3100.196926] ? __pfx_direct_splice_actor+0x10/0x10 [ 3100.196945] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3100.196962] ? lock_acquire+0x15e/0x2f0 [ 3100.196978] do_splice_direct+0x179/0x250 [ 3100.196993] ? __pfx_do_splice_direct+0x10/0x10 [ 3100.197008] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3100.197026] ? security_file_permission+0x22/0x90 [ 3100.197043] do_sendfile+0xa8e/0xdc0 [ 3100.197065] ? __pfx_do_sendfile+0x10/0x10 [ 3100.197084] ? perf_trace_preemptirq_template+0x259/0x430 [ 3100.197108] __x64_sys_sendfile64+0x1d3/0x210 [ 3100.197121] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3100.197120] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3100.197141] do_syscall_64+0xbf/0x360 [ 3100.197159] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3100.197174] RIP: 0033:0x7f85c6477b19 [ 3100.197184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3100.197197] RSP: 002b:00007f85c39ed188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3100.197210] RAX: ffffffffffffffda RBX: 00007f85c658af60 RCX: 00007f85c6477b19 [ 3100.197218] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3100.197226] RBP: 00007f85c39ed1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3100.197234] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3100.197242] R13: 00007ffe15b6601f R14: 00007f85c39ed300 R15: 0000000000022000 [ 3100.197262] 09:37:52 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:37:52 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x5000000, 0x1) 09:37:52 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x84000) [ 3100.281323] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3100.287537] FAULT_INJECTION: forcing a failure. [ 3100.287537] name failslab, interval 1, probability 0, space 0, times 0 [ 3100.288487] CPU: 0 UID: 0 PID: 17711 Comm: syz-executor.3 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3100.288504] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3100.288512] Call Trace: [ 3100.288518] [ 3100.288523] dump_stack_lvl+0xfa/0x120 [ 3100.288544] should_fail_ex+0x4d7/0x5e0 [ 3100.288568] ? ext4_find_extent+0x7f5/0xa00 [ 3100.288581] should_failslab+0xc2/0x120 [ 3100.288602] __kmalloc_noprof+0xb4/0x4b0 [ 3100.288624] ext4_find_extent+0x7f5/0xa00 [ 3100.288642] ext4_ext_map_blocks+0x1cc/0x5f30 [ 3100.288665] ? unwind_next_frame+0x3bc/0x2540 [ 3100.288683] ? do_syscall_64+0xbf/0x360 [ 3100.288698] ? perf_trace_lock_acquire+0xc9/0x700 [ 3100.288713] ? perf_trace_lock_acquire+0xc9/0x700 [ 3100.288730] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 3100.288753] ? lock_acquire+0x15e/0x2f0 [ 3100.288766] ? ext4_map_blocks+0x569/0x15a0 [ 3100.288790] ? down_write+0x119/0x1f0 [ 3100.288804] ? __pfx_down_write+0x10/0x10 [ 3100.288816] ? ext4_es_lookup_extent+0xc8/0xb20 [ 3100.288838] ext4_map_blocks+0x630/0x15a0 [ 3100.288864] ? __pfx_ext4_map_blocks+0x10/0x10 [ 3100.288878] ? lock_is_held_type+0x9e/0x120 [ 3100.288899] ? jbd2__journal_start+0xf6/0x6b0 [ 3100.288916] ? __ext4_journal_start_sb+0x325/0x5d0 [ 3100.288934] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 3100.288951] ? ext4_iomap_begin+0x5b8/0xe80 [ 3100.288971] ext4_iomap_begin+0xa62/0xe80 [ 3100.288998] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3100.289022] ? __create_object+0x59/0x80 [ 3100.289039] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3100.289058] iomap_iter+0x54a/0xdb0 [ 3100.289080] __iomap_dio_rw+0x6ac/0x1cf0 [ 3100.289106] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3100.289126] ? lock_release+0xc8/0x290 [ 3100.289139] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3100.289164] ? kasan_quarantine_put+0x84/0x1e0 [ 3100.289200] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3100.289213] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3100.289238] iomap_dio_rw+0x40/0xa0 [ 3100.289257] ext4_file_write_iter+0xe0b/0x1990 [ 3100.289282] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3100.289298] ? __kasan_kmalloc+0x7f/0x90 [ 3100.289310] ? trace_kmalloc+0x1f/0xb0 [ 3100.289321] ? __kmalloc_noprof+0x215/0x4b0 [ 3100.289337] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3100.289358] iter_file_splice_write+0x927/0x10c0 [ 3100.289385] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3100.289419] ? lock_is_held_type+0x9e/0x120 [ 3100.289430] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3100.289447] direct_splice_actor+0x192/0x7b0 [ 3100.289465] splice_direct_to_actor+0x347/0x9d0 [ 3100.289480] ? __pfx_direct_splice_actor+0x10/0x10 [ 3100.289500] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3100.289517] ? lock_acquire+0x15e/0x2f0 [ 3100.289533] do_splice_direct+0x179/0x250 [ 3100.289548] ? __pfx_do_splice_direct+0x10/0x10 [ 3100.289563] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3100.289580] ? security_file_permission+0x22/0x90 [ 3100.289598] do_sendfile+0xa8e/0xdc0 [ 3100.289631] ? __pfx_do_sendfile+0x10/0x10 [ 3100.289648] ? __fget_files+0x20d/0x3b0 [ 3100.289673] __x64_sys_sendfile64+0x1d3/0x210 [ 3100.289686] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3100.289706] do_syscall_64+0xbf/0x360 [ 3100.289721] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3100.289735] RIP: 0033:0x7f7b6ab9db19 [ 3100.289745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3100.289758] RSP: 002b:00007f7b68113188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3100.289770] RAX: ffffffffffffffda RBX: 00007f7b6acb0f60 RCX: 00007f7b6ab9db19 [ 3100.289779] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 3100.289787] RBP: 00007f7b681131d0 R08: 0000000000000000 R09: 0000000000000000 [ 3100.289795] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3100.289803] R13: 00007fff5dbbd44f R14: 00007f7b68113300 R15: 0000000000022000 [ 3100.289824] 09:37:52 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x8040000, 0x1) [ 3100.426797] loop2: detected capacity change from 0 to 256 09:37:52 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 92) 09:37:52 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 90) 09:37:52 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 95) 09:37:52 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) [ 3100.555157] loop0: detected capacity change from 0 to 256 [ 3100.557524] loop6: detected capacity change from 0 to 256 [ 3100.579986] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3100.582307] FAULT_INJECTION: forcing a failure. [ 3100.582307] name failslab, interval 1, probability 0, space 0, times 0 [ 3100.583282] CPU: 0 UID: 0 PID: 17734 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3100.583298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3100.583306] Call Trace: [ 3100.583312] [ 3100.583317] dump_stack_lvl+0xfa/0x120 [ 3100.583339] should_fail_ex+0x4d7/0x5e0 [ 3100.583363] ? ext4_find_extent+0x7f5/0xa00 [ 3100.583376] should_failslab+0xc2/0x120 [ 3100.583398] __kmalloc_noprof+0xb4/0x4b0 [ 3100.583421] ext4_find_extent+0x7f5/0xa00 [ 3100.583438] ext4_ext_map_blocks+0x1cc/0x5f30 [ 3100.583462] ? unwind_next_frame+0x3bc/0x2540 [ 3100.583480] ? do_syscall_64+0xbf/0x360 [ 3100.583495] ? perf_trace_lock_acquire+0xc9/0x700 [ 3100.583511] ? perf_trace_lock_acquire+0xc9/0x700 [ 3100.583528] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 3100.583551] ? lock_acquire+0x15e/0x2f0 [ 3100.583564] ? ext4_map_blocks+0x569/0x15a0 [ 3100.583589] ? down_write+0x119/0x1f0 [ 3100.583604] ? __pfx_down_write+0x10/0x10 [ 3100.583616] ? ext4_es_lookup_extent+0xc8/0xb20 [ 3100.583637] ext4_map_blocks+0x630/0x15a0 [ 3100.583659] ? __pfx_ext4_map_blocks+0x10/0x10 [ 3100.583673] ? lock_is_held_type+0x9e/0x120 [ 3100.583690] ? jbd2__journal_start+0xf6/0x6b0 [ 3100.583707] ? __ext4_journal_start_sb+0x325/0x5d0 [ 3100.583725] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 3100.583741] ? ext4_iomap_begin+0x5b8/0xe80 [ 3100.583762] ext4_iomap_begin+0xa62/0xe80 [ 3100.583789] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3100.583814] ? __create_object+0x59/0x80 [ 3100.583829] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3100.583852] iomap_iter+0x54a/0xdb0 [ 3100.583874] __iomap_dio_rw+0x6ac/0x1cf0 [ 3100.583901] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3100.583920] ? lock_release+0xc8/0x290 [ 3100.583933] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3100.583959] ? kasan_quarantine_put+0x84/0x1e0 [ 3100.583995] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3100.584009] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3100.584034] iomap_dio_rw+0x40/0xa0 [ 3100.584053] ext4_file_write_iter+0xe0b/0x1990 [ 3100.584078] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3100.584093] ? __kasan_kmalloc+0x7f/0x90 [ 3100.584106] ? trace_kmalloc+0x1f/0xb0 [ 3100.584117] ? __kmalloc_noprof+0x215/0x4b0 [ 3100.584132] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3100.584153] iter_file_splice_write+0x927/0x10c0 [ 3100.584180] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3100.584214] ? lock_is_held_type+0x9e/0x120 [ 3100.584226] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3100.584242] direct_splice_actor+0x192/0x7b0 [ 3100.584260] splice_direct_to_actor+0x347/0x9d0 [ 3100.584276] ? __pfx_direct_splice_actor+0x10/0x10 [ 3100.584295] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3100.584305] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3100.584313] ? lock_acquire+0x15e/0x2f0 [ 3100.584332] do_splice_direct+0x179/0x250 [ 3100.584349] ? __pfx_do_splice_direct+0x10/0x10 [ 3100.584365] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3100.584383] ? security_file_permission+0x22/0x90 [ 3100.584402] do_sendfile+0xa8e/0xdc0 [ 3100.584424] ? __pfx_do_sendfile+0x10/0x10 [ 3100.584441] ? __fget_files+0x20d/0x3b0 [ 3100.584467] __x64_sys_sendfile64+0x1d3/0x210 [ 3100.584481] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3100.584501] do_syscall_64+0xbf/0x360 [ 3100.584517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3100.584530] RIP: 0033:0x7fe5d2196b19 [ 3100.584541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3100.584553] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3100.584565] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3100.584574] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3100.584582] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3100.584590] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3100.584597] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3100.584618] 09:37:53 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:37:53 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 91) 09:37:53 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x6000000, 0x1) 09:37:53 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x9000000, 0x1) [ 3100.864276] loop6: detected capacity change from 0 to 256 09:37:53 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 93) [ 3100.869790] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3100.905398] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3100.923065] loop0: detected capacity change from 0 to 256 [ 3100.951114] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3101.045556] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:05 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 94) 09:38:05 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x840b3) 09:38:05 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r2, &(0x7f00000000c0)=[{&(0x7f0000000100)="83", 0x1}], 0x1, 0x7ffff, 0x0, 0x4) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x800, 0x0) r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r4, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) sendfile(r4, r3, &(0x7f0000000380)=0x9, 0xffff) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) futimesat(r3, &(0x7f0000000200)='./file0\x00', &(0x7f0000000280)={{r5, r6/1000+60000}, {0x77359400}}) ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f0000000400)={0xe7a, 0x5, 0x5, 0x1, 0x2, [{0x10001, 0x8, 0x0, '\x00', 0x1000}, {0x68a, 0x2, 0x80, '\x00', 0x180}]}) creat(&(0x7f0000000180)='./file0\x00', 0x80) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000080)={0x0, 0x2, r2, 0x5, 0x80000}) ftruncate(r0, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = fsmount(r1, 0x1, 0xf5) sendfile(0xffffffffffffffff, r1, &(0x7f0000000340)=0x7, 0x0) futimesat(r8, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={{0x0, 0xea60}}) ioctl$BTRFS_IOC_GET_FEATURES(r7, 0x80189439, &(0x7f0000000140)) 09:38:05 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xd000000, 0x1) 09:38:05 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:38:05 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 96) 09:38:05 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 92) 09:38:05 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x7000000, 0x1) [ 3112.769102] loop6: detected capacity change from 0 to 256 [ 3112.780673] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3112.856222] loop2: detected capacity change from 0 to 256 [ 3112.863905] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:05 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xffffff6, 0x1) [ 3112.880256] loop0: detected capacity change from 0 to 256 [ 3112.899714] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:05 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) [ 3113.007717] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3113.009423] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 3113.010467] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 3113.011687] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 3113.012947] blk_print_req_error: 113 callbacks suppressed [ 3113.012964] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0 [ 3113.016038] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3113.016847] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 3113.018754] buffer_io_error: 118 callbacks suppressed [ 3113.018769] Buffer I/O error on dev sr0, logical block 0, async page read [ 3113.055822] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3113.067538] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3113.068395] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 3113.069750] Buffer I/O error on dev sr0, logical block 1, async page read 09:38:05 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x8000000, 0x1) [ 3113.098173] loop6: detected capacity change from 0 to 256 [ 3113.103719] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3113.104948] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 3113.106393] Buffer I/O error on dev sr0, logical block 2, async page read [ 3113.120939] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3113.136854] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3113.138775] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 3113.140201] Buffer I/O error on dev sr0, logical block 3, async page read [ 3113.162581] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3113.163797] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 3113.165059] Buffer I/O error on dev sr0, logical block 4, async page read [ 3113.167184] loop2: detected capacity change from 0 to 256 [ 3113.198310] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 09:38:05 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x10000000, 0x1) [ 3113.199209] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 3113.200998] Buffer I/O error on dev sr0, logical block 5, async page read [ 3113.220434] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3113.221361] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 3113.222639] Buffer I/O error on dev sr0, logical block 6, async page read [ 3113.227488] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3113.228405] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 3113.229670] Buffer I/O error on dev sr0, logical block 7, async page read 09:38:05 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 93) [ 3113.304178] loop0: detected capacity change from 0 to 256 09:38:05 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x84f00) [ 3113.319282] syz-executor.3 (17771) used greatest stack depth: 23128 bytes left [ 3113.334707] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3113.395819] loop6: detected capacity change from 0 to 256 [ 3113.422630] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3113.437217] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3113.468424] FAULT_INJECTION: forcing a failure. [ 3113.468424] name failslab, interval 1, probability 0, space 0, times 0 [ 3113.469794] CPU: 0 UID: 0 PID: 17790 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3113.469827] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3113.469838] Call Trace: [ 3113.469850] [ 3113.469858] dump_stack_lvl+0xfa/0x120 [ 3113.469886] should_fail_ex+0x4d7/0x5e0 [ 3113.469921] ? ext4_mb_new_blocks+0x64e/0x4570 [ 3113.469945] should_failslab+0xc2/0x120 [ 3113.469975] kmem_cache_alloc_noprof+0x5f/0x470 [ 3113.470000] ? ext4_dirty_inode+0xf1/0x130 [ 3113.470028] ? __mark_inode_dirty+0x254/0xd00 [ 3113.470062] ext4_mb_new_blocks+0x64e/0x4570 [ 3113.470101] ? kasan_save_track+0x14/0x30 [ 3113.470118] ? __kasan_kmalloc+0x7f/0x90 [ 3113.470142] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 3113.470169] ? ext4_ext_search_right+0x2e8/0xbd0 [ 3113.470209] ext4_ext_map_blocks+0x1c55/0x5f30 [ 3113.470244] ? unwind_next_frame+0x3bc/0x2540 [ 3113.470269] ? do_syscall_64+0xbf/0x360 [ 3113.470291] ? perf_trace_lock_acquire+0xc9/0x700 [ 3113.470313] ? perf_trace_lock_acquire+0xc9/0x700 [ 3113.470338] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 3113.470372] ? lock_acquire+0x15e/0x2f0 [ 3113.470391] ? ext4_map_blocks+0x569/0x15a0 [ 3113.470430] ? __pfx_down_write+0x10/0x10 [ 3113.470448] ? ext4_es_lookup_extent+0xc8/0xb20 [ 3113.470480] ext4_map_blocks+0x630/0x15a0 [ 3113.470513] ? __pfx_ext4_map_blocks+0x10/0x10 [ 3113.470534] ? lock_is_held_type+0x9e/0x120 [ 3113.470559] ? jbd2__journal_start+0xf6/0x6b0 [ 3113.470584] ? __ext4_journal_start_sb+0x325/0x5d0 [ 3113.470609] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 3113.470634] ? ext4_iomap_begin+0x5b8/0xe80 [ 3113.470665] ext4_iomap_begin+0xa62/0xe80 [ 3113.470706] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3113.470742] ? __create_object+0x59/0x80 [ 3113.470764] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3113.470792] iomap_iter+0x54a/0xdb0 [ 3113.470823] __iomap_dio_rw+0x6ac/0x1cf0 [ 3113.470863] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3113.470891] ? lock_release+0xc8/0x290 [ 3113.470910] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3113.470948] ? kasan_quarantine_put+0x84/0x1e0 [ 3113.471001] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3113.471022] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3113.471058] iomap_dio_rw+0x40/0xa0 [ 3113.471086] ext4_file_write_iter+0xe0b/0x1990 [ 3113.471124] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3113.471147] ? __kasan_kmalloc+0x7f/0x90 [ 3113.471165] ? trace_kmalloc+0x1f/0xb0 [ 3113.471181] ? __kmalloc_noprof+0x215/0x4b0 [ 3113.471204] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3113.471234] iter_file_splice_write+0x927/0x10c0 [ 3113.471274] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3113.471325] ? lock_is_held_type+0x9e/0x120 [ 3113.471343] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3113.471368] direct_splice_actor+0x192/0x7b0 [ 3113.471394] splice_direct_to_actor+0x347/0x9d0 [ 3113.471418] ? __pfx_direct_splice_actor+0x10/0x10 [ 3113.471447] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3113.471472] ? lock_acquire+0x15e/0x2f0 [ 3113.471496] do_splice_direct+0x179/0x250 [ 3113.471518] ? __pfx_do_splice_direct+0x10/0x10 [ 3113.471541] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3113.471567] ? security_file_permission+0x22/0x90 [ 3113.471594] do_sendfile+0xa8e/0xdc0 [ 3113.471626] ? __pfx_do_sendfile+0x10/0x10 [ 3113.471651] ? __pfx___schedule+0x10/0x10 [ 3113.471675] ? __fget_files+0x20d/0x3b0 [ 3113.471711] __x64_sys_sendfile64+0x1d3/0x210 [ 3113.471731] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3113.471761] do_syscall_64+0xbf/0x360 [ 3113.471784] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3113.471803] RIP: 0033:0x7fe5d2196b19 [ 3113.471818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3113.471836] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3113.471854] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3113.471867] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3113.471878] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3113.471889] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3113.471900] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3113.471931] [ 3113.588161] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:15 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 97) 09:38:15 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:38:15 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x85000) 09:38:15 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x20000000, 0x1) 09:38:15 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = getpgid(0x0) r3 = fork() kcmp(r3, r2, 0x0, r1, r1) r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) mq_notify(r4, &(0x7f0000000340)={0x0, 0x34, 0x1, @thr={&(0x7f0000000140)="7a616ecc447c1fd5a436431bf79e41e1f10e7b76d1d1876d61a8f0f30cfaeced0de52408876ff92a0dd7724b593859e37822c291995865d39e39dafb5b99d26dcc7a7d900d081562f7186c5c0a9d88db59bca4c33da35ef82c985f3cbb74ff77f7cca020a5993a54a0f566babe8229811626c41d16d7b0c94c0d4c4da8a59749a85e76596db3cf882daba81d8778ad0ea4748156f4f2223529bd74333c5e5111d8b8d8ac9a1e2c1a470fcfbe38ce7dfe534903724ea124e36c69623855ed24536c83e1bcf04faa07ed63346ef583a92347bfb8a71aebd932a5181899af1153670506e8a7413231bcbc90", &(0x7f0000000240)="fc30df55152ef36ddd14463ce61e0d7c0a2e181e3ad4434ad2b72613469c814ff7add13090bb28aca60fed1cec5638832b055bfc9ebc6d4a96857bdb8a3ef77037d8f12e6623012c0e0317d62c69857c176d3b91b68ab003a54387532d13a2e9fb754f3ce6590a33b7ffd7d4afc0ad2d789e694a03237a659e1889088fcd2dd4b46deece960d734bd6127fab7f27db802cb5f28d0b62d3969353d8cac4645661563dc8a9f34a43607fa6e0f1787c8a3f9d8ec22a3ccc62d20cb178080cf21365ab6ad9363cf6c46fc66fe85763aa231cfd036d36eda9b33d5dc151abbf41d919a48757f06c18a52e70dfdd45f685550774"}}) pwritev2(r4, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r5, r6, 0x0, 0x80000) r7 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r7, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) kcmp$KCMP_EPOLL_TFD(0x0, r3, 0x7, r4, &(0x7f0000000000)={r6, r7, 0x1}) r8 = syz_mount_image$tmpfs(&(0x7f0000000380), &(0x7f0000000400)='./file0\x00', 0xa9d8, 0x0, &(0x7f0000000440), 0x8, &(0x7f0000000480)={[{@huge_never}, {@nr_blocks={'nr_blocks', 0x3d, [0x32, 0x0, 0x34]}}, {@size={'size', 0x3d, [0x25, 0x6b, 0x31, 0x39, 0x67, 0x25, 0x9]}}, {@mode={'mode', 0x3d, 0xfff}}, {@huge_never}, {@mpol={'mpol', 0x3d, {'default', '=relative', @void}}}, {@nr_inodes={'nr_inodes', 0x3d, [0x39, 0x67]}}], [{@uid_lt={'uid<', 0xee00}}, {@seclabel}]}) ioctl$FIBMAP(r8, 0x1, &(0x7f0000000540)=0x4) 09:38:15 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x8040000, 0x1) 09:38:15 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 94) 09:38:15 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 95) [ 3123.507286] loop0: detected capacity change from 0 to 256 [ 3123.515224] No source specified [ 3123.519685] loop6: detected capacity change from 0 to 256 [ 3123.528783] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3123.547717] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:16 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:38:16 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x9000000, 0x1) [ 3123.586451] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3123.599898] FAULT_INJECTION: forcing a failure. [ 3123.599898] name failslab, interval 1, probability 0, space 0, times 0 [ 3123.601539] CPU: 1 UID: 0 PID: 17814 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3123.601571] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3123.601584] Call Trace: [ 3123.601593] [ 3123.601602] dump_stack_lvl+0xfa/0x120 [ 3123.601635] should_fail_ex+0x4d7/0x5e0 [ 3123.601677] ? __es_insert_extent+0xed2/0x1370 [ 3123.601703] should_failslab+0xc2/0x120 [ 3123.601740] kmem_cache_alloc_noprof+0x5f/0x470 [ 3123.601772] ? __pfx___es_remove_extent+0x10/0x10 [ 3123.601798] ? ext4_es_can_be_merged.isra.0+0x13b/0x160 [ 3123.601833] __es_insert_extent+0xed2/0x1370 [ 3123.601886] ext4_es_insert_extent+0x4d0/0x1100 [ 3123.601928] ? __pfx_ext4_es_insert_extent+0x10/0x10 [ 3123.601970] ? percpu_counter_add_batch+0x126/0x240 [ 3123.602008] ? find_held_lock+0x2b/0x80 [ 3123.602044] ? lock_release+0xc8/0x290 [ 3123.602071] ? do_raw_read_unlock+0x44/0xe0 [ 3123.602102] ? ext4_es_lookup_extent+0xc8/0xb20 [ 3123.602142] ext4_map_blocks+0x815/0x15a0 [ 3123.602183] ? __pfx_ext4_map_blocks+0x10/0x10 [ 3123.602210] ? lock_is_held_type+0x9e/0x120 [ 3123.602242] ? jbd2__journal_start+0xf6/0x6b0 [ 3123.602274] ? __ext4_journal_start_sb+0x325/0x5d0 [ 3123.602306] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 3123.602337] ? ext4_iomap_begin+0x5b8/0xe80 [ 3123.602376] ext4_iomap_begin+0xa62/0xe80 [ 3123.602427] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3123.602473] ? __create_object+0x59/0x80 [ 3123.602500] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3123.602536] iomap_iter+0x54a/0xdb0 [ 3123.602575] __iomap_dio_rw+0x6ac/0x1cf0 [ 3123.602625] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3123.602660] ? lock_release+0xc8/0x290 [ 3123.602684] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3123.602734] ? kasan_quarantine_put+0x84/0x1e0 [ 3123.602802] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3123.602829] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3123.602874] iomap_dio_rw+0x40/0xa0 [ 3123.602909] ext4_file_write_iter+0xe0b/0x1990 [ 3123.602957] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3123.602985] ? __kasan_kmalloc+0x7f/0x90 [ 3123.603008] ? trace_kmalloc+0x1f/0xb0 [ 3123.603028] ? __kmalloc_noprof+0x215/0x4b0 [ 3123.603058] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3123.603096] iter_file_splice_write+0x927/0x10c0 [ 3123.603147] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3123.603212] ? lock_is_held_type+0x9e/0x120 [ 3123.603234] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3123.603265] direct_splice_actor+0x192/0x7b0 [ 3123.603298] splice_direct_to_actor+0x347/0x9d0 [ 3123.603328] ? __pfx_direct_splice_actor+0x10/0x10 [ 3123.603365] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3123.603396] ? lock_acquire+0x15e/0x2f0 [ 3123.603427] do_splice_direct+0x179/0x250 [ 3123.603454] ? __pfx_do_splice_direct+0x10/0x10 [ 3123.603483] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3123.603515] ? security_file_permission+0x22/0x90 [ 3123.603549] do_sendfile+0xa8e/0xdc0 [ 3123.603589] ? __pfx_do_sendfile+0x10/0x10 [ 3123.603621] ? __fget_files+0x20d/0x3b0 [ 3123.603667] __x64_sys_sendfile64+0x1d3/0x210 [ 3123.603692] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3123.603730] do_syscall_64+0xbf/0x360 [ 3123.603758] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3123.603783] RIP: 0033:0x7fe5d2196b19 [ 3123.603801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3123.603823] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3123.603845] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3123.603861] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3123.603875] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3123.603889] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3123.603903] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3123.603942] [ 3123.689443] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3123.776921] No source specified [ 3123.781647] loop0: detected capacity change from 0 to 256 09:38:16 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x21000000, 0x1) [ 3123.784514] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3123.881590] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3123.906591] loop6: detected capacity change from 0 to 256 [ 3123.917489] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3123.975329] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:26 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xd000000, 0x1) 09:38:26 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 96) 09:38:26 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:38:26 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x850b3) 09:38:26 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 98) 09:38:26 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 95) 09:38:26 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x22000000, 0x1) 09:38:26 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100)) ftruncate(r1, 0x0) [ 3133.860557] loop6: detected capacity change from 0 to 256 [ 3133.863868] No source specified [ 3133.879286] loop0: detected capacity change from 0 to 256 [ 3133.880626] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3133.899499] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:26 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) [ 3133.974641] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:26 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x23000000, 0x1) 09:38:26 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 99) [ 3134.005821] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:26 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0xffffff6, 0x1) 09:38:26 executing program 1: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, 0x0, 0x114, 0x70bd2a, 0x25dfdbfd, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x20000) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$NL80211_CMD_START_SCHED_SCAN(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x20, 0x0, 0x30d, 0x70bd26, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x7, 0x34}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x40000) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x3, 0x0, 0x7, 0x7fff0000}, {0x0, 0x1, 0x75, 0x401}, {0x6, 0x4, 0x2, 0xfffffffc}]}) ftruncate(0xffffffffffffffff, 0x0) 09:38:26 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 97) [ 3134.115161] syz-executor.2: attempt to access beyond end of device [ 3134.115161] loop2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 3134.130925] FAT-fs (loop2): unable to read boot sector 09:38:26 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 96) [ 3134.173449] loop6: detected capacity change from 0 to 256 09:38:26 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:38:26 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x85f00) [ 3134.195118] loop0: detected capacity change from 0 to 256 [ 3134.221332] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3134.224625] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3134.281664] syz-executor.2: attempt to access beyond end of device [ 3134.281664] loop2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 3134.284035] FAT-fs (loop2): unable to read boot sector [ 3134.348274] FAULT_INJECTION: forcing a failure. [ 3134.348274] name failslab, interval 1, probability 0, space 0, times 0 [ 3134.350367] CPU: 1 UID: 0 PID: 17871 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3134.350401] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3134.350415] Call Trace: [ 3134.350424] [ 3134.350434] dump_stack_lvl+0xfa/0x120 [ 3134.350468] should_fail_ex+0x4d7/0x5e0 [ 3134.350513] ? __es_insert_extent+0xed2/0x1370 [ 3134.350540] should_failslab+0xc2/0x120 [ 3134.350579] kmem_cache_alloc_noprof+0x5f/0x470 [ 3134.350613] ? __pfx___es_remove_extent+0x10/0x10 [ 3134.350640] ? ext4_es_can_be_merged.isra.0+0x13b/0x160 [ 3134.350678] __es_insert_extent+0xed2/0x1370 [ 3134.350728] ext4_es_insert_extent+0x4d0/0x1100 [ 3134.350773] ? __pfx_ext4_es_insert_extent+0x10/0x10 [ 3134.350806] ? percpu_counter_add_batch+0x126/0x240 [ 3134.350846] ? find_held_lock+0x2b/0x80 [ 3134.350892] ? lock_release+0xc8/0x290 [ 3134.350920] ? do_raw_read_unlock+0x44/0xe0 [ 3134.350958] ? ext4_es_lookup_extent+0xc8/0xb20 [ 3134.351000] ext4_map_blocks+0x815/0x15a0 [ 3134.351045] ? __pfx_ext4_map_blocks+0x10/0x10 [ 3134.351074] ? lock_is_held_type+0x9e/0x120 [ 3134.351107] ? jbd2__journal_start+0xf6/0x6b0 [ 3134.351141] ? __ext4_journal_start_sb+0x325/0x5d0 [ 3134.351175] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 3134.351208] ? ext4_iomap_begin+0x5b8/0xe80 [ 3134.351250] ext4_iomap_begin+0xa62/0xe80 [ 3134.351304] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3134.351353] ? __create_object+0x59/0x80 [ 3134.351382] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 3134.351420] iomap_iter+0x54a/0xdb0 [ 3134.351461] __iomap_dio_rw+0x6ac/0x1cf0 [ 3134.351514] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3134.351551] ? lock_release+0xc8/0x290 [ 3134.351578] ? __pfx___iomap_dio_rw+0x10/0x10 [ 3134.351628] ? kasan_quarantine_put+0x84/0x1e0 [ 3134.351700] ? __pfx_jbd2_journal_stop+0x10/0x10 [ 3134.351728] ? __pfx_ext4_orphan_add+0x10/0x10 [ 3134.351775] iomap_dio_rw+0x40/0xa0 [ 3134.351813] ext4_file_write_iter+0xe0b/0x1990 [ 3134.351864] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3134.351894] ? __kasan_kmalloc+0x7f/0x90 [ 3134.351919] ? trace_kmalloc+0x1f/0xb0 [ 3134.351940] ? __kmalloc_noprof+0x215/0x4b0 [ 3134.351972] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3134.352012] iter_file_splice_write+0x927/0x10c0 [ 3134.352066] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3134.352135] ? lock_is_held_type+0x9e/0x120 [ 3134.352158] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3134.352192] direct_splice_actor+0x192/0x7b0 [ 3134.352227] splice_direct_to_actor+0x347/0x9d0 [ 3134.352259] ? __pfx_direct_splice_actor+0x10/0x10 [ 3134.352297] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3134.352330] ? lock_acquire+0x15e/0x2f0 [ 3134.352363] do_splice_direct+0x179/0x250 [ 3134.352392] ? __pfx_do_splice_direct+0x10/0x10 [ 3134.352422] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3134.352457] ? security_file_permission+0x22/0x90 [ 3134.352492] do_sendfile+0xa8e/0xdc0 [ 3134.352535] ? __pfx_do_sendfile+0x10/0x10 [ 3134.352568] ? __fget_files+0x20d/0x3b0 [ 3134.352617] __x64_sys_sendfile64+0x1d3/0x210 [ 3134.352643] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3134.352684] do_syscall_64+0xbf/0x360 [ 3134.352714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3134.352740] RIP: 0033:0x7fe5d2196b19 [ 3134.352759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3134.352782] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3134.352806] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3134.352823] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3134.352838] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3134.352853] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3134.352868] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3134.352909] [ 3134.416720] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:38 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x10000000, 0x1) 09:38:38 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x86000) 09:38:38 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 97) 09:38:38 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) statx(r0, &(0x7f0000000140)='.\x00', 0x1000, 0x20, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0xfffffffffffffff9, 0x0, &(0x7f0000000100), 0x300090, &(0x7f0000000280)={[{@huge_within_size}, {@mpol={'mpol', 0x3d, {'interleave', '=static', @void}}}, {@gid={'gid', 0x3d, r1}}], [{@fsmagic={'fsmagic', 0x3d, 0xca}}, {@fowner_gt={'fowner>', 0xee00}}, {@measure}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@obj_type={'obj_type', 0x3d, '\''}}]}) ftruncate(r0, 0x0) 09:38:38 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 100) 09:38:38 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2c000000, 0x1) 09:38:38 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 98) 09:38:38 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) [ 3145.828679] loop6: detected capacity change from 0 to 256 [ 3145.836756] syz-executor.2: attempt to access beyond end of device [ 3145.836756] loop2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 3145.840182] loop0: detected capacity change from 0 to 256 [ 3145.841111] FAT-fs (loop2): unable to read boot sector [ 3145.841760] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:38 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) [ 3145.896018] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3145.946031] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:38 executing program 1: r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0xa17e33b45e252d3b, 0x0) fstat(r0, &(0x7f0000000180)) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x9, &(0x7f0000000100)=[{0x1, 0x6, 0x5, 0x2}, {0x800, 0x7, 0x9d, 0x401}, {0x35, 0x7, 0x1, 0x101}, {0x56d0, 0x3, 0x4, 0x7fffffff}, {0x101, 0xe0, 0x1, 0x401}, {0x3, 0x6, 0x4, 0x80000001}, {0x6, 0x67, 0x1f, 0x81}, {0x3ff, 0x9, 0x9, 0x300000}, {0xfc00, 0x80, 0x7, 0x10001}]}) ftruncate(r1, 0x0) move_mount(r1, &(0x7f0000000200)='./file0\x00', r1, &(0x7f0000000240)='./file0\x00', 0x42) 09:38:38 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2d000000, 0x1) [ 3146.001606] syz-executor.2: attempt to access beyond end of device [ 3146.001606] loop2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 3146.007097] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:38 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x20000000, 0x1) [ 3146.010626] FAT-fs (loop2): unable to read boot sector [ 3146.090499] loop6: detected capacity change from 0 to 256 09:38:38 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) [ 3146.121148] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:38 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) 09:38:38 executing program 1: ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000080)=""/192) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x0, &(0x7f0000000040)}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r1, 0x0) 09:38:38 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 98) 09:38:38 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 99) [ 3146.194159] loop0: detected capacity change from 0 to 256 [ 3146.212994] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3146.228075] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:38 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2e000000, 0x1) [ 3146.255240] syz-executor.2: attempt to access beyond end of device [ 3146.255240] loop2: rw=0, sector=0, nr_sectors = 1 limit=0 09:38:38 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x860b3) [ 3146.267024] FAT-fs (loop2): unable to read boot sector [ 3146.293500] loop6: detected capacity change from 0 to 256 [ 3146.317098] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:38 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r1, 0x0) fgetxattr(r0, &(0x7f0000000080)=@random={'security.', '{@&}-[\\[:[$\x00'}, &(0x7f0000000100)=""/140, 0x8c) [ 3146.337838] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3146.410415] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:50 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x86400) 09:38:50 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 99) 09:38:50 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x21000000, 0x1) 09:38:50 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 100) 09:38:50 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:38:50 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2f000000, 0x1) 09:38:50 executing program 1: clock_settime(0x1, &(0x7f0000000000)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, &(0x7f0000000040)}) pselect6(0x40, &(0x7f0000000100)={0x10001, 0x6, 0x8, 0x400, 0x200, 0x4, 0x0, 0x8000000000}, &(0x7f0000000140)={0x0, 0x100000000, 0x0, 0x7, 0xffffffffffffffff, 0x40, 0x1, 0x7f}, &(0x7f0000000180)={0x8, 0x81, 0xfffffffffffffffd, 0x9, 0xf9a9, 0x0, 0xffff0000000000, 0x100}, &(0x7f00000001c0), &(0x7f0000000240)={&(0x7f0000000200)={[0x80]}, 0x8}) r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/vlan/vlan1\x00') ioctl$INOTIFY_IOC_SETNEXTWD(r1, 0x40044900, 0x4) ftruncate(r0, 0x0) 09:38:50 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x2) [ 3157.595749] loop6: detected capacity change from 0 to 256 [ 3157.606453] syz-executor.2: attempt to access beyond end of device [ 3157.606453] loop2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 3157.611014] FAT-fs (loop2): unable to read boot sector [ 3157.613054] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3157.633668] loop0: detected capacity change from 0 to 256 [ 3157.644176] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3157.695672] FAULT_INJECTION: forcing a failure. [ 3157.695672] name failslab, interval 1, probability 0, space 0, times 0 [ 3157.696827] CPU: 0 UID: 0 PID: 17952 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3157.696849] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3157.696857] Call Trace: [ 3157.696862] [ 3157.696867] dump_stack_lvl+0xfa/0x120 [ 3157.696889] should_fail_ex+0x4d7/0x5e0 [ 3157.696918] ? jbd2__journal_start+0x193/0x6b0 [ 3157.696933] should_failslab+0xc2/0x120 [ 3157.696954] kmem_cache_alloc_noprof+0x5f/0x470 [ 3157.696972] ? lock_is_held_type+0x9e/0x120 [ 3157.696990] jbd2__journal_start+0x193/0x6b0 [ 3157.697007] __ext4_journal_start_sb+0x325/0x5d0 [ 3157.697026] ? ext4_convert_unwritten_extents+0x190/0x580 [ 3157.697044] ext4_convert_unwritten_extents+0x190/0x580 [ 3157.697062] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 3157.697086] ext4_dio_write_end_io+0x13a/0x710 [ 3157.697103] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 3157.697121] iomap_dio_complete+0x14d/0x9e0 [ 3157.697144] iomap_dio_rw+0x73/0xa0 [ 3157.697163] ext4_file_write_iter+0xe0b/0x1990 [ 3157.697188] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3157.697203] ? __kasan_kmalloc+0x7f/0x90 [ 3157.697217] ? trace_kmalloc+0x1f/0xb0 [ 3157.697228] ? __kmalloc_noprof+0x215/0x4b0 [ 3157.697244] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3157.697266] iter_file_splice_write+0x927/0x10c0 [ 3157.697292] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3157.697326] ? lock_is_held_type+0x9e/0x120 [ 3157.697338] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3157.697355] direct_splice_actor+0x192/0x7b0 [ 3157.697372] splice_direct_to_actor+0x347/0x9d0 [ 3157.697389] ? __pfx_direct_splice_actor+0x10/0x10 [ 3157.697408] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3157.697425] ? lock_acquire+0x15e/0x2f0 [ 3157.697443] do_splice_direct+0x179/0x250 [ 3157.697458] ? __pfx_do_splice_direct+0x10/0x10 [ 3157.697473] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3157.697491] ? security_file_permission+0x22/0x90 [ 3157.697509] do_sendfile+0xa8e/0xdc0 [ 3157.697532] ? __pfx_do_sendfile+0x10/0x10 [ 3157.697549] ? __fget_files+0x20d/0x3b0 [ 3157.697574] __x64_sys_sendfile64+0x1d3/0x210 [ 3157.697588] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3157.697608] do_syscall_64+0xbf/0x360 [ 3157.697624] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3157.697638] RIP: 0033:0x7fe5d2196b19 [ 3157.697648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3157.697660] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3157.697673] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3157.697682] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3157.697689] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3157.697697] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000002 [ 3157.697705] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3157.697726] [ 3157.749230] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3157.803095] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:38:50 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x30000000, 0x1) 09:38:50 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:38:50 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x22000000, 0x1) [ 3157.837512] loop2: detected capacity change from 0 to 256 [ 3157.856118] FAT-fs (loop2): bogus number of reserved sectors [ 3157.856591] FAT-fs (loop2): Can't find a valid FAT filesystem [ 3157.875471] loop6: detected capacity change from 0 to 256 [ 3157.895655] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3157.907488] loop0: detected capacity change from 0 to 256 [ 3157.936359] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3157.950730] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3157.983742] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:39:03 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x23000000, 0x1) 09:39:03 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x31000000, 0x1) 09:39:03 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x3) 09:39:03 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:39:03 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100)={0x0}) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r1, @ANYBLOB="08000000000000002e2f66696c65300098b1b00c8b0e2a54b8a4c79224468af2993dbd8a5d159b64ba9b1baebdc14d2bf3756715dd6c2992350a7fa4e108e45bdc50900fedbcc30bce5e6b559ff4727876b876dc654d4fe6b0dbc52267c7a0ee617529f60efa20d8bf"]) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={r3, 0x2, r4, 0x4}) ftruncate(r1, 0x0) 09:39:03 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) (fail_nth: 100) 09:39:03 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x86f00) 09:39:03 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) 09:39:03 executing program 1: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x4) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r0, 0x8008f512, &(0x7f0000000000)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r1, 0x0) [ 3170.774527] loop6: detected capacity change from 0 to 256 [ 3170.779453] loop2: detected capacity change from 0 to 256 [ 3170.780627] loop0: detected capacity change from 0 to 256 [ 3170.789597] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3170.790717] FAT-fs (loop2): bogus number of reserved sectors [ 3170.791351] FAT-fs (loop2): Can't find a valid FAT filesystem [ 3170.797390] FAULT_INJECTION: forcing a failure. [ 3170.797390] name failslab, interval 1, probability 0, space 0, times 0 [ 3170.798323] CPU: 1 UID: 0 PID: 17981 Comm: syz-executor.7 Not tainted 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 3170.798339] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3170.798347] Call Trace: [ 3170.798353] [ 3170.798358] dump_stack_lvl+0xfa/0x120 [ 3170.798378] should_fail_ex+0x4d7/0x5e0 [ 3170.798402] ? ext4_find_extent+0x7f5/0xa00 [ 3170.798415] should_failslab+0xc2/0x120 [ 3170.798436] __kmalloc_noprof+0xb4/0x4b0 [ 3170.798459] ext4_find_extent+0x7f5/0xa00 [ 3170.798477] ext4_ext_map_blocks+0x1cc/0x5f30 [ 3170.798500] ? unwind_next_frame+0x3bc/0x2540 [ 3170.798518] ? do_syscall_64+0xbf/0x360 [ 3170.798533] ? perf_trace_lock_acquire+0xc9/0x700 [ 3170.798548] ? perf_trace_lock_acquire+0xc9/0x700 [ 3170.798565] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 3170.798588] ? lock_acquire+0x15e/0x2f0 [ 3170.798601] ? ext4_map_blocks+0x569/0x15a0 [ 3170.798635] ? down_write+0x119/0x1f0 [ 3170.798649] ? __pfx_down_write+0x10/0x10 [ 3170.798661] ? ext4_es_lookup_extent+0xc8/0xb20 [ 3170.798682] ext4_map_blocks+0x630/0x15a0 [ 3170.798704] ? __pfx_ext4_map_blocks+0x10/0x10 [ 3170.798719] ? lock_is_held_type+0x9e/0x120 [ 3170.798736] ? jbd2__journal_start+0xf6/0x6b0 [ 3170.798753] ? __ext4_journal_start_sb+0x325/0x5d0 [ 3170.798770] ? __ext4_journal_start_sb+0x1e3/0x5d0 [ 3170.798787] ? ext4_convert_unwritten_extents+0x190/0x580 [ 3170.798805] ext4_convert_unwritten_extents+0x1ca/0x580 [ 3170.798822] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 3170.798850] ext4_dio_write_end_io+0x13a/0x710 [ 3170.798866] ? __pfx_ext4_dio_write_end_io+0x10/0x10 [ 3170.798884] iomap_dio_complete+0x14d/0x9e0 [ 3170.798907] iomap_dio_rw+0x73/0xa0 [ 3170.798925] ext4_file_write_iter+0xe0b/0x1990 [ 3170.798951] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 3170.798966] ? __kasan_kmalloc+0x7f/0x90 [ 3170.798978] ? trace_kmalloc+0x1f/0xb0 [ 3170.798989] ? __kmalloc_noprof+0x215/0x4b0 [ 3170.799005] ? splice_from_pipe_next.part.0+0x165/0x510 [ 3170.799026] iter_file_splice_write+0x927/0x10c0 [ 3170.799053] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3170.799087] ? lock_is_held_type+0x9e/0x120 [ 3170.799099] ? __pfx_iter_file_splice_write+0x10/0x10 [ 3170.799116] direct_splice_actor+0x192/0x7b0 [ 3170.799133] splice_direct_to_actor+0x347/0x9d0 [ 3170.799150] ? __pfx_direct_splice_actor+0x10/0x10 [ 3170.799169] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3170.799186] ? lock_acquire+0x15e/0x2f0 [ 3170.799202] do_splice_direct+0x179/0x250 [ 3170.799217] ? __pfx_do_splice_direct+0x10/0x10 [ 3170.799232] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 3170.799250] ? security_file_permission+0x22/0x90 [ 3170.799269] do_sendfile+0xa8e/0xdc0 [ 3170.799291] ? __pfx_do_sendfile+0x10/0x10 [ 3170.799308] ? __fget_files+0x20d/0x3b0 [ 3170.799333] __x64_sys_sendfile64+0x1d3/0x210 [ 3170.799346] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3170.799367] do_syscall_64+0xbf/0x360 [ 3170.799381] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3170.799395] RIP: 0033:0x7fe5d2196b19 [ 3170.799405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3170.799417] RSP: 002b:00007fe5cf70c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3170.799430] RAX: ffffffffffffffda RBX: 00007fe5d22a9f60 RCX: 00007fe5d2196b19 [ 3170.799438] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 3170.799446] RBP: 00007fe5cf70c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3170.799453] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000003 [ 3170.799461] R13: 00007ffe6b271faf R14: 00007fe5cf70c300 R15: 0000000000022000 [ 3170.799482] [ 3170.826417] EXT4-fs warning (device sda): ext4_convert_unwritten_extents:4936: inode #16043: block 32: len 16: ext4_ext_map_blocks returned -12 [ 3170.833634] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:39:03 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) [ 3170.915053] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:39:03 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x32000000, 0x1) 09:39:03 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2c000000, 0x1) [ 3170.921261] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:39:03 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000) 09:39:03 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x6) [ 3170.985210] loop2: detected capacity change from 0 to 256 [ 3171.016679] loop6: detected capacity change from 0 to 256 [ 3171.018929] FAT-fs (loop2): bogus number of reserved sectors [ 3171.019839] FAT-fs (loop2): Can't find a valid FAT filesystem [ 3171.028036] loop0: detected capacity change from 0 to 256 [ 3171.031458] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:39:03 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x2) [ 3171.047604] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:39:03 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) sync_file_range(r0, 0xe4, 0x5, 0x7) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r1, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r2, r3, 0x0, 0x80000) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r4, r5, 0x0, 0x80000) r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000200), 0x100, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfb, 0x400000}, 0xc, &(0x7f0000000240)=[{&(0x7f0000000400)={0x1310, 0x36, 0x20, 0x70bd2d, 0x25dfdbfb, "", [@nested={0x18, 0x2a, 0x0, 0x1, [@generic="96b5615e5eef7e1f4070b31cd677e955f227c4cd"]}, @nested={0x1111, 0x0, 0x0, 0x1, [@typed={0x8, 0x3, 0x0, 0x0, @u32=0x2}, @typed={0x4, 0x81}, @generic="d82ba38591df9ddbfd6b5b31ce52e9cc1e4a7c48a9a75ceafaf01d6edc37edb154fddcb9af18d1868d44abc8ef966f69e7a5d6e758a64ef659c0d9d7f483a2a685d93c688de19b69b75051a174d6a7076b18a904328afc503d81ee18e8ab78f9ff42a8b4580d6488dd720dae9ff3bb61c98ad0edb1e2c87ea3a8cfd2b97ce39c10d827fb97cab1f47a78cad1ace6c1a9c3cb7c88f7d5552ffc9af332860b8ba76b0e985a7bde625c9ab7e866dfe7f86cac3e8ec74ec94aac337ee3fe88dcf2aa20da5b3f279dcc50dce34c85b15ac7dd9bc04af1d44dd1520167462b8f1fd6d9e520cc1b6fb315abe8150f544c8cfc8beb86e6e1344b0e163596eae067e5bd6dec0f68442fe82f3e8b86a4f265dc7637f5c53b9da7a6f299daa092682ca47054f43d30a794f32aaabc642d44ed4631caf52d7030b02f02a483ceaf7ecbbdf1351a7d0729615dcb87fe3f8fbcaacea361a5c1aab552a69fcc192141fabbf4caf64f06eb0771656e7ee16461ec16be91ef31f8fc35ed284ffb17786d4614835391b74da9c8c42f89ab44406a47a62bd858862e495f6fc6c5e53d9c95ae66ac5ed517b4dab416cd118cc8bdefb52c79ec4a2955d2ac25d0dc9e4365e7f652fb01fa078c80d335441a1f287cc8ea19c87d7f92686ef25cbc8a4ef7ed81fe6d6693831e97196a6b60eec3a91269276f818fe5d1c699f4f3d41815f26473d9233211fc3aee99f253372ffb83e4846049b03fac90962f13049546cab18e9d0406fc91d79554b5babce716a5b5b0177bbd1ecc35229c61faafd2bf1e30227c58a61538cf83f1e627a72a8490de5303b055b5b9403d5181c1a72470132cbaa28dce62e47b8d48473c95ef819d387453104ca5c0e841cc4f95afce4f696fffd23e240370e6ed0db1ac4dbeaedc3fc2415cdd84ec3a378e34016e1226e26b1d175ecb49d25d31c396d6410a307c358e3d09840db4c9eec0b90c3f131e4e0eb7d6d860a572ec8cd10a2aba8a59ba10511487ea0e5cca84d87932b6fec2bec7f74e8166fc648e58ba6305bd0db005c7c1bf2de42e10574f9a201140c08fea5d9c45f032fb28faf36a2014d25530b2ccdacb53c01c9ebd3ac8b6e8bc9de4637966e30c3c3c5b5f87ecd556b1d1e522adfe134e5ecdda2c98df458a088e3a180dfcdca79b94f7b155efb7d1adc57ea7333f77c9e4a2a0245669d31a73b641ba27c9346a951322a550a596b0aad762fb9ad1ad08694599da41c9e5eee287895c3dcadc80b5bdfab5257173e389da790ccd9c44c08455cd65135e3d61db506232aaef410d1aceba07b83fb7965f3a992421fbdac22d6eaa771fdc79e87ce0d74a9e7789f8fe4f0404cfdac82b72ad9200b36fa3ec97f294a3e48807f753098570337e97280b3da014172ea03e613fa907fe323ff5ad3f55ebbca11ad3cc82f2eda15c7025d94203270c294f37de514d58a84d5171691f45514fc61646e5aff47318b4d11e4ec116a64aba9bec2cd7bd0cdf4251fcd4b9bbeec8f5df32133b20dd102efd80b4f151f8c4b24ab0ebf651e42b77234b282a79c978eee4aaa5c5da700ca7199bfbf69eda13f05c2652a3b2c49fab297d1bd5c0b33c7fb99b45f0a1138a37d5b304fb1d2e2ff784a2d6f92d3e0c55459a9e81f21c51876b23b648f8a92f4af4ead5bc245157f986e58c60e04185ae9f96c2d30ff75839015fbacf4ec6dfc489a82412ea37bf66190ed8fe7e0fbef288d69dbf3745d01e6f78f9c21601ff85adc7f007d882b1963555b602e6c53274da75acf778d7a24c2f0f508821152516910b3e7f9c87ae52785cdefdff287cde66f5328e0cf1e7c5368e4bfda05b0f7e25b216dc0bd12359f0d1d03e6a04c42d3cbb2cab8c9b7ec3ec52eaef9584042dc4b7f9394714a82cfa9c3fc340e79ecf5ce1aec449a093e4c38a717be1af807067554651246d339802b600d678a74bd8fad9b79ab4d8a2c9d819c436062b2b82b766b97634479f12d66a6d2b134e129d863381de28b50e75818c3011123a3be9fde02e9533470c095919e834ef2ce9a613d98c75e17bbb2a14fa9ccd1b070ab91935aae4795f9defe9ab361dcbe8978ccdf3edbded2c01a554fc96625bbbda9b723d9397745db64401f85272cee49d4345311dbe6cece1eff811a5193490b57381f44467fe30165ae38f49e9ad4311ffd8be79e8f7bc63273bf53db5479d9f05d764443692dbcbb0f0a93cddfd53cbb36bbca5ab80f05a2b5144da56ae9d825c5647f8cdbfa3c91e014e9294f693b6432371f74e2403b6c3ffc71f32b1e1440ef43624b2ec55cae21ca2dcbed389fcd2e2d1758ba3733349dfe766f44a905b1cf6499ace40fe923eb605f08142e56e7c7f8c1f7564fd3c7f44e9a58d08247d0f1d3b25d2d7ec6758266c8382f53db15e34260aa85fac36f0b3fedec3a5fcd302420fd02a50f46b1750669d4e92bab23437340a6a98b5de568b2f9cd83055206c40d1ee0bec1d2385482bf5c3a167111f3510bf86b4c6e42267b8414b1bfe2e922d1aee410fc4e567d58471865ab93e540a44c8535e576917ba9e5f97b08c089aa7fdd16420b7227d3514f4bbc5058f27db74247b7b62fa3b28e96b53dffdd8797b5bc37e2e32878f800746c01be1115dd2033e70a462f0f92d52d7b4a91baa474e61f194d5d2562e20ddc41e5b2dc0ab0427c431a3d41a0071679f7c1ae3082185f9ad815dc7cd241baf25d0f90ebd97d723f52669bec27f91a0f485064713323478c5678a0d29371b84ace675a7f3d9f1cc006e726ad12be398e7643276ae19b47b772f16924538a7b4d5566af0d4cedbf9a98402f2be4430159da37abd3d6a9af0ab3fb238c8b5c0f85baf2742f2a69fc1b016c0fa92a511793c07fedc510e0064a6f3cec0cf3e3b50ec317705a5426cba90d0bdcaeefa6272528d8d6573578ab52842b3fb4752c2f1bb2a804719d58d95babf90215c7779cc764f779fa102656f0c98d932a7fc347b5c3a377c401eaa9819306a0f2180a025207a51d0559352166a3da1bbbcd388773c84f7bb1a8206c84ae85039f992245d930bbbfb32970f485e560c6f840ba9ad449cd0e59673dd2aa42e72b7f21e68f506d46d7b6b13ded0f0b5ca33ddc4cd2334eb19bc8b36a42bc7e96b40d128fe3ab65dc7b9b6e80f167eecc33c4dedcdbf56bbee2e4990ea29071ba349dc24200da81fe6c50dca1776c8ea83953174492196e088e93abcf6ba660f3cefb70c9e668563d3a45210e1c59387032853b81294fb3245b03a85350a0d059f04b1833c1a13912d4b08e7523ce4e0c428e23e61ffc1e547409aaa8c951fc0f89251d2815fc9eb80a0b359a77ca1a7dcb4a6a4a36e9017b788bfd71225f5c15fbe550eb475c67838660f6e3999da29f45077f70512ac7a3490255fd71a6ac8940ad37671e70fec11ff56c280d82d6b9f72b62fa6181858114b230e0b34c4dab907abadf415002499a95e12cea1a9d360f9467226afb622b57fd93d161d419517ba2c0b16a4d7de06c304da9795bf9cbcc16ff106c359128a8864ba0fd44722c0de3dbe556c3c719ef650ce8998aa64e2706ef7d446dea12da45de5ee0c9d32a94514c2143ea69c279c1b6e35bb22f01d6627d2904b4cfa0bc77e43dce13406f2d5543650f9f92ea8f3c9ee01ac3a2398e43d583711707d820119e4e0fcc0e7d3826c1353fea23ca284aa349b37d4d2f8c04712cbdc0ef02e7346531b579361a16e5ab81ddf768ef30897bf3cb918c3812efc905fa1a63e7ddda97b29ca6997f4e24ad969579f39e0a7e8b014005c1dc4db5d96672c128f332ad5e4583b97be8dfcea2ffc1d688ff8b24d887d18cc9d0c6004df28514f38a0dac709abe8d213e28279e798462908f20a132b54805ae251d48eb5825329cf9921460ba2e27e0fd6b654934f99ce140dbd1f74036e2a549245e9e76b9a090c5735692ef92ec61d1cd48fd7edda1a4c1d99b73bb5dfc16865860ae2e64929c059b2d2bf99fca58d31ee8e260d47a814b4c1b08e5a5bcef7433fc321f5a7b4e75cf184b41809c8dd6d74085d66df31574390cc315aa9e6437c05f7b634eade2b25dc41a1ef024711c2afcce5785140e29581832819aedf968af4276c4d1912bc3f2e8eccca49beb7c832b139aa7233d38985c4fbb70daa2ec0d621abd82b3de77a7a52754534c154b016aedff531189230e7847c60f9e2737234a08d9e8c351f18b78a60ad72d92b5b626fb855eec9879eb04900a38511c66359797efa44c15d99186aea45be49efed244bff9c913f3aceefe4c6e4d04d1d828ce6fbac67f2df6030cb2ba8c748e45b3df2defc6cbea3b5b64738cfa20126166347b586a4fcd0ccf6d7ce58f674d82292912187bd2730835e8c6a555999624fa0e095e96659339c197bc062a17d8ed580fe188e321953deacc00d4cc36eaa4ddb6cdca344815ffba075bb3df8db8f8991c80bf4db8706c7414b765c11f36477e9825d30c44c4baa14c4600a4db5d16cde2b78654647bbaf091d8f79046c569c058be94b1bf0b5d5a269a5f778f57eb12cea75aa7b67df6b25afedac1a07ba14f72879bb04224706773b9fd3f45b83e1cdecbe6d151b2928af77c619c5365b5a57f2ce59fb2d4665472b72cb0d1d05a9ad33e3d6997ea10581c87feba2dc0dcb4abbb32caf217365a4d33c017b8eda1a6dbce21814f7eb92aeb9484375645544601d1a2f4ba45f7e7dc0f320a1b5e4a8904ae0fbafadefdadf212b4fb3d9c5adb0471474b08cc152c96a2f4cd3687018a3332f2fb77b66f1bb8e7e2e8df50fd3bf686ab2983e718847dab93c13e08a7fdcb259b7be919ef8b3dc2a9aff6040169373ae551e9be0b89a01e473029f2453060f8fa4d9d8000d5aa31ebbd845f8112f0020201a2ea4ad33bd359941e1dacba463f1c97c723446a2d4c44edebc7184a8e31f5f88a78dbcacc69feff42cc96ae1dda0cbfce7b7c88a9f544eb28be678093939d880d15b57b67c410fd77dff8e0c909d408ccfb6cc2943e380753bdddccb590b0e1380f91b57f60eb4acf78c237929b0e44541515bea203436e3ee010ebbfa5a6f4d340fa21c0e66bb1da1c0b7b4187209f8d3430fc87e63793268183e220f4525bd0d460845ca67ea98a2c6eaf8b0e4a6b3eb5bb036904eff99f1ebfcff9ee0972297dc96bce637467671514dc69d64d6703bf427d080aa5b3e39f7edc79238feb38e5d95d08234210ed883d2a7b4fb6c7c4f1f3f4504563e0c64eec4349cf8f6fe0d741a891a05c039671a7910478f52396d0c506d410af907ec2fb5378107364adb6ed4bb5d11bd296d45034cb4d8fbe78f6ece082323b0e359a4b2ec3e0e65174891cc8deaaaa20384f7c5a3819f801f3b81647446f6457c2e190519f5dbb83142a55936cf3a5b75f4ec0ac640048776f3ec1ecb45a328bb660c844bf3e5b5068d47c8968af4289267d0cefb7968708b765cbf19e3282cf278fc18aa82726d363f388b3b3b4971963712c67106e5dfa35e12c8d0c4b50ac6a56d10a5abdd93c7275000847391c98e740b58b9e2b7f58e0d298a4f052aacabccb6b16ae1ccb07bd0ba71e7c3a14c1122e28738a78ee8aba3693cb7fbd1e8fad485341abb29abf93da1e9a975502aa67c7d92f864cbb07164fe30a8084993b5493bdae17afa2791aaf5542b267e1dd9926b0c689139c5c7e9d322b0e6f7101e6a83d977fb09f697c74708cfed96254f07acabc27ce3e73d1755ec6faca683e7fc9626c5c4a1b9aec3e8b522aadf372756f9be680bbe572b6589472dfb1e1817e77894ee", @generic="2e03b098e46a35975584d0ed61ecbee19cbe55d268ebd9a7b378dfda083552e841e6ce123b5bf200aaf10708a848c3ff3ded0b62ce1ebbbeac7413dd207d14f95f9d7a6abedf79610153c9e73a568f22d519823b20b8aa74b88f83c753145105299daf4699b6c0474e6b836acadcebc584bedf82ef4b3cd3b52a6004977dcc4bf6f1abaf071ee6698ac0bf7d", @generic="dc9655eed879f775ea1b92797c31d8fbed474dfbba16df4ebf050796017746516b6385d2c6d4d682bc57d17f329ea18fec54257ea3a4e50706e9a13d2b8e72688546b6068d0c262ba38a3ecbe147bb72e2f5b232df06756ce0ea0275a66e5417db", @typed={0x8, 0x90, 0x0, 0x0, @fd=r0}, @typed={0xc, 0x4a, 0x0, 0x0, @u64=0x100000001}]}, @typed={0x30, 0x26, 0x0, 0x0, @binary="6f51d62a2d8be3bc128edd2baa3d835ba7b57123c34b435931a06f2ec3f721fd8401f442e2464231097a30b3"}, @nested={0x8, 0x50, 0x0, 0x1, [@typed={0x4, 0x83}]}, @nested={0x184, 0x7d, 0x0, 0x1, [@typed={0x8, 0x42, 0x0, 0x0, @pid}, @generic="0ac7f1d20a7d5c70a908b97c73bc29ac0ff7d16528c1922904e755724c0ac1035e27eb325ee8cd8afb71d84bbf408cfa8cbcb900e344f6cc3b1df6ba89762293df3959b8da2c8a3a90bd62369f75cd02db6ed558e7b71d61c3e7a0b0025d50d22007d0c445136be446f3e2dbe74f08222926dc5621687ba8861d0f407d754a7d798f6274c2793509f206bceb2a9c50d7b20a3761c052bd784f63a5a1a5522d6a1f9da4f93910578fee8019fa90639675d9c2d10247fd6164350c786ded3869c7c528815f2cbcdc2c5acb2a743e4f2292182c2e", @typed={0xc, 0x7e, 0x0, 0x0, @u64=0x5}, @typed={0x9, 0x53, 0x0, 0x0, @str='\'#]+\x00'}, @typed={0x14, 0x78, 0x0, 0x0, @ipv6=@mcast1}, @generic="f76a481ea5114f1f76bc0d2473785bed1e2affd8df0bbcb8e468428622752bf67f7993e2ee3e46b0eef728aab771028087db660f2783ddce097b8b1b9fe505c649d8be403ef036a777802b3b6c695585df58c29becba574994b4b7b1c019a778476c649984019c4101b23242aef9ba360f0e2abf28539c72d4"]}, @generic="ff32a24ff8c200165166892f71aa60d131a33978f035"]}, 0x1310}, {&(0x7f0000000100)={0xec, 0x31, 0x8, 0x70bd27, 0x25dfdbfc, "", [@typed={0x95, 0x1, 0x0, 0x0, @binary="1f8d1dd259c1cf6ec50fc6940fcfb3f797a9ef02f17734a146cdd06055a1a8cbfceb56f15627a853702bd5e0e8ac5c937be73ff13fbf0d6905c8890e8ef1cac58cf0519ce851b177a57e6a56525021b4a9aa03c7f9c33654ab6309c96a22da6321e637d7edba2bc84f938624a0e78a0c325b02f1612ffacb8d6a7c8574e133e6334726ea3d14c027f00d38d4365d1ec399"}, @nested={0x42, 0x21, 0x0, 0x1, [@generic="7e32ee509401147cea72999b0d240c24697ca6934fcce3e96acbfc240b8e6d3947309bcae3c0", @typed={0x15, 0x69, 0x0, 0x0, @binary="dba8b19c2da08cf64791a74ad69e337fa7"}]}]}, 0xec}, {&(0x7f0000001740)={0x26dc, 0x10, 0x800, 0x70bd28, 0x25dfdbff, "", [@generic="d3075fa62e8bdfe4e50f991c80471b3b0478b71682803a6c04ce4ab32764b2c9f11a96317602fbf3d6361b88faeb8f3700e35eacefdb7810f20954a910f486bc6fce3ad5017c7c2a348d5218d2fb140d8ea3ff4a95cb90a04446c2d63235b982e8873901ee6a1b07d4c0db7f3210ef552c6fa498766ea58646a0e717655815c29f9151b6151e99fef473d90f7917b3c4fcafff1d56ed70d6152de17244c16169e44f2546fc5d13cd", @typed={0x14, 0x21, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0xd}}, @nested={0x1256, 0x82, 0x0, 0x1, [@typed={0x8, 0x61, 0x0, 0x0, @fd=r1}, @typed={0x4, 0x5b}, @typed={0x8, 0x38, 0x0, 0x0, @uid}, @generic="01d3c37cee", @typed={0x8, 0x10, 0x0, 0x0, @ipv4=@broadcast}, @typed={0x61, 0x17, 0x0, 0x0, @binary="6da18ea729c0e3516c103d463ae8ed38dba1f449ec2328cacce98ddf0607e6a03c294d257f0c0f4b75547380a311504ce596f8ed853770160d4ac1aa247294cb83d39e6a945a647e8737ed35c4c8a96a5bc8b5579a578f12e603c016cc"}, @generic="45848122cb39012de0d95625667fc7681a604407e95e8ae5c475f7cac92b697b1a5670a70e2480bf30a96c08f7b5144858efb11e3876ef2be009b4eacb851cf3d9d9c0a50d5c36ffe501e9b189df2143de781bbdb07722094981e90626c5c9ae479f62f928dbcdf7b1006464077a5bc6a99dea95217a02a3478b1ca88589d8ac414f72b70d17e8fd17567c2664b6d1fdf7ce0b5c57feaf1b512ceddb40d53b8dae5acaf76cdb72286307437caefdf997d538d00bb9f0a08fe59582056b29663ddf18f21738e26eff4d58b6cce6c0cd638e497a547fc395c11bd5489bf91fedf59e1b101755fc1de3de2b6b8ecfcffb8bb4ed1494d0825581a05d297a725b755ee7cd9d5283e81d1f4811b86591b9252404345ffa32be4256d6f0cedde1d54d023d1cdcc0311debdcfd97710cd858ce69c5af210147526b429662de258adf3d4e494759cc260d37cbaa1219a33ff7f5c08c4f48652b53fc1d164b59ff73287072f9f497b5bca4eafb18c3989dca2375c9cc9e8cd3cf3d08ae6af6c2c6cdebca810ca6fbfd636523356a762bd976e5dc8dccffd2c2bab1faf88699e490ba3c18c4a5d34b9c4b192146c742938ab5e1e405b94a64e22b0fedc47b7da12bbf521eb2ca8a33cddb6ee797aa799d216b7ecfa98a8a01a183906775ae91d302d1e89491df7c6731d2ff4adeeeeb7d8a9776d122ad292db2f66c837c75bdacc9fc715ea2b475d06600e1c09cbb894a6156144fbe4b0af5671e6d76fc2650f858a2bb074aa31144aa6f8632c3f9e8411ac277cd3a88748cf3ce7cdf9601702c3c8fabf639fd1f14a0887f40a1065e0c4881539594e9a1d76bb329cd4d98806cd2e604503b450d72149f2d81dcf76d70bf7e3b908bd33dfb8013468aaf70108d62c8349e90203c459bf84ffd3957d6feb97ce2342370bec534745390033e1f60f65f92d9b5678ca4e01ef0b1dff9704a6d6fdb7ff73dc191fb146d226ac7b048ba4f7f902ba51c438cbdf8079ec5dfe1a8a51b19c84fb41f5447de122e22c62223ab432a10f8fd420eb96c8d7fcc2bb837b9a2e68b60ead9bf2f811b9b0bdbc6bd5fd2047f7c7720998e6995e683b8395ac7f50834da84808956a170a5313e8eb58abc512fd73e222e4a8d6cc455dc1cde18701f95941e65c36e04484e9842833a39b06d6c55988ce2efeb5fbdc16dfefc0b8b36aa2612b4e523de00e0fe30d97fa4f7b17d6186f35a54d049165e50e6fe8c0c29546fa508a5d2e18457cdc54a5295cc3dcea7b0fe2c9dfe238846e11d66ba969d643f413d8dee6391949c36fc8899b9307d6ac98aeb41ab1e3b1658c3a0ee54536505aff2d0331a0ec72b526fbe96df4e79ebd4764da0ff693b2d604d13ddc4485cca31ef12cac6a6719587a6af94709c266e4bb283ba6a147da54ea0980888d0f710cbbffdc0b3641418b0bb7374d2678b5fac8624d850c7e2de9f657c9f44d8bdc9e15a4ba97b2d106424e4f9ace5a8d2be0e515cf83d381b1fcf60f9345a65dcb9d8dfa5beb1021a5528deeec7ac02fe12fc4f37c3b9e3363916cc1bb00ad31a95834b824e7367d47b6d36fa6d6a2deb1ff678b5c6e37bbc6948912f93f4b5fd8857ee12c8cacc6f6656a889ba9357cc66b350772c05a47e400edf0dca6206c54233a3cca87c9525f8731ead12b0cf9b8454e1c60c2e0498f3a87f7ddb2f4d191f41353d150ff9b6bc822aa9a43e8f987377c391fdb4f705349b12eef9276b21b6e75489942aaed94cbbc215487c5468990fcde762c700fe4893412291c8930de4347f26d64b6e529d0644ff2be13e3783b4abddee71935d84631e2a4ef4c9a54cf0a89b91fabb8f922759b5fb2f707dd90d6e1844b01af3ef45cc8a15c6aef887de63993b0b6c5be241f20b3d5f6b5ed9fce798124c30cf460e5f9791ad3863e8ebbb7fb9df54ef1200d32ceeb58a4f92b61ddaebe359eb8db5c7fdf0769e0870a080ce563789adfbf8fe1cece5238c3baa8538a0348e214c8235c1f9d929ebebcb77bf7c74533cc0c44918bd37cf5c5ece1693b8083a5692f66f2938495bf5ad393905a50d0f02c8cc2724748dadaea0139c890d5e255806a381b6b5ce93ff3e7b1c9672820cc5cb7feda7ba37f512d1b513f288b7b3f5bb69227dace6e194aad79cbb4bf45b9c35441cdadcc246fdd66f1fc1d2f48684ab60a633547e4643e77684dff8fc39beb0f421b50a9d6db57ac33d499afa36e9efe03b377a438c3aafc91f38deea22af7a96f561fab1ed1d4339611d044f8911a983dafb940e567b2998f9a74c7660497f0181d36af838970f6f1093cf81c1338e787c7371c6725431ec02c65519f4bd1071af74e398495c16c2fd790c8f53a97c5bf2327651c1dd651b5044eaa34fe4492b71fc6dfbd73be83a033b7860ab8d528ddffa23905264dfaa5164061fddb6c4c9f1dd9466347bec25ee00e921c9784b5afcba182a8a35068e256454dace8caeae2c3b4a0d9af9b38ef3489b17004cd3aa8cb80ac1fc38467581bc6f1dddab68d917342d7c8165e98c9ea8ea4f8c4f44b5c2f70a29db653f0cac34d1cbaa4307d5094b72e416babbab088294f0026e59c3e31bdc75be249ccf4dd17448d482a5b2f583b3cfac264a7cb18100dee96a42bcb886298dbfd151c360376872a22618ee8305dcd245d930d576e718dfd4e5ad9e2ccfc7349e8587b80aa18e8b10545be72d77a3e2444c619f044677700ce403ddfbc43b9290d03b7a5b398479ea36ea6f672f92e2af9bd94cb462911b7295f2a9c302aaa65ec027a3b9bc1acd4fbd8d26b9cdafaee0e41afc843d48600b6a6c8bc6e253326ea41c6cf4453872cec5714976e89f3cb7c6df8cc7c698e3fb1a0fe470251573f985c52a4d70bdef54c0111dc34aefd91d5b065c0939c5aa746fa2d8034f7d89722e9e239143b6f952551b6cd93785b7d87b78db96b992f623b1e6888cbf1905e45536d8417b04a0b5ceed476a9d52d18890d9b0c1d589273e90ecc72fa269946457fde738fc755c7b1faf5e9794486f8a95407084322beff74d87be22d78323162d50b4b46ee3519d85dacf53376d35e91849c501a59cc474ff34971ea8bb2f1cf41580d7e3319a1f877af83ef67628afd40a9c9760880e8b94b9c46afb3de85dd934d2f300d9f265f297737d2dfbe23d6e303736893ddb01dd350a9a2b94210211d01cc3da563c1e1bdc1b00aa7a9c8f856619e501d58b1b4b20637cec3961191de12fd1b169e7c7454580e1de21edafe1c0c865c5d0687ca74ef017e7da413dfd0658c01059a260383893b597b6b2045e548d237a657f729daf1727f16210eddf099e40eb936083d26013c4d7cdb3ff97e32921dd9204ed897879ff755f4f09ce055b6d30f366d2a76a03fc5d1eebfa4de39b8f234c02abbfd47156a1be24d4c9a2eda555fed633fe23910994bc9addd1d85836485ee6bff748bdea2fad2b5986e7969676ed714719b22a1ad27768556771c602d8c11a056243327f678335fa00976ad400d32b35a3823cca47cd83c28eaeaab90cdfadd81290c44345619968c5273bd9c5154d2f5cc463813d0dd96d63b1d5623b4a632021f8d8e03b3c0b6dcaffc2526a7abfc106bb87930ecfe9fcf369959262cddb7dbaee08828b8480add6847a847f931f260ace08bec695bb2658fa8a950970640dccc4ff7609ca245620cb49d35bed3345e3e725ffc72e19d6cc6bd064d8ce8f7b92b7d038d94ac639c4c1319adecce6c5fea63cc4ef4e7cab102a0e9432da67d6757f6e537ae6901a997075df451c9e58c62cada9db5997a04da538a7384c22881986b051229aa0ef14a91ad33be913b4ad3fb35a3d0135bc3337a96c209d2c0233e1e1cc8466dbbf534eaac278343c39b4c1dac7c7d60ecb3a711c9d00efca79bc61a4144d6ae3b1124262189d5e7c32b2e1e4fcb07a4bb1b18b29e07689894d64f3e30b3d6d2acd82e489b894d56aeb9b1a36cf5663ebdf77679722db7906547acb2582d0f62dc231c55d956b5532cd142d6b357d6ec2efde0dbb04c25b94fd5b14683353e797cdf675bd65ec468e80eae8c5aaf0a559aabc3ab04aa8e7097f6546631239284736b8fc3c82cec096d4c01399ae5ac6f9a7fa8d27f76a47488d13efbd239e318c79b168eb1feed53ba00f083506092cebef6e2694f044c58e3c08de539f0bec4676a9ebe5233b99d0f4e82d4b871ed69937d33dcaf7653fd79d2d263f28ba8d0a04c28ea5da5f8670d36c37dd3fea6f6129a2efdecd0e7bdffc0e26177c86ecabd86d2817729bd622c99d4d6a39d0e848b58a6a79ab76841d747b6fcc13a9dcd4d29947219fcee8d1a3008e0eb583a5c3913e48e7617aaedacc2fce999e528c5dec77e23b97f606aea9d7b7956d5054b8bb71db7f6975192d455ed971b09617d688161ae78119108bf0c2bf96a6402c55fb7ecbd8f9af4f67b079c3c800e6fc1324aa7f8c1bc568a8103aedd972e223253aa04e8e9e50a93d50c3c8952432da74d02c7512a68a8a6d525c1bad83b95a57e4743bfef58f53e207650e7f3ed02e820bbab8f9efdd780a71232ede1acd25c313e17a50bef2ca1462acb96524d2e4105ef904d7a9c44c05d54369ea2e7636381b2ed122d8b5c75de552db8a57267b8afa9a18ce24e9add3a628bbcff3d51d8cf87da6cf4fbebd5f3c4f4d9e8dd371d75c5fa43eb5948a38cab32eca0915df98070a42b4423cfaea0485e15a931c5f6416e0e80b5f96b7e88f8d099561756058985e937f3b86c17f6b0b7bcbe3d73405cbfed3f31dc7f24cdf2742d5212be2c988133ffa5d0aa35defe4a5cad3136bf9d8df08846ccf193b02cab0921f64d2dc8b8b41a16894cbbc23db606faa680fe65600fde4faf48377527e2ffe1393f5c953dee879d4021e87c867c44f006b51284d5a32a0ea3b1ed3ccf02ab970e32ad83f456b03a1d7e7f770b887411842155c7b0f1efd1e7e899fd4764567c0ebcc8c0aec20fb42f00dda19c5008d896003b0e9841af011adf0686cee87e19484116af9202e0813ea77e9db857b5bdae01c9436e462ca0ae88fb248699ad5bd636da9aa9a299ca3f46b2766f1f357849620e35a95af1c13c9accd573b632145037d880705beb61adb76b3f6b5a5861c4d2038c6c076051b12a98a1cb876b49bcb20e98f35777f6aa1e566c74ef3567ffeffb462d035dec945db465d7df35b4d78d7fd3820c76afe1ba9e66ad0634ee4acc2bf536dc6d9986f427593da71cdc0fe21ca57328067591321c8d62cf0e0952b697ddf6dc56992e48d0f4987fd6b902dc04ca719322b503aa2ce4c8fb82a9f6cf74e83bed286c90a80f7315d92f9233b6850fcc99ebc4dc7bcda629d0c699a9a5f9cb87ffec786cc5d603635738446e4b7e72425820f7f6490f8cd7b6dc5b1c3071c24b11a1ee58cf5e90d0a639629ffa32f75b13420bdd4fcf15e01cfbfa7a173cba2af72d361f0fa416ad0dc22cebbcf3b122bb888d1db26912032c6bb47c08d77221fd4e29fc8ae1cdcb284995c39d919b66c8fc5c4d871e5d96a5703880da37c4834742c13f5dab01af619fd6b5e9606bea584771ac330e0cc3fd88677adddeddd212c2600b50338747466c4c345045b1ee7ed025f59eead800fa655a4f404edc82b259d2f4b5f00ef1801120b77f4f2901f67237435427cf3ef52d07ffb27982caf9e9efa6a75a498fc22d88f724883d9c4603a1b94c6a3d391cd3c623221bf51faad99b1d13f0f58929b1ffd9063b27aa0f9d2c9a45326c7fb8473ef970c054157c66d4a9d375de8f734dda9db9b466290", @generic="cc8365a1944b7cd93f5c1e3f93ae539f4674d168a3698faa732d7eb7c3aab4c46eca13076b5d6682d16bb8bf2c1bc936c2439280a8135b3f582b86985027e7cc17b18aa2580e5f7978cd0ffe18379aae538bba4f743f1466f5b64d1772d017217f1c40a20d4d9d948b42f19b6dc19840c791871c2f611d8af535e4f39bd746027669faee1afa8211e47eca1c94ec081409e30b66f6c44120c5de942340aa903e14b2274fe36f80100a2b57c2c5fd3168507ca0fae74aa04956f860b9f3199cbaa450e075fb4a068451319cf1a09df8aa5d0a5a7e455e8d3b83fd78f1d16107add299153b4972314b660d431f3f0a8bb757b39daec5", @generic="afe4b31f748216a8ed6b83eca122d349a12a1f0535167ec675c4b5c2338d6eb7418f58e8dd50fc1b5c20d76e740d04290a10e5fdb68a308122cf01487aefa44b39b890dd423c9b2dc6ba110eed6ec51e46754f38b26f0d73c100bf9406ee375f1da743c03339f46eab45e9bc1e34e7b6dac058fd894531081cc187117f301b5863c7541d53f693736659b2b9e3eaa8de176d5804c77e770eb19346ad72b356bceb", @generic="ab5ab0e186eebd76bef94c4ec44226c8976dbe8519c5cc1e68e0dadfa711eafc463c18f5993048e0d36dc24d2643d581e51a1952bdddc4"]}, @typed={0x8, 0x5, 0x0, 0x0, @fd=r3}, @typed={0x9d, 0x30, 0x0, 0x0, @binary="f31b5e94bb77e0446ee087d311294961ba097359d2077240cb3dbd3f37ae461eb14209536c01de58a757353c218281a1e71e21685e778e08e28a41e813751de60d4aa97e1814d75f2c4cfcd38dbe4f6228570388544b32ba64fd7c2a8613df6ef87d6b8fc81ac93c3eebcce13bd4c8f2b6235b0a6dd22d1daa99e6f84365ed5d18c1d5108b13ea56263145915fe86d644e3e516b0a9f488cae"}, @nested={0x1096, 0x8, 0x0, 0x1, [@generic="f686ad7ee25f99b18b587278123588c055e9dbd36385814fddc7045691921f7001ffd9f3dd2c9c75f7f4da7b990d9dd5140d0ed3a725ecc0372b362d26b0834b21f8132a8e38e06e37f14d4c5d8d99d1cd31591079e41a0397113e1d7bb4b684439a997eb2916045c322f6a5931ab9f8055f698f158ab723b299bd1a72daebd99454ac98c0ef51ff4e7b83391956611b48996579de6741e69bf32a5bc1c2b5f3d18daf7a5d5751ae99066e32237cb50b447fde3be4a3de2a41729adafe1a9ab53e5e75284ca0695de985394afaa7ca8c36dc729cf3e3dbd209bdf025fe5468c4f26d90afd4a28e6b2d0a0858c2803dc5db8e68eda3af01cf344a9fd70207fd36e8ccb24f37b831e39b8107ece1fda844e729e48b0cb817e9148325ade088e77061824ba719c5a0605a9f2743deec2e718a5dfdb701865383feaa4b6ca2262748484d68d200ed6441f172494a014da7d3d0316c706bca840303f6f31f28233d8959f0612d1606dd6de3cf68e0fe0a0dd8e86f7a97d45ee9a5ed6d19865e849f557c781c0a8afb401b35302fab8030ba08ac9f63bd9817812e1936a98b55b385cb69cfcb3ec881026a9a1a8273f41703a120b42bbd145072b042547e4e76925c3cdf56a9289d9eac518313790d1ac95857f5750cbc47fde273b1558617a2a2ffffc9585ef33edb01fd3a67347f2ee1dea9ac06e3ae95e1ec37e9451fe0b7efcc3999684cb74fcc0704578995d19166047a606edf91be2f359d72649cd1291fe8742622feac7dc2db72f4825653ca8a22cd68a4e7390431877571e6b31199051d7403ea456a1b4fc4a4ee094994f850455e14bec13e5ae4c1079b461bf99277319e5a7daf4ed0057c0f5b766f0655b0e3937335c4c4b39856bb34e826fa731e7b0fd7c16258c471d4e199c7e8b393fc5ab3628a4cc33077bb77466b5d565b037bdc01c0c9f1f67885b81f66820718ee8453fdc3df4422e2859a7bd838fe27aa9b463bb933de4e749636d339fa11692f8a619b48e5beb255c25feb402eece706a2ecaca10ecdac99fd31ee348f9f6e03bd47992ed23c5a7fc19df064c2f642e3d4b0375b814005e78f863d5877425c6cfb11b878a4305a2ef64877f26393ec2b1c42d8d6962b32288d1f22acaf9679f3ac1f5198bff2905894e530e4a855a8334e143af953bbdb929cb480793e7592d6cbf8026bd8e9191d1ef8ef8ee04b9bf6872d2ac60ef8f68cc75d89a333fcf63bbb18c73f09bc07e7ee919381234f8f3c214415bedcdd8a53f8b15a5c2c05e6a290066cd57964de17f4d28be5338adaba44a301cb5c4db095b9ade990b65ea303d74c0d6d3135bc7a7c89af1386ab2a5578de445ff0f64b0050686ae4b93708358284b6b550083d381983a3edc05995088407dab85370baf370f78f1aecae1ca10f4f8b0f5fa6e52dc7166898c0e453f3cf2716646c9bbe5de95cb873d8b60d4584f564631895917897d2dbbca6eed4b8a9da6861a042cf06807a5cf1ff7d5c448311b8e593de29159b3e75a9c3513878f37577b08cfdcd9156cf4d6464d63687ddfa1b1ea7e99dc8ca86f99f5af5655e1065604f2228b621227681846071b29f70e79b0958cc282c2939c225745c1cdeb0e13bc6ec867fe359e213e9d4eed9b1098ae9fdf7e10f11c969970e6dc50b031693f0b24095b3a2bce3dbd5792cdb1f185961c209b731729c55f4058949d6d4a132cabdbc013a388ad7001e1adb5c0ee8eb130824a48ea1bb855190df2d5584445a46190e15791119b34b8ba05356efbce792277b83e8766bb663ed7048b2987e100f5501551f6ae6e67deb9fd8d3d847cdeaf6a98f7d44f76535f1710061a98bc0ae9842670a27ae6b0cd5cd0f1d5f1a45234e20539791656bba8adde784ff312fb2c7b23f772646897304493255f6bf8ca34aede67d8f2f47340f5ba6ba0b3714569c5eadd02c4e08de71e1b6626070c8de047f7d56ac699969e5174c9ccee249be32358af4b64c4ce571bced50c8fe017afbb87cdf13c889c7bc3e7c2128c644843cb9d374acc549e3d583ff9cd7fc18fec99b5ab2d29bab71bb211423624c43206fbb0043f8d026f927027f8492ed6971d379c4e829c91d58246ea9177e53feaaf0e6aef8865216e17d96c5cfe68ab130bf7dec2c6de3a5987f167a0e9b92bdb2ef742c18a12354461a4b134b8ae48b7e418abdcf9bf495fa0397c92e4cb68b2ddbecf490cead614aef287a35e32d4275ffa07fa024ab5158cc2f6318a267f5fd76beda470789f586a739fa89934ebc3f126d976d3e3daf2134e99c26251ed6f110e5ac4467ebe8ba0cc669eb3f009c786f31f02568ff2ac4855fb66f0b3ad92a7f464f83d727c68a686274911fe09b2e51105ea08ff4c1f5a9c2f566433e76b206f9850e35e315ee2b937503fe22e1622c26569b3e33bfe83dcbe85ead3c5d6721f1517bd5491c2fd12cd4b3934ae84d783ce32c6c32924b6e841e5e3474282f5d5af9a7420bdd072d12475a21083cfba2d1f6c0c1f0e9244f43a1c9e5797b637055318ee950bf7b11abf19927f4f480bca6a69eb5f7175ad06422e8edbcaf493b42c5f65973f4b414def3d81737ca94517f7a954b53fef2291c7efe7a3e735b84141a90b9d7f6ddf8208553d48af91d78faa650b2beede2f6efec9207a45e1240678d025325ba9ac10dbc746df209cd9ba063f03ccc20d92c0d271277ffaf34bbd63b18d4d30b0092957d168a505d274ad2dee1e942e2516850e773c24f9362e1918885e61968c63edc18ec26d0e2c0a0ed76143d7c17254ad24d803a13797ec1d9f683ea471230caf42d49cf761a61e79e48fee46eb201471ec9a296dc081a8203309978b91803085bd4e75c36ee23e8da390d70ccd39a45a9346f20658d78b47546a3850ad3bfa84edf78c6fe7844feca08042a94c27b9d26ce54e66a14633bbce99f6fdbf03e5c4fe9b5d5572e82c3ff2beebf77cc1822bdf6722b16e2bb7a007701e862347b88efeb65892b6e33d9704188745f7075f3732e20e6923de891a51248740705072e0a3b767793229f9dfe3728f7e920bd318a3b082bf81fe5b98f30319d9e161002a6420b40b974afd53a765fc4262bd72ff5ad1f7d804dd3e5251ae56adfc8898a62d97ac27f8fa5d078fec6c2953b9cafdb023d0afdc2f2a54c31dd00253724ecb3bd8c81d78ce8afb1ff5f82140c988f81643883a8a099a836221f25abf91b64bbafe983310b5a2be1a3c08e3aaec2c6fec21825d2e9f51d6de86ff085baff2dbbad329202c7b99e0b1084d644f3118a91ad8db523669a365045dd4d46c493a871da629eceb88da01fe956d101275ec37aae1d29fe878bdcbca66dfa9d7ef92b6a18187b6712848d71c039f1d18683bf2ab9d1de048fdf890aff2ad834db8221e50d5615da12f98f3843c8408b61d56c50f2293226dd5ee262f4909ceb9e349c25635340f68d716434257c859c90402c80a5bd4ab415f9c3f0cb3037bb0324f7b54882aa769dc6cd8c76cca457c1bf7976f5e11e2091d00c5d7b52ec7c30fca96c506f3014ca5d93093d6eaa20fe633114c6358b310b47beebcad4338d149e2e0c97ef88e1cfeb6c86170c6207fc626b4b2f71381694ecebb3678ad9f600ed9edfeae8e8079389e2938225eb07ab04d17b3ce8450c808893958efbcce975be06b7da7d03cf854d397e4e2a4cff480bb17114703fa7e83a91d0b9620fea0530ba97610b5418226f6515c91739cd38c3a35fda397d08e0c7f9d3144644c5912ed29fa27fcf57498da9910e29be9aaf78a8f039f3c12a3e4db679d7b2a430cabd255505c88061a9a05d0d51b4076904c0f292978e6922b20771dc350ddeb918192f18e52ee9b9e8ee6905783f90a831f79726d52f14e75f2f6be0d5ebd3a95fefcab4ed6d7441c02fce4386723b0c3a6187e5757c6850f984ecc33adb0cc1310109742007ef00e0e182354b8efa5e654493db2c146fd6b5b511866c82eb2a9186c445c6f1f1c7bc6465e9792a201593afc8a01df5e5abfa38d61471824b222b98b88f08bdbfd2f4303a92f5110fd881043f6bf05e25a3692e845b9e74d5461badc7605a97a24a02141c3591479cbeaccc2e7caf86dd3d0d3fdd4e84ba9cf4cd657f51916c3b44c17ed20a58eb8a37d61bc0802c57a235f17fdeef6f5c70832e57e98253d8c279b7de6c9fcfa8b4cc8f8d38d4732fc607ed855d047a4b5285632f2a0aaa12f57ba73f79311527df643dd743e9e9c433789871f9692f51746b2a52dda57deb0a26e1ee67afa91576357ecb40bddd2093529fa391c2d4225ed940d686ea38b573f5c15eb81240c0779c015d82af316abc04f9a3d14d66834afe835df9dc5ed68b0d9d8341885310daacea0afdba26e5128397c8c1e03b65a750113c1c19104d09b0088d4213821ba34a865dac7fc493eeca19b31c0567289f2476af10d65a783ff58fd6b59c67007cd2a887f9f6d293ae3637edc783bf6a3e9dac4aac1865988e70c7efd25f7370c148f99ee1bb39d779bccd5414600524d400f5ddd39afd2f2728832afd2d1abc5cb98edfc9fdf39380abb448af2501df93bafc4a259adfc747e976539b261bb4198a49068f0444281ad542a0138d775aec70931076e668b91c7c0641030892eeec23e3d34316993e15487397673e624d4641f3a42146855e813df2fdb0e376dc8c629a33691d78a1d825fd333bee1f1e7a8fb5317568de1a23a4f363a8498df62b7bf61b84cf0c72beeb3c0864177327b93a9cb4bfea279b26d3b2660c47537772e1b298219195799e0234f5517dee8eddd44b90d1cc86b494ceac9be86794628704680a8b3deaca4ff4aaa05d211f522b0d586dccbfe8c35b6a9a9cd741aee07fd14c74ebc90d4a4488a99d0344e1be93ede0b12ee979f8a96dec07e7097215fd55043448c3f822d3905608869ca1f00277675540239595de82bfd17e406d9e9e3f872ac7d521bc05552853a120e1b8a8e6f0c95821717f6cdb5415ab6b780291c38c5390a23d0bef0efbe431736403711a7acd5696ee5bb8cc27e03737e71719d6cf2b7894764c656ec250022b2fc862ef92c53d14306e1d806476655115ff83b767f91b5f2c1193bc16edccd89a016256cdd3c001ba1699a0d9a4b80d2ce95c3806dd719d0abbedc6764428e16ab251b2b739835947086f5f61ed07913d662adf31cd3f023742b98e727de94febde600a6262e7ea1376d8ec78eb28b032f9ff15185627f3a4fb46f3335c7d13a75531910e698efc1717fa4c16ebb085608409194a8c30f37d68c3c320080d4e31113a7405150aa33c381762670ba5ee9c1ec2abfe604c13b743cc157086553eabac3b4a8a33422c6eaf2dcc44fbb31591a201a185d18491f8ea3b3a306976b1904c0287a05fee8dd165347239f9114c2fc1bd00fa44ca49296f066c15d70639177ad11620f4c6575bbe35dcc15e771ddf4853acf621c9823c4a4360207704dcab016f17c8dddf8418498d99fe1af55fc68724462911ea5940cf5f0d3841e21a5b732b4fdd2724f7fb8cf8e0c427279fbdf614ebe52056fbfb202d6c929cdb27b0b7f6e011a7351d1d5be7adf11bc7764617595726e631f45cd26114f5dc039bd7ec339cc9d8414e8ecbcff9593fa4d18b1936e3292ffa2375b5192f4267699f143d5954a91c59b7a711376f5f0970a1b0b915a37e9152f56e8b2dc203c42cc441c82b1b18cb2035d713ad66b147c7031e2b7e88bf76fc5077b238d669483f94d32590e153b4bbfe89a25828421772e8c78da207bce923e7b0a5f68a7b", @typed={0x4, 0x16}, @typed={0x8, 0x8e, 0x0, 0x0, @fd=r5}, @generic="66d6b2b0ee7485f886ddda905328aadf5a9a83c250fc6100fdd2f3b0cccb1af1e2b2727592ef99347e188f2928f63ecb938e502f3ec1949b4b7f93f11f9b493acb187cc9911a8093e034ef53430a83dced15af33068bb18882a0407c6ccbf8580c839936055cf0ce7a45681d2ffc945c8a78e112a3", @generic="e52b840ee6c16da1e6", @typed={0x8, 0x1a, 0x0, 0x0, @u32=0x9}]}, @generic="4d17d2", @generic="336bdc22aeb12d3453ce66aeed3f408dd58146071ec871298afa68adf80b6c29309e18c4a819354e52ede7159a85bc9df6d82540c99bb3d20125a36bd6716e980f5be2adf154ce5c66b7d37f00ff4edb58b8d161252048db15e2cedda3434033dc58732751969e36ef28da898f71f69b913017fafcb5a6f8b9f27a533190f4181b885d162c0169b6224786ea2495502f149c6b008a233d7e773d", @nested={0x172, 0x5d, 0x0, 0x1, [@generic="dcbedd2cf7292623e255b04c43dea4a1e37cdd62d4cfb186d4eb453bbd059a719efa73afee46e3008e3e191d739387", @generic="4877c62951383789aedeea9699fabaf3187686f129bf1b", @generic="cdbbc2199e589c76eba12f2e0b84a0cb4135044e437a2bdc1a6fa2238c6e5c46efa94fe9d216266f6ba204f40378e80e2b2a606d1d350f70f3ce8aade5c1bb746dde1fa440d770a9058adf4b68a6cdf26c38610e4504dc1298665333617a386c05e0a89ec62b63176fa3cae355adeb0026e3575f620377b6da6e0ea99483f9226edd47e8c65a94a4fb4db91de13b77183c6685d5a15195a3a0bb26", @generic="1c3db6e5d5bfc6c6360f9d54c1c2da2c768b5e35bd8a5804dd7ea8cb5ab5c508005a452aa76c28fefaa6610773308e01530fe7b9447a53946a51e7cc558e61653f6de69d6035f5614a6f11ef43b5f33e0be43764753a6f91a93711fba769c861b2a41db62a274ae931d90a223ca9530d53", @typed={0x8, 0x5a, 0x0, 0x0, @uid=0xee00}, @typed={0x14, 0x2a, 0x0, 0x0, @ipv6=@local}]}, @nested={0x64, 0x8a, 0x0, 0x1, [@typed={0x34, 0x15, 0x0, 0x0, @binary="d83a3ffcb3b632f3a87de20fc5a602a47e43fad7db836a862b3e8e4e8cf07bb4bcdf60af394b86fcada448288e5acbfb"}, @typed={0x8, 0x0, 0x0, 0x0, @ipv4=@private=0xa010102}, @typed={0xf, 0x8c, 0x0, 0x0, @str='/dev/nvram\x00'}, @typed={0x8, 0x4c, 0x0, 0x0, @fd=r6}, @typed={0xc, 0x42, 0x0, 0x0, @u64=0x6}]}]}, 0x26dc}], 0x3, 0x0, 0x0, 0x20004014}, 0x4000000) 09:39:03 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x87000) 09:39:03 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x38000000, 0x1) [ 3171.077609] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3171.129344] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:39:03 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2d000000, 0x1) 09:39:03 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) [ 3171.246094] loop2: detected capacity change from 0 to 256 [ 3171.258982] FAT-fs (loop2): bogus number of reserved sectors [ 3171.259468] FAT-fs (loop2): Can't find a valid FAT filesystem [ 3171.283005] loop6: detected capacity change from 0 to 256 09:39:03 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7) 09:39:03 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) [ 3171.326560] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:39:03 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2e000000, 0x1) [ 3171.562647] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3171.585588] loop2: detected capacity change from 0 to 256 [ 3171.599963] FAT-fs (loop2): bogus number of reserved sectors [ 3171.600838] FAT-fs (loop2): Can't find a valid FAT filesystem [ 3171.602233] loop0: detected capacity change from 0 to 256 [ 3171.623098] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3171.705064] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:39:13 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8) 09:39:13 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x2) 09:39:13 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2f000000, 0x1) 09:39:13 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:39:13 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x39020000, 0x1) 09:39:13 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r0, 0xf504, 0x0) sendfile(r2, r3, 0x0, 0x80000) lsetxattr$trusted_overlay_upper(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240), &(0x7f0000000280)={0x0, 0xfb, 0x7b, 0x4, 0x0, "56415c6c55df78421e11e2d497bd5db1", "a3df336980d14a2f9cf910b15cf4b1ae2ce7db5f410c17030fb73a4d19007ec2ecfd03754ccdeb64da48db30c907827f369995fa18fad60bfe8065c205dec30fe92cf62502533b7e8a62f03599b0d9401163e8700861f45be01e4c74e9ab008dafbf2897d5ea"}, 0x7b, 0x1) fcntl$setlease(r2, 0x400, 0x2) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r4}, './file0\x00'}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r5, 0x0, 0x80000) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r1, 0x6628) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{0x5, 0x3, 0x3f, 0x81}, {0x0, 0x3f, 0x2b, 0xff}, {0x7357, 0x3, 0x9, 0x5}, {0x4, 0x9, 0x4, 0x6}, {0x6, 0x7, 0x9}]}) 09:39:13 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x870b3) 09:39:13 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x3) [ 3181.155587] loop6: detected capacity change from 0 to 256 [ 3181.156776] loop2: detected capacity change from 0 to 256 [ 3181.161232] loop0: detected capacity change from 0 to 256 [ 3181.188086] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3181.193106] FAT-fs (loop2): bogus number of reserved sectors [ 3181.194178] FAT-fs (loop2): Can't find a valid FAT filesystem [ 3181.204163] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:39:13 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x3) 09:39:13 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) [ 3181.410620] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:39:13 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x30000000, 0x1) [ 3181.444444] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:39:13 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x102) 09:39:13 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x6) 09:39:13 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3b9ac9ff, 0x1) [ 3181.519212] loop2: detected capacity change from 0 to 256 [ 3181.529043] FAT-fs (loop2): bogus number of reserved sectors [ 3181.530037] FAT-fs (loop2): Can't find a valid FAT filesystem 09:39:14 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:39:14 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x31000000, 0x1) 09:39:14 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x87e00) 09:39:14 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x6) [ 3181.734791] loop6: detected capacity change from 0 to 256 [ 3181.759814] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3181.775493] loop2: detected capacity change from 0 to 256 [ 3181.820117] FAT-fs (loop2): bogus number of reserved sectors [ 3181.821001] FAT-fs (loop2): Can't find a valid FAT filesystem 09:39:26 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x87f00) 09:39:26 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7) 09:39:26 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x32000000, 0x1) 09:39:26 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7) 09:39:26 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x321) 09:39:26 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x3f000000, 0x1) 09:39:26 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:39:26 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0002}]}) flistxattr(r0, &(0x7f0000000580)=""/137, 0x89) r1 = creat(&(0x7f00000003c0)='./file1\x00', 0x0) r2 = openat2(r1, &(0x7f0000000200)='./file1\x00', &(0x7f0000000240)={0xd41a40, 0x19a, 0x1}, 0x18) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000380)={r3, 0x3, r0, 0x1a, 0x80000}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x1000, 0x5, 0x5, 0x7ff}]}) r4 = eventfd2(0x800, 0x800) writev(r4, &(0x7f00000004c0)=[{&(0x7f0000000000)="b86f329f7104d352b8c03f042eb68a9b7fb372bf6a363202287c7493ac4c002e0b6688f970e7a536376e8c98a1", 0xfffffffffffffdc9}, {&(0x7f0000000080)="0bf1d491682e8c8fd2ab167b8e69bd3c31dbea145606f27e74d30a9304f1f8542efdcb0c81617f3f848a114977c90f290ea7dc77734cc04089a4cc62", 0x3c}, {&(0x7f0000000100)="c303ef35b0ccbe525730c32b838eeca196bfc2a7ec21", 0x16}, {&(0x7f0000000140)="3f8d6318f092c85c46a326fe1b0108cce5ff5430", 0x55}, {&(0x7f0000000640)="92f5c94033e20173b55070fcdd03defebe0bbaae33e9385f36ada24a3d7430097c817226e81945493a424738244a1b42d1a8a726a30a64ee05ca1ba4f4f32b4a5a45c51aef817d6e12c840beb4d9c3b004e97118e34b247ff05b5c251bb94cb6fe173964116e707004403f68fb5444615a0f887609ad46deee8dd21532ee4ad31e8b8e367713d257bcfb5a2704344423e3093fdf672cf8f6415d99f40412993e97a43aa23feb89c70fda8cfccb4cc48c13d596d3e9f028d4db9b823d48c1a675767630c8faea", 0xc6}, {&(0x7f0000000280)="b4696e29cbcd0a6c96638754b9915ea21521622a13ea4abaa23759b68117eeee50407488783f9bce7d9a22e8f838b650cc7ada7d196e54b55a4a1973cc0665e214c1301e37b44dfd2c8ac4582db80c72", 0x50}, {&(0x7f0000000300)="02bcc6ede7ea02dfb18625b7e9989ed8e3ed4e711ae069e32e490ea029588ebb21cf4ba8f191d13ffc8d09b8baea397a9eb99f", 0x33}, {&(0x7f0000000400)="0de2419ff25762aabd0f47e6957edf35f5b5553889936ad62d65db310a78a51e9eb719f443c7b790863b06d99cad71855887f3a683b2997845cb78247a3e1524102dd00159205a3236913cd213a299af38a217aba74fd22217b334017d3467f0c476e97d751c06242cdaa469e2f14582073545eec47b8d9cda876cfe4c42f529e9ef33301cfecdcc28fd1a76ccfb16d21e", 0x91}, {&(0x7f0000000340)="5fc89511a2b9030c3d2756ab77c9c1e4057d223067bc03f1367bcca967af78eeeab72b24d70ddf6e11c282b325579ad44c45e96d250aa7e747de5ba4", 0x3c}], 0x9) ftruncate(r1, 0x0) [ 3194.467577] loop2: detected capacity change from 0 to 256 [ 3194.499756] loop6: detected capacity change from 0 to 256 [ 3194.524793] FAT-fs (loop2): bogus number of reserved sectors [ 3194.525360] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3194.525929] FAT-fs (loop2): Can't find a valid FAT filesystem [ 3194.542325] loop0: detected capacity change from 0 to 256 [ 3194.575229] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3194.584377] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:39:27 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x80040000, 0x1) 09:39:27 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}, {0x995e, 0x0, 0xfc, 0x20}, {0x9, 0x7, 0x8, 0x80000000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r0, 0x0) getpeername(r0, &(0x7f0000000100), &(0x7f0000000000)=0x80) 09:39:27 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x4000) [ 3194.667440] loop6: detected capacity change from 0 to 256 09:39:27 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b30008082000040000", 0x13}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) [ 3194.771500] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3194.785177] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3194.861663] loop2: detected capacity change from 0 to 256 [ 3194.885007] FAT-fs (loop2): invalid media value (0x00) [ 3194.885802] FAT-fs (loop2): Can't find a valid FAT filesystem 09:39:41 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b30008082000040000", 0x13}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:39:41 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x33000000, 0x1) 09:39:41 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8) 09:39:41 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8) 09:39:41 executing program 4: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x87fb3) 09:39:41 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0xa890) 09:39:41 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ftruncate(r1, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) write$binfmt_script(r0, &(0x7f0000000240)={'#! ', './file0', [{}, {0x20, 'pcr'}], 0xa, "1656ab8b07cee7c4e61c93862e490253029e52bcd5570864ed1301cf5daed2117f122cb0cd80c8c27b62ba986c3a3ee174ecc00daed49ed628db892994dbe86ac9951a0c5f1421ac901dac6d4d9c81214ec0a41f94fc33a09434bcc596a7f68c9680fddc7facc0f7431b44afec3af10223e04a09191f6694e64486b98c8a57afaf90a6c471fc08be274c601fc876628a4c53b936029d3efce2cfedd34a22cb3eaf18fc66b32ef3de8450dd898a38c3c99fdc81c53da6262bb3163e737419d47669a2cd4ab6313276eb604f7dac0e34"}, 0xdf) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r2, r3, 0x0, 0x80000) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r2, 0x40089413, &(0x7f0000000200)=0x8) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x1000c90, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache}, {@cache_none}, {@access_client}, {@access_uid={'access', 0x3d, 0xee00}}, {@loose}], [{@pcr={'pcr', 0x3d, 0x13}}]}}) 09:39:41 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x8cffffff, 0x1) [ 3208.977079] loop2: detected capacity change from 0 to 256 [ 3208.981442] loop0: detected capacity change from 0 to 256 [ 3208.992315] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3208.993784] FAT-fs (loop2): invalid media value (0x00) [ 3208.994433] FAT-fs (loop2): Can't find a valid FAT filesystem [ 3209.025402] loop6: detected capacity change from 0 to 256 [ 3209.069073] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3209.075914] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:39:41 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x38000000, 0x1) 09:39:41 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b30008082000040000", 0x13}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x1) 09:39:41 executing program 7: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x102) 09:39:41 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0x1}], 0x1, 0x7ffff, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x18d101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r1, r2, 0x0, 0x102) [ 3209.227067] loop0: detected capacity change from 0 to 256 [ 3209.244603] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 3209.260004] loop2: detected capacity change from 0 to 256 [ 3209.279256] FAT-fs (loop2): invalid media value (0x00) [ 3209.280445] FAT-fs (loop2): Can't find a valid FAT filesystem [ 3209.317825] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) VM DIAGNOSIS: 09:44:50 Registers: info registers vcpu 0 RAX=00000000008cd189 RBX=0000000000000000 RCX=ffffffff84b7e987 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff814c6a64 RBP=dffffc0000000000 RSP=ffffffff85a07e00 R8 =0000000000000001 R9 =ffffed100d9c630a R10=ffff88806ce31853 R11=0000000000000001 R12=ffffffff86438750 R13=1ffffffff0b40fc7 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff84b7d6be RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e55f3000 00000000 00000000 LDT=0000 fffffe6d00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055d50dc09618 CR3=000000001dad9000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=007e02fe016c6c6f502e726567616e61 XMM02=00000000000000004104a3c000000000 XMM03=0000020602060606060701424bac9bfc XMM04=039aff33007c02fe016c6c6f502e7265 XMM05=937ab6fc6b1d063afc49b0f398fc0701 XMM06=f209c0f2fc41704edefc38b942b6fce9 XMM07=0000020602060606060701424bac9bfc XMM08=726f74756365786511006c61746f7420 XMM09=20636578650800737472617473657220 XMM10=65676169727420636578650b006e6567 XMM11=78650900736465657320636578650a00 XMM12=616320636578650e007a7a7566206365 XMM13=696d20636578650d006574616469646e XMM14=616d7320636578650a00657a696d696e XMM15=000073746e696820636578650a006873 info registers vcpu 1 RAX=0000000000e8202f RBX=0000000000000001 RCX=ffffffff84b7e987 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff814c6a64 RBP=dffffc0000000000 RSP=ffff888009717e58 R8 =0000000000000001 R9 =ffffed100d9e630a R10=ffff88806cf31853 R11=0000000000000001 R12=ffffffff86438750 R13=1ffff110012e2fd2 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff84b7d6be RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e56f3000 00000000 00000000 LDT=0000 fffffe4f00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f0218b81010 CR3=000000000cbd7000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=7465677261742e79636e656772656d65 XMM02=ffffffffffffff0f0e0d0c0b0a090807 XMM03=00000000000000210065636976726573 XMM04=40404040404040404040404040404040 XMM05=5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a XMM06=20202020202020202020202020202020 XMM07=00000000000000000000000000000000 XMM08=732f6563696c732e6d65747379732f3a XMM09=00000000000000000000000000000000 XMM10=00000000000000000000200000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000