0x0) syz_io_uring_submit(r4, r1, &(0x7f0000001240)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x1, 0x6000, @fd_index=0x2, 0xba, 0x0, 0x0, 0x19, 0x1, {0x2, r11}}, 0x0) 19:25:04 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 787.545828] loop3: detected capacity change from 0 to 96 [ 787.569371] loop4: detected capacity change from 0 to 96 [ 787.578225] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 787.578681] FAT-fs (loop4): Filesystem has been set read-only [ 800.972820] loop4: detected capacity change from 0 to 96 [ 800.979969] loop3: detected capacity change from 0 to 96 [ 800.984927] FAULT_INJECTION: forcing a failure. [ 800.984927] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 800.985774] CPU: 1 PID: 6471 Comm: syz-executor.1 Not tainted 6.3.0-rc3-next-20230327 #1 [ 800.986303] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 800.986834] Call Trace: [ 800.987012] [ 800.987170] dump_stack_lvl+0xc1/0xf0 [ 800.987445] should_fail_ex+0x4b4/0x5b0 [ 800.987734] _copy_from_user+0x2e/0x180 [ 800.988009] copy_msghdr_from_user+0x89/0x150 [ 800.988333] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 800.988693] ? __pfx___lock_acquire+0x10/0x10 [ 800.989010] ? lock_acquire+0x19a/0x4c0 [ 800.989297] ? find_held_lock+0x2c/0x110 [ 800.989577] ? get_pid_task+0xec/0x250 [ 800.989857] ___sys_sendmsg+0xdd/0x1b0 [ 800.990133] ? __pfx____sys_sendmsg+0x10/0x10 [ 800.990448] ? __fget_files+0x24e/0x480 [ 800.990723] ? lock_release+0x1e3/0x680 [ 800.991012] ? __pfx_lock_release+0x10/0x10 [ 800.991317] ? lock_release+0x1e3/0x680 [ 800.991608] ? __fget_files+0x270/0x480 [ 800.991888] ? __fget_light+0xe5/0x280 [ 800.992159] __sys_sendmsg+0xf7/0x1d0 [ 800.992439] ? __pfx___sys_sendmsg+0x10/0x10 [ 800.992752] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 800.993149] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 800.993545] ? fput+0x2f/0x1a0 [ 800.993784] ? ksys_write+0x1a7/0x260 [ 800.994053] ? __pfx_ksys_write+0x10/0x10 [ 800.994347] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 800.994706] ? syscall_enter_from_user_mode+0x21/0x50 [ 800.995070] do_syscall_64+0x3f/0x90 [ 800.995329] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 800.995679] RIP: 0033:0x7f1a6ffd1b19 [ 800.995932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 800.997134] RSP: 002b:00007f1a6d547188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 800.997634] RAX: ffffffffffffffda RBX: 00007f1a700e4f60 RCX: 00007f1a6ffd1b19 [ 800.998100] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 800.998569] RBP: 00007f1a6d5471d0 R08: 0000000000000000 R09: 0000000000000000 [ 800.999036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 800.999500] R13: 00007ffd0695353f R14: 00007f1a6d547300 R15: 0000000000022000 [ 800.999978] 19:25:17 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) (fail_nth: 1) 19:25:17 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7", 0x57, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:17 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$iso9660(0x0, &(0x7f0000000240)='./file1\x00', 0x80, 0x0, 0x0, 0x140001, &(0x7f0000000100)={[{@cruft}, {@utf8}, {@mode={'mode', 0x3d, 0x1}}, {@unhide}, {@dmode={'dmode', 0x3d, 0x7ff}}, {@iocharset={'iocharset', 0x3d, 'cp860'}}], [{@uid_lt={'uid<', 0xee01}}, {@func={'func', 0x3d, 'PATH_CHECK'}}]}) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = clone3(&(0x7f00000001c0)={0x1a3363500, &(0x7f0000000180), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = getpgid(r2) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r4, &(0x7f0000000200)='E', 0x140000) perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x1f, 0x2, 0x4, 0x3, 0x0, 0x7, 0x40000, 0x6, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffa, 0x5, @perf_config_ext={0x8, 0x100000000}, 0x10, 0x744e47c4, 0x1, 0x17, 0x8001, 0x6, 0xe79, 0x0, 0x401, 0x0, 0x100000000}, r3, 0xc, r4, 0x8) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x1, 0x0, 0x7, 0x81, 0x0, 0x4, 0x4, 0x5, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_config_ext={0xfff, 0x9d1}, 0x181dc, 0x1, 0x5, 0x2, 0x80000001, 0x52e, 0x8, 0x0, 0x1, 0x0, 0x4}, r3, 0x9, r1, 0x9) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000003c0)=0x0) perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0xff, 0xff, 0x3, 0xfe, 0x0, 0x400, 0x8a00, 0x4, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x7, 0x2, @perf_config_ext={0x2, 0x4}, 0xa80, 0x8, 0x3, 0x3, 0x9, 0x9, 0x8001, 0x0, 0x40c76e64, 0x0, 0x4}, r5, 0xffffffffffffffff, r4, 0x8) rename(&(0x7f0000000300)='./file1\x00', &(0x7f0000000580)='./file1/file0\x00') ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x77c8}}, './file1/file0\x00'}) r7 = syz_open_dev$vcsu(&(0x7f00000004c0), 0x0, 0x201) perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x52, 0x0, 0x7f, 0x3, 0x0, 0xffff, 0x8000, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xf6, 0x2, @perf_bp={&(0x7f0000000400), 0x8}, 0x2000, 0x4, 0x3f, 0x8, 0x8001, 0x84c, 0x0, 0x0, 0x4, 0x0, 0x5}, r5, 0x7, r7, 0x3) openat(r6, &(0x7f0000000040)='./file1/file0\x00', 0x40000, 0x81) 19:25:17 executing program 5: r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="c51bf717d32af1d147d435ef77cc60627f152277", 0x14, 0xfffffffffffffffc) r1 = add_key$keyring(&(0x7f0000000580), &(0x7f00000005c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) r2 = request_key(&(0x7f00000004c0)='user\x00', &(0x7f0000000500)={'syz', 0x0}, &(0x7f0000000540)='e355a76a11a1be18', r1) r3 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) r4 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, r3) keyctl$KEYCTL_MOVE(0x1e, r4, r3, r4, 0x0) r5 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) r6 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, r5) r7 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0, r3) add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f0000000100)={'fscrypt:', @desc2}, &(0x7f00000002c0)={0x0, "e9b5522ef670193625d6e8a3480e03832f4f57749b5b2fd7cfd1b6d7ccfaa17f8c5fc9038e82bca012554c79604a0b21978fc23cd608d3ce208e9855bd7b0bc0", 0x3a}, 0x48, r7) keyctl$KEYCTL_MOVE(0x1e, r6, r5, r6, 0x0) keyctl$KEYCTL_MOVE(0x1e, r0, r4, r6, 0x1) r8 = syz_io_uring_setup(0x66d, &(0x7f00000001c0)={0x0, 0xac04}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r9 = epoll_create(0x4) r10 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r10, &(0x7f0000000140)) r11 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000640)={'syz', 0x1}, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, r11, 0x0, r11, 0x0) keyctl$KEYCTL_MOVE(0x1e, r5, 0x0, r2, 0x0) dup2(r8, r9) 19:25:17 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x4000000000000000, 0x3) 19:25:17 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:17 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:17 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 801.005875] loop2: detected capacity change from 0 to 96 [ 801.018857] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 801.019368] FAT-fs (loop3): Filesystem has been set read-only 19:25:17 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:17 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) (fail_nth: 2) [ 801.095729] FAULT_INJECTION: forcing a failure. [ 801.095729] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 801.096615] CPU: 1 PID: 6480 Comm: syz-executor.1 Not tainted 6.3.0-rc3-next-20230327 #1 [ 801.097162] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 801.097714] Call Trace: [ 801.097894] [ 801.098055] dump_stack_lvl+0xc1/0xf0 [ 801.098329] should_fail_ex+0x4b4/0x5b0 [ 801.098626] _copy_from_user+0x2e/0x180 [ 801.098904] __import_iovec+0x50d/0x810 [ 801.099191] import_iovec+0x87/0xb0 [ 801.099454] copy_msghdr_from_user+0xed/0x150 [ 801.099778] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 801.100134] ? find_held_lock+0x2c/0x110 [ 801.100450] ? get_pid_task+0xec/0x250 [ 801.100734] ___sys_sendmsg+0xdd/0x1b0 [ 801.101019] ? __pfx____sys_sendmsg+0x10/0x10 [ 801.101344] ? __fget_files+0x24e/0x480 [ 801.101625] ? lock_release+0x1e3/0x680 [ 801.101912] ? __pfx_lock_release+0x10/0x10 [ 801.102222] ? lock_release+0x1e3/0x680 [ 801.102514] ? __fget_files+0x270/0x480 [ 801.102805] ? __fget_light+0xe5/0x280 [ 801.103083] __sys_sendmsg+0xf7/0x1d0 [ 801.103361] ? __pfx___sys_sendmsg+0x10/0x10 [ 801.103682] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 801.104085] ? fput+0x2f/0x1a0 [ 801.104341] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 801.104711] ? syscall_enter_from_user_mode+0x21/0x50 [ 801.105084] do_syscall_64+0x3f/0x90 [ 801.105349] entry_SYSCALL_64_after_hwframe+0x72/0xdc 19:25:17 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x8400000000000000, 0x3) [ 801.105814] RIP: 0033:0x7f1a6ffd1b19 [ 801.106108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 801.107300] RSP: 002b:00007f1a6d547188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 801.107817] RAX: ffffffffffffffda RBX: 00007f1a700e4f60 RCX: 00007f1a6ffd1b19 [ 801.108298] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 801.108787] RBP: 00007f1a6d5471d0 R08: 0000000000000000 R09: 0000000000000000 [ 801.109260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 801.109735] R13: 00007ffd0695353f R14: 00007f1a6d547300 R15: 0000000000022000 [ 801.110226] [ 801.111247] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 801.111730] FAT-fs (loop4): Filesystem has been set read-only 19:25:17 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:17 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4842, 0x0) fallocate(r0, 0x0, 0x0, 0x87ffffc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x141042, 0x0) pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="02", 0x1}], 0x1, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ftruncate(r1, 0x10000) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) getdents(r0, &(0x7f0000000040)=""/70, 0x46) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004b3c0)) r3 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000000)={0x0, r1}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000300)) [ 801.188450] loop4: detected capacity change from 0 to 96 [ 801.193605] loop3: detected capacity change from 0 to 96 [ 801.209065] FAT-fs (loop4): invalid media value (0x00) [ 801.209739] FAT-fs (loop4): Can't find a valid FAT filesystem [ 801.209933] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 801.210997] FAT-fs (loop3): Filesystem has been set read-only 19:25:32 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0xcaca, 0x10, 0x3}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) 19:25:32 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4842, 0x0) fallocate(r0, 0x0, 0x0, 0x87ffffc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x141042, 0x0) pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="02", 0x1}], 0x1, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ftruncate(r1, 0x10000) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) getdents(r0, &(0x7f0000000040)=""/70, 0x46) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004b3c0)) r3 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000000)={0x0, r1}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000300)) 19:25:32 executing program 6: r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="c51bf717d32af1d147d435ef77cc60627f152277", 0x14, 0xfffffffffffffffc) r1 = add_key$keyring(&(0x7f0000000580), &(0x7f00000005c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) r2 = request_key(&(0x7f00000004c0)='user\x00', &(0x7f0000000500)={'syz', 0x0}, &(0x7f0000000540)='e355a76a11a1be18', r1) r3 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) r4 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, r3) keyctl$KEYCTL_MOVE(0x1e, r4, r3, r4, 0x0) r5 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) r6 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, r5) r7 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0, r3) add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f0000000100)={'fscrypt:', @desc2}, &(0x7f00000002c0)={0x0, "e9b5522ef670193625d6e8a3480e03832f4f57749b5b2fd7cfd1b6d7ccfaa17f8c5fc9038e82bca012554c79604a0b21978fc23cd608d3ce208e9855bd7b0bc0", 0x3a}, 0x48, r7) keyctl$KEYCTL_MOVE(0x1e, r6, r5, r6, 0x0) keyctl$KEYCTL_MOVE(0x1e, r0, r4, r6, 0x1) r8 = syz_io_uring_setup(0x66d, &(0x7f00000001c0)={0x0, 0xac04}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r9 = epoll_create(0x4) r10 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r10, &(0x7f0000000140)) r11 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000640)={'syz', 0x1}, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, r11, 0x0, r11, 0x0) keyctl$KEYCTL_MOVE(0x1e, r5, 0x0, r2, 0x0) dup2(r8, r9) 19:25:32 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x8500000000000000, 0x3) 19:25:32 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:32 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:32 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032", 0x59, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) (fail_nth: 3) [ 815.607768] loop4: detected capacity change from 0 to 96 [ 815.608302] loop3: detected capacity change from 0 to 96 [ 815.613790] FAULT_INJECTION: forcing a failure. [ 815.613790] name failslab, interval 1, probability 0, space 0, times 1 [ 815.614655] CPU: 1 PID: 6512 Comm: syz-executor.1 Not tainted 6.3.0-rc3-next-20230327 #1 [ 815.615195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 815.615737] Call Trace: [ 815.615921] [ 815.616084] dump_stack_lvl+0xc1/0xf0 [ 815.616355] should_fail_ex+0x4b4/0x5b0 [ 815.616660] ? __alloc_skb+0x28c/0x330 [ 815.616937] should_failslab+0x9/0x20 [ 815.617202] kmem_cache_alloc_node+0x5d/0x3a0 [ 815.617526] __alloc_skb+0x28c/0x330 [ 815.617792] ? __pfx___alloc_skb+0x10/0x10 [ 815.618099] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 815.618472] netlink_sendmsg+0x9ac/0xe40 [ 815.618764] ? __pfx_netlink_sendmsg+0x10/0x10 [ 815.619099] ? __pfx_netlink_sendmsg+0x10/0x10 [ 815.619421] sock_sendmsg+0x1b6/0x200 [ 815.619684] ____sys_sendmsg+0x74e/0x980 [ 815.619968] ? copy_msghdr_from_user+0xfc/0x150 [ 815.620294] ? __pfx_____sys_sendmsg+0x10/0x10 [ 815.620626] ? find_held_lock+0x2c/0x110 [ 815.620910] ? get_pid_task+0xec/0x250 [ 815.621189] ___sys_sendmsg+0x110/0x1b0 [ 815.621470] ? __pfx____sys_sendmsg+0x10/0x10 [ 815.621779] ? __fget_files+0x24e/0x480 [ 815.622054] ? __pfx_lock_release+0x10/0x10 [ 815.622355] ? lock_release+0x1e3/0x680 [ 815.622645] ? __fget_files+0x270/0x480 [ 815.622926] ? __fget_light+0xe5/0x280 [ 815.623195] __sys_sendmsg+0xf7/0x1d0 [ 815.623467] ? __pfx___sys_sendmsg+0x10/0x10 [ 815.623794] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 815.624155] ? syscall_enter_from_user_mode+0x21/0x50 [ 815.624531] do_syscall_64+0x3f/0x90 [ 815.624792] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 815.625147] RIP: 0033:0x7f1a6ffd1b19 [ 815.625400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 815.626579] RSP: 002b:00007f1a6d547188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 815.627294] RAX: ffffffffffffffda RBX: 00007f1a700e4f60 RCX: 00007f1a6ffd1b19 [ 815.627764] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 815.628237] RBP: 00007f1a6d5471d0 R08: 0000000000000000 R09: 0000000000000000 [ 815.628716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 815.629191] R13: 00007ffd0695353f R14: 00007f1a6d547300 R15: 0000000000022000 [ 815.629677] [ 815.635247] FAT-fs (loop4): invalid media value (0x00) [ 815.635662] FAT-fs (loop4): Can't find a valid FAT filesystem [ 815.636546] loop2: detected capacity change from 0 to 96 [ 815.656659] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 815.657575] FAT-fs (loop3): Filesystem has been set read-only 19:25:32 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0xffffff1f00000000, 0x3) 19:25:32 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 815.668623] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 815.669509] FAT-fs (loop2): Filesystem has been set read-only [ 815.714456] loop4: detected capacity change from 0 to 96 [ 815.721062] FAT-fs (loop4): invalid media value (0x00) [ 815.721433] FAT-fs (loop4): Can't find a valid FAT filesystem 19:25:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) (fail_nth: 4) 19:25:32 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032", 0x59, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:32 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0xffffff7f00000000, 0x3) 19:25:32 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251030000000000416600", 0x63, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:32 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000140)) dup2(r0, r1) 19:25:32 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 815.792368] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 815.822238] loop4: detected capacity change from 0 to 96 [ 815.850240] loop2: detected capacity change from 0 to 96 [ 815.853090] loop3: detected capacity change from 0 to 96 [ 815.874613] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 815.875520] FAT-fs (loop2): Filesystem has been set read-only 19:25:43 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {0x0, 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:43 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0xffffffff00000000, 0x3) 19:25:43 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032", 0x59, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:43 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) signalfd4(r1, &(0x7f0000000000)={[0x2]}, 0x8, 0x80000) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) 19:25:43 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4842, 0x0) fallocate(r0, 0x0, 0x0, 0x87ffffc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x141042, 0x0) pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="02", 0x1}], 0x1, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ftruncate(r1, 0x10000) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) getdents(r0, &(0x7f0000000040)=""/70, 0x46) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004b3c0)) r3 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000000)={0x0, r1}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000300)) 19:25:43 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:43 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) r5 = openat(r4, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r5, 0x5) readv(r5, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r7, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)={0x110, r6, 0x0, 0x70bd29, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x17e}, {0x6}, {0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}, {0x6}, {0x5}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8}, {0x6}, {0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x3}, {0x6, 0x16, 0x6}, {0x5}}]}, 0x110}}, 0x10) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r5, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x80, r6, 0x300, 0x70bd29, 0x25dfdbfb, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x7}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x1b6a}, {0x6, 0x11, 0x7}}]}, 0x80}, 0x1, 0x0, 0x0, 0x40800}, 0x44880) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)={0x1c, r1, 0x3ab, 0x0, 0x0, {{0x32}, {@void, @val={0x8, 0x3, r8}, @void}}}, 0x1c}}, 0x0) 19:25:43 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) (fail_nth: 5) [ 826.879964] loop3: detected capacity change from 0 to 96 [ 826.882973] loop4: detected capacity change from 0 to 96 [ 826.895498] loop2: detected capacity change from 0 to 96 [ 826.899905] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 826.900403] FAT-fs (loop3): Filesystem has been set read-only [ 826.910365] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 826.910844] FAT-fs (loop2): Filesystem has been set read-only 19:25:43 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0xfffffffffffff000, 0x3) 19:25:43 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) (fail_nth: 6) 19:25:43 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:43 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 826.989140] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:25:43 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {0x0, 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 827.011805] loop3: detected capacity change from 0 to 96 [ 827.023969] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 827.024464] FAT-fs (loop3): Filesystem has been set read-only 19:25:43 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) (fail_nth: 7) 19:25:43 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x2) 19:25:43 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000100), &(0x7f0000000280)) syz_io_uring_setup(0x9, &(0x7f00000007c0)={0x0, 0xb7a7, 0x20, 0x3, 0x189, 0x0, r0}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000840), &(0x7f0000000880)) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000240), 0x309100, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x300000c, 0x10, r1, 0x0) r2 = epoll_create(0x4) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) syz_io_uring_setup(0x1b3b, &(0x7f0000000640)={0x0, 0x69a3, 0x10, 0x1, 0x7e}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000006c0), &(0x7f0000000700)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000140)) r4 = dup2(r2, 0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_READY(r4, 0xc0189376, &(0x7f0000000740)={{0x1, 0x1, 0x18, r3, {0xd9d}}, './file0\x00'}) r6 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) fsmount(r6, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r5, 0xc0189375, &(0x7f0000000780)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r6, @ANYBLOB="00f29a1920696c662d03"]) io_uring_register$IORING_UNREGISTER_BUFFERS(r4, 0x1, 0x0, 0x0) vmsplice(r0, &(0x7f00000005c0)=[{&(0x7f0000000000)="ab00bdaaaed4caa56f8d039e24526d270950d2e6c5dbbfd0030f3de54b7253a3f21db6db3f495a22f48d34e2241707e4", 0x30}, {&(0x7f0000000040)="6b76870efcbc85d3aafc96a00f0fc2c31f0efb5cc8b4543acc80efd2861393b671cb082d6bf46fed9ff754e5b76642cce941e1d47c8894a989e7a8be22549a1446197b4c78869321dd493cd068fa8b3589f42607c796c2fd1dd58673e5e3839ad142647a51c7146d9bc1da2b8ea22b0c109f0146789485d2acb020b862713101507ca6638f61d81c", 0x88}, {&(0x7f00000002c0)="8bcbd503a09d8ac564c66674537b26f75ff7835f5c81f9a7a8f777fbd5ccb9a6d36d75a9c824323e71aeecbbaf3c97a3c8078a4fe15ac78eef0a6924c46a3079894fc8d41d8f6081775a20a38522f4786a650a063be86c743665c1cfed9fdfdad6081cabab51a97719b4d657f38a0f5c604fa75b398f359dd226e2335cf34e", 0x7f}, {&(0x7f0000000340)="4c5f3e814d339f627445be92b11e26673cb58dcb36a0aea52e980ad762d0c4bd21723be30562f73c8156e663c0e466afec34ae518bc48a6443b74802d6d9da837f8c549fddc47c95583984538085ed3c117b8065f91088c905bee3bb14b9bcd94fca762816", 0x65}, {&(0x7f00000003c0)="3b0d18a8c8dc854350055af2fb97cf01848f084db5fd0a9bcdc56f41c94991821828315dab795865a29e6818ebae1a6b1de8a23405c7ab900230bfede984f408497b73ebfb98293600fd7f68c8448dd6e0443c4a9ed70fbef572010d3f05597e7633655afbff01d8466fabb798c01a3a8924020d2a98c28437202836a6c6a8b94b1440283b53be5e43886fcc731091aedbc705ec002b0aa88060beca592d890f9fd56b26eaae633fab6d453d7d89bf2b3a78e33122c64fd168fa603ca000461e3231372e29d0f7cd0ef45800bec432fa4cbe", 0xd2}, {&(0x7f00000004c0)="138858cca310ee9ae5e77ef278996c19debdd84807f7cb27ebc1391b2be480ea2195fcfed49b8f6156d83d1e408a63abe63fcf6d063b41314327174128ac10fcad93eb851cee9bd3d01357952d19f0f574205e35e20c88bc15c218163a057a997ce153f0d7275c3ef375b12e1b0678ba79ac8f149c01015163d5bb1cb71634c62727cb620c0d1f690ebd225bb3f1ec6b573a81f0f7c27eb3a394ba5693afadd987cad6dce70d357dfc8680aedd9f28058a9046e394a221de4fbe1fb520e1facf0ec133070bada20ae5bf7e6a8b049d90c83394f861ba", 0xd6}], 0x6, 0x8) dup2(r0, r2) [ 827.043452] loop4: detected capacity change from 0 to 96 19:25:43 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 827.094936] FAULT_INJECTION: forcing a failure. [ 827.094936] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 827.095827] CPU: 1 PID: 6582 Comm: syz-executor.1 Not tainted 6.3.0-rc3-next-20230327 #1 [ 827.096369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 827.096929] Call Trace: [ 827.097119] [ 827.097282] dump_stack_lvl+0xc1/0xf0 [ 827.097566] should_fail_ex+0x4b4/0x5b0 [ 827.097862] copyin+0x19/0x120 [ 827.098111] _copy_from_iter+0x1d6/0x1140 [ 827.098406] ? __build_skb_around+0x276/0x3a0 [ 827.098721] ? __pfx__copy_from_iter+0x10/0x10 [ 827.099038] ? __pfx___alloc_skb+0x10/0x10 [ 827.099331] ? __netlink_dump_start+0x830/0x910 [ 827.099658] ? __virt_addr_valid+0x102/0x340 [ 827.099967] ? __check_object_size+0x3e4/0x860 [ 827.100289] netlink_sendmsg+0x880/0xe40 [ 827.100582] ? __pfx_netlink_sendmsg+0x10/0x10 [ 827.100919] ? __pfx_netlink_sendmsg+0x10/0x10 [ 827.101243] sock_sendmsg+0x1b6/0x200 [ 827.101518] ____sys_sendmsg+0x74e/0x980 [ 827.101801] ? copy_msghdr_from_user+0xfc/0x150 [ 827.102135] ? __pfx_____sys_sendmsg+0x10/0x10 [ 827.102457] ? find_held_lock+0x2c/0x110 [ 827.102742] ? get_pid_task+0xec/0x250 [ 827.103028] ___sys_sendmsg+0x110/0x1b0 [ 827.103308] ? __pfx____sys_sendmsg+0x10/0x10 [ 827.103639] ? __fget_files+0x24e/0x480 [ 827.103919] ? __pfx_lock_release+0x10/0x10 [ 827.104252] ? lock_release+0x1e3/0x680 [ 827.104538] ? __fget_files+0x270/0x480 [ 827.104840] ? __fget_light+0xe5/0x280 [ 827.105133] __sys_sendmsg+0xf7/0x1d0 [ 827.105429] ? __pfx___sys_sendmsg+0x10/0x10 [ 827.105776] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 827.106165] ? syscall_enter_from_user_mode+0x21/0x50 [ 827.106553] do_syscall_64+0x3f/0x90 [ 827.106820] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 827.107197] RIP: 0033:0x7f1a6ffd1b19 [ 827.107470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 827.108722] RSP: 002b:00007f1a6d547188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 827.109237] RAX: ffffffffffffffda RBX: 00007f1a700e4f60 RCX: 00007f1a6ffd1b19 [ 827.109741] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 827.110239] RBP: 00007f1a6d5471d0 R08: 0000000000000000 R09: 0000000000000000 [ 827.110735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 827.111236] R13: 00007ffd0695353f R14: 00007f1a6d547300 R15: 0000000000022000 [ 827.111745] [ 827.136435] loop3: detected capacity change from 0 to 96 [ 827.142948] loop2: detected capacity change from 0 to 96 [ 827.147780] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 827.148378] FAT-fs (loop3): Filesystem has been set read-only [ 827.186216] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 827.187179] FAT-fs (loop2): Filesystem has been set read-only 19:25:57 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032510300000000", 0x5f, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:57 executing program 0: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) r3 = openat(r2, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r3, 0x5) readv(r3, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) ioctl$PERF_EVENT_IOC_ID(r3, 0x80082407, &(0x7f0000000480)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x4}}, 0x0, 0x1, 0xffffffffffffffff, 0x0) r4 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) fsmount(r4, 0x0, 0x0) write(r4, &(0x7f0000001140)="7f604a84810f06ffa43f7bb4b9337fd241506ff3d31cfc5445cfd40560bf0ffed5fa4343225817353176c5176c1bc3f929b9bd388d45ae88234c3d849114c55f96b57c769a673c82ec7fb9dcf48be2a01521ac39c44804b88dcc1f92b8d7181e72b53c56ae8fc9a1f8466ed0e87a1b4e2082e32d43f5ee21eb1ee54296ce903d3ef616963a237347b4801c90433f966fe4a816", 0x93) r5 = clone3(&(0x7f00000004c0)={0x800000, 0x0, &(0x7f0000000240)=0x0, 0x0, {}, &(0x7f0000000340)=""/148, 0x94, &(0x7f0000000440)=""/1, 0x0}, 0x58) r7 = openat(0xffffffffffffffff, 0x0, 0x1c5042, 0x54) clone3(&(0x7f0000000640)={0x400880000, &(0x7f0000000040), &(0x7f0000000180), &(0x7f00000001c0)=0x0, {0x22}, &(0x7f0000000540)=""/209, 0xd1, &(0x7f0000000200)=""/64, &(0x7f0000000300)=[r5, r6, r5, r6, r6, r6, r6, 0x0], 0x8, {r7}}, 0x58) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r7, 0xc0189375, &(0x7f0000000400)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x1, 0x46, 0x5, 0x5, 0x0, 0x9, 0x40, 0x6, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x7fffffff, 0x4, @perf_bp={&(0x7f0000000000), 0x1}, 0xc2, 0xfffffffffffffffc, 0x4, 0x9, 0x8, 0x8, 0x2, 0x0, 0x8, 0x0, 0x5ed}, r8, 0x5, r9, 0x1) 19:25:57 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {0x0, 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:57 executing program 6: shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000eff000/0x4000)=nil, 0xd000) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmat(0x0, &(0x7f0000ff3000/0x4000)=nil, 0x4000) shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000140)=""/237) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) finit_module(r0, 0x0, 0x0) r1 = openat2(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x1b}, 0x18) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ff8000/0x4000)=nil) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0xcf3caed3d8c7cb92) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0xff, 0x2, 0x0, 0xd, 0x0, 0x2, 0x100a, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x1, @perf_config_ext={0x67f5, 0x1}, 0x4000, 0x4000, 0x3, 0x5, 0x2e77, 0xaf7d, 0x36d9, 0x0, 0xfffffffa, 0x0, 0x7}, 0x0, 0x1, r1, 0x2) shmat(0x0, &(0x7f0000ff7000/0x8000)=nil, 0x1000) shmctl$SHM_STAT_ANY(r2, 0xf, &(0x7f0000000340)=""/95) shmctl$IPC_RMID(r2, 0x0) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x20001, 0x0) openat2(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x1c8002, 0x22, 0x4}, 0x18) ioctl$SNAPSHOT_FREE(r3, 0x3305) r4 = shmget$private(0x0, 0x3000, 0x400, &(0x7f0000ff2000/0x3000)=nil) shmctl$IPC_RMID(r4, 0x0) 19:25:57 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) (fail_nth: 8) 19:25:57 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:57 executing program 5: r0 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)={0x68, r0, 0x400, 0x70bd26, 0x25dfdbff, {{}, {}, {0x4c, 0x18, {0x34, @media='udp\x00'}}}, ["", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r1 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r2 = epoll_create(0x4) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000140)) fcntl$F_GET_FILE_RW_HINT(r2, 0x40d, &(0x7f0000000380)) r4 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) openat(r5, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) r6 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) r7 = fsmount(r6, 0x0, 0x0) r8 = openat(r7, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r8, 0x5) readv(r8, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) sendfile(r7, r8, &(0x7f0000001140)=0x80000000401, 0x7ff) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r5, 0x8010661b, &(0x7f0000000000)) dup2(r1, r2) 19:25:57 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0xb) [ 840.538266] random: crng reseeded on system resumption [ 840.542989] loop2: detected capacity change from 0 to 96 [ 840.552175] Restarting kernel threads ... done. [ 840.582927] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 840.583906] FAT-fs (loop2): Filesystem has been set read-only [ 840.589317] loop3: detected capacity change from 0 to 96 [ 840.595681] loop4: detected capacity change from 0 to 96 [ 840.598024] random: crng reseeded on system resumption [ 840.606783] FAULT_INJECTION: forcing a failure. [ 840.606783] name failslab, interval 1, probability 0, space 0, times 0 [ 840.608376] CPU: 1 PID: 6621 Comm: syz-executor.1 Not tainted 6.3.0-rc3-next-20230327 #1 [ 840.609431] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 840.610477] Call Trace: [ 840.610827] [ 840.611136] dump_stack_lvl+0xc1/0xf0 [ 840.611665] should_fail_ex+0x4b4/0x5b0 [ 840.612239] should_failslab+0x9/0x20 [ 840.612759] __kmem_cache_alloc_node+0x5b/0x310 [ 840.613413] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290 [ 840.614293] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290 [ 840.615168] __kmalloc+0x4a/0x160 [ 840.615665] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290 [ 840.616515] ? genl_cmd_full_to_split+0x371/0x660 [ 840.617202] genl_family_rcv_msg_doit.isra.0+0x9f/0x2e0 [ 840.617925] ? __pfx_genl_family_rcv_msg_doit.isra.0+0x10/0x10 [ 840.618725] ? cap_capable+0x1be/0x220 [ 840.619262] ? security_capable+0x99/0xc0 [ 840.619855] ? ns_capable+0xe4/0x120 [ 840.620388] genl_rcv_msg+0x503/0x7e0 [ 840.620947] ? __pfx_genl_rcv_msg+0x10/0x10 [ 840.621546] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 840.622184] ? __pfx_nl80211_connect+0x10/0x10 [ 840.622815] ? __pfx_nl80211_post_doit+0x10/0x10 [ 840.623471] ? lock_acquire+0x19a/0x4c0 [ 840.624036] ? __create_object+0x3ee/0xc90 [ 840.624628] netlink_rcv_skb+0x15d/0x450 [ 840.625215] ? __pfx_genl_rcv_msg+0x10/0x10 [ 840.625822] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 840.626457] ? lock_acquire+0x19a/0x4c0 [ 840.627064] genl_rcv+0x28/0x40 [ 840.627533] netlink_unicast+0x552/0x800 [ 840.628117] ? __pfx_netlink_unicast+0x10/0x10 [ 840.628751] ? __virt_addr_valid+0x102/0x340 [ 840.629384] netlink_sendmsg+0x923/0xe40 [ 840.629961] ? __pfx_netlink_sendmsg+0x10/0x10 [ 840.630615] ? __pfx_netlink_sendmsg+0x10/0x10 [ 840.631261] sock_sendmsg+0x1b6/0x200 [ 840.631791] ____sys_sendmsg+0x74e/0x980 [ 840.632353] ? copy_msghdr_from_user+0xfc/0x150 [ 840.633006] ? __pfx_____sys_sendmsg+0x10/0x10 [ 840.633644] ? find_held_lock+0x2c/0x110 [ 840.634204] ? get_pid_task+0xec/0x250 [ 840.634758] ___sys_sendmsg+0x110/0x1b0 [ 840.635324] ? __pfx____sys_sendmsg+0x10/0x10 [ 840.635947] ? __fget_files+0x24e/0x480 [ 840.636497] ? __pfx_lock_release+0x10/0x10 [ 840.637116] ? lock_release+0x1e3/0x680 [ 840.637688] ? __fget_files+0x270/0x480 [ 840.638244] ? __fget_light+0xe5/0x280 [ 840.638791] __sys_sendmsg+0xf7/0x1d0 [ 840.639338] ? __pfx___sys_sendmsg+0x10/0x10 [ 840.639986] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 840.640706] ? syscall_enter_from_user_mode+0x21/0x50 [ 840.641438] do_syscall_64+0x3f/0x90 [ 840.641958] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 840.642656] RIP: 0033:0x7f1a6ffd1b19 [ 840.643149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 840.645503] RSP: 002b:00007f1a6d547188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 840.646501] RAX: ffffffffffffffda RBX: 00007f1a700e4f60 RCX: 00007f1a6ffd1b19 [ 840.647448] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 840.648384] RBP: 00007f1a6d5471d0 R08: 0000000000000000 R09: 0000000000000000 [ 840.649337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 840.650271] R13: 00007ffd0695353f R14: 00007f1a6d547300 R15: 0000000000022000 [ 840.651231] 19:25:57 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:57 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300), 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:57 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x10) 19:25:57 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:57 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) syz_io_uring_setup(0x456c, &(0x7f0000000000)={0x0, 0x4461, 0x1, 0x2, 0x19c, 0x0, r0}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) dup2(r0, r1) 19:25:57 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp, 0x0, 0x8, 0x0, 0x0, 0x6dc8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = gettid() sendmsg$unix(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000800)="84", 0x8ec0}], 0xc0, &(0x7f0000000600)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="006900001c00000000000000010000000200000044c0bd2cad621ba1bfae9c33dc15c57e91fd4ea5fb84ca2f7e9e4b9c015d6b870726bb6966e1f449007139ca732d1c0a503b8c15906e6f2a1657f279bffcf706b410bec66102506aa100857fbc59e33e15eb91eea079eed9cc286223716de29c68c8acf515659f39bf7dd1c1cd7560bf9493d5a389f75707084db4b3be273208fa1abca9f19e6386f731dca4ac4afa7c7d2f6181c3a82ab280966303e7c4740cd0f691235eb059bfa4e447be35599b77bc03e067ed2eebda6bb58b12f173863eb2693181dc6a18edeef9cf35f8f9baf8a06354f38427b79246f668da62490dde5fa5711f4899af0db2195d3f889c659ad4ded2db7d0f93bedfd1935cd9edd43b41cc1fd1e1c695b416b4d837ad6d43d2c54a2c3c", @ANYRES32=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x38}, 0x0) perf_event_open(&(0x7f0000000380)={0x3, 0x80, 0x3, 0x40, 0x6, 0x7f, 0x0, 0x5, 0x80000, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_config_ext={0x52}, 0x44002, 0x6, 0x5, 0x6, 0x5, 0x8001, 0x1f, 0x0, 0x3, 0x0, 0x4}, r2, 0x2, 0xffffffffffffffff, 0xb) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r3, &(0x7f0000000200)='E', 0x140000) setresuid(0x0, 0x0, 0x0) getegid() ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000400)) perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x7f, 0x5, 0x9, 0x1f, 0x0, 0xa4, 0x4008, 0x6, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0, 0x4}, 0x6a00, 0x8, 0x5, 0x0, 0x100, 0x2, 0x840, 0x0, 0x701, 0x0, 0x1}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x2) [ 840.806558] loop2: detected capacity change from 0 to 96 [ 840.839346] loop4: detected capacity change from 0 to 96 [ 840.843735] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 840.844673] FAT-fs (loop2): Filesystem has been set read-only [ 840.853530] loop3: detected capacity change from 0 to 96 19:25:57 executing program 6: writev(0xffffffffffffffff, &(0x7f0000001540)=[{&(0x7f0000000540)="f749bafb8b39f4b9bdd161c2492c9772954292c75d88febde96ce2c9238d10d8d0a196662d09dfc8a638977a576b72dc76e0f496255670fa243c2d4bb674a1319ab5760e0466bbd32a03ae3802f6d1f95944521cf76f782c3137a4d022f4986240a60cc7f1d98f7bc3654c3e2465bc14f01b079acd5b6889057f5deaf0affa467c7605881daff535364db13b183e885e2b5a9cd3e5e936b4614ef83155d7168ee989f067a08615313ea24315227184b0c1313686ad794488adf3f2ea80b876fbcc069e346c9f483c526359cf465a225ba25f7893aaf996b937d57b9c7d0da8f29a6f00387a55afeca7d19fed28d2985c89f93d6b1e0688752642096929cd76cdd28bcaddbd031efaa032c60973ae195aea48cc3c8e8d118e17eb68abec5bfb7e25d96b533c98c06fcc1888981c9fbb89ee80ac15f21d346777ebc7239e441d4e6484a795c3b4bd19995377364c4b6b0282b414cd6a4135c8b0675847e2ade3bb1353a455911b9bf4510e3b21315f76ad5091fa43bb736b0abce893fc21d40399fe63a9f5c62e1682059c9203b487f1ba25975db56aa28bf56423a943666c80758e1712cf94a8ad9c7bb653057758698310b1a687aff8c4dbff71e57917245ed4b4ca74e582da7e71d7407cc77421e134087cd98eda7f829bf0715016e0b6fbf601e0143963bd73980b93ed3c1ef13ef17518a6ec6752ca106e3e6fa2ad81d2d96f13433dcd6e17ceb3995147e1b74b5dc76350ee416b9c8ca1be34ce60cccff41acfa3055b426f76710c07189f745079eec7c9603ef1a0666de705dfa9bf19c4421a563dc4463e3d5fac08eb5a5854adef9cad3d01cd27b0536eb25199b27f624b3cb0a0075efaf299112aa174791f79fea61a01de8fd9846133d85eae4137474fe7f8274d9b3c12425362ea6894b1797af2f9cf4c37283bbf33e7487755b88b6f9ca5611c2675b5f8125cac393865da", 0x2b0}], 0x1) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="a4020000", @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="8502330050000000080211000001080211000000505050505050"], 0x2a4}}, 0x0) r4 = pidfd_getfd(0xffffffffffffffff, r0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r7, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="e200330008"], 0x100}}, 0x0) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r4, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x30, r7, 0x200, 0x70bd25, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x3}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x22a}]]}, 0x30}, 0x1, 0x0, 0x0, 0x2}, 0x40040) 19:25:57 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) sync_file_range(r1, 0x4, 0x10000, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) 19:25:57 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x8000, &(0x7f0000000040)=0x1, 0x9, 0x0) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mbind(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8003, &(0x7f0000000000)=0x7, 0x7ff, 0x1) 19:25:57 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) (fail_nth: 9) 19:25:57 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:25:57 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300), 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 841.017086] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 841.033968] loop4: detected capacity change from 0 to 96 19:26:09 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300), 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:09 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7", 0x57, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:09 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp, 0x0, 0x8, 0x0, 0x0, 0x6dc8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = gettid() sendmsg$unix(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000800)="84", 0x8ec0}], 0xc0, &(0x7f0000000600)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="006900001c00000000000000010000000200000044c0bd2cad621ba1bfae9c33dc15c57e91fd4ea5fb84ca2f7e9e4b9c015d6b870726bb6966e1f449007139ca732d1c0a503b8c15906e6f2a1657f279bffcf706b410bec66102506aa100857fbc59e33e15eb91eea079eed9cc286223716de29c68c8acf515659f39bf7dd1c1cd7560bf9493d5a389f75707084db4b3be273208fa1abca9f19e6386f731dca4ac4afa7c7d2f6181c3a82ab280966303e7c4740cd0f691235eb059bfa4e447be35599b77bc03e067ed2eebda6bb58b12f173863eb2693181dc6a18edeef9cf35f8f9baf8a06354f38427b79246f668da62490dde5fa5711f4899af0db2195d3f889c659ad4ded2db7d0f93bedfd1935cd9edd43b41cc1fd1e1c695b416b4d837ad6d43d2c54a2c3c", @ANYRES32=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x38}, 0x0) perf_event_open(&(0x7f0000000380)={0x3, 0x80, 0x3, 0x40, 0x6, 0x7f, 0x0, 0x5, 0x80000, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_config_ext={0x52}, 0x44002, 0x6, 0x5, 0x6, 0x5, 0x8001, 0x1f, 0x0, 0x3, 0x0, 0x4}, r2, 0x2, 0xffffffffffffffff, 0xb) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r3, &(0x7f0000000200)='E', 0x140000) setresuid(0x0, 0x0, 0x0) getegid() ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000400)) perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x7f, 0x5, 0x9, 0x1f, 0x0, 0xa4, 0x4008, 0x6, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0, 0x4}, 0x6a00, 0x8, 0x5, 0x0, 0x100, 0x2, 0x840, 0x0, 0x701, 0x0, 0x1}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x2) 19:26:09 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmat(r0, &(0x7f0000ffb000/0x2000)=nil, 0x2000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:26:09 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:09 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="756948437f2f122204dd46a5800dc5206d388239fbcde89df58ae8c5fc55f47f0d420c94b1164ed2d8b2f87df5c054c735f92de7ea8d1da26ef449d826d161a13ce6", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) 19:26:09 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) ioctl$sock_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000000000)) 19:26:09 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) (fail_nth: 10) [ 852.818892] loop4: detected capacity change from 0 to 96 [ 852.827272] loop2: detected capacity change from 0 to 96 [ 852.840590] loop3: detected capacity change from 0 to 96 [ 852.849212] FAT-fs (loop2): invalid media value (0x00) [ 852.849905] FAT-fs (loop2): Can't find a valid FAT filesystem [ 852.855098] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 852.860558] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 852.861659] FAT-fs (loop3): Filesystem has been set read-only [ 852.865777] FAULT_INJECTION: forcing a failure. [ 852.865777] name failslab, interval 1, probability 0, space 0, times 0 [ 852.868228] CPU: 1 PID: 6683 Comm: syz-executor.1 Not tainted 6.3.0-rc3-next-20230327 #1 [ 852.869233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 852.870211] Call Trace: [ 852.870533] [ 852.870822] dump_stack_lvl+0xc1/0xf0 [ 852.871314] should_fail_ex+0x4b4/0x5b0 [ 852.871854] ? __alloc_skb+0x28c/0x330 [ 852.872354] should_failslab+0x9/0x20 [ 852.872834] kmem_cache_alloc_node+0x5d/0x3a0 [ 852.873423] ? __pfx_nl80211_post_doit+0x10/0x10 [ 852.874031] __alloc_skb+0x28c/0x330 [ 852.874513] ? __pfx___alloc_skb+0x10/0x10 [ 852.875059] ? ns_capable+0xe4/0x120 [ 852.875552] netlink_ack+0x35e/0x1370 [ 852.876074] ? __pfx_genl_rcv_msg+0x10/0x10 [ 852.876635] ? __pfx_netlink_ack+0x10/0x10 [ 852.877191] ? lock_acquire+0x19a/0x4c0 [ 852.877705] ? __create_object+0x3ee/0xc90 [ 852.878244] netlink_rcv_skb+0x35a/0x450 [ 852.878768] ? __pfx_genl_rcv_msg+0x10/0x10 [ 852.879326] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 852.879904] ? lock_acquire+0x19a/0x4c0 [ 852.880453] genl_rcv+0x28/0x40 [ 852.880890] netlink_unicast+0x552/0x800 [ 852.881420] ? __pfx_netlink_unicast+0x10/0x10 [ 852.881996] ? __virt_addr_valid+0x102/0x340 [ 852.882578] netlink_sendmsg+0x923/0xe40 [ 852.883103] ? __pfx_netlink_sendmsg+0x10/0x10 [ 852.883704] ? __pfx_netlink_sendmsg+0x10/0x10 [ 852.884286] sock_sendmsg+0x1b6/0x200 [ 852.884767] ____sys_sendmsg+0x74e/0x980 [ 852.885298] ? copy_msghdr_from_user+0xfc/0x150 [ 852.885909] ? __pfx_____sys_sendmsg+0x10/0x10 [ 852.886490] ? find_held_lock+0x2c/0x110 [ 852.886999] ? get_pid_task+0xec/0x250 [ 852.887510] ___sys_sendmsg+0x110/0x1b0 [ 852.888029] ? __pfx____sys_sendmsg+0x10/0x10 [ 852.888602] ? __fget_files+0x24e/0x480 [ 852.889145] ? __pfx_lock_release+0x10/0x10 [ 852.889704] ? lock_release+0x1e3/0x680 [ 852.890227] ? __fget_files+0x270/0x480 [ 852.890740] ? __fget_light+0xe5/0x280 [ 852.891250] __sys_sendmsg+0xf7/0x1d0 [ 852.891745] ? __pfx___sys_sendmsg+0x10/0x10 [ 852.892346] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 852.892997] ? syscall_enter_from_user_mode+0x21/0x50 [ 852.893675] do_syscall_64+0x3f/0x90 [ 852.894144] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 852.894794] RIP: 0033:0x7f1a6ffd1b19 [ 852.895252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 852.897377] RSP: 002b:00007f1a6d547188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 852.898282] RAX: ffffffffffffffda RBX: 00007f1a700e4f60 RCX: 00007f1a6ffd1b19 [ 852.899131] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 852.899972] RBP: 00007f1a6d5471d0 R08: 0000000000000000 R09: 0000000000000000 [ 852.900817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 852.901680] R13: 00007ffd0695353f R14: 00007f1a6d547300 R15: 0000000000022000 [ 852.902560] 19:26:09 executing program 7: ioctl$BTRFS_IOC_QGROUP_LIMIT(0xffffffffffffffff, 0x8030942b, &(0x7f0000000000)={0x6000, {0xa, 0x80000001, 0x7, 0x7, 0x7}}) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:26:09 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:09 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:09 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) r3 = openat$cgroup_freezer_state(r2, &(0x7f0000000000), 0x2, 0x0) ioctl$TIOCGWINSZ(r2, 0x5413, &(0x7f0000000080)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000040)={0x1000200c}) dup2(r0, r1) 19:26:09 executing program 6: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) ioctl$sock_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000000000)) 19:26:09 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7", 0x57, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 853.023815] loop2: detected capacity change from 0 to 96 [ 853.035565] FAT-fs (loop2): invalid media value (0x00) [ 853.036293] FAT-fs (loop2): Can't find a valid FAT filesystem [ 853.077559] loop4: detected capacity change from 0 to 96 [ 853.083786] loop3: detected capacity change from 0 to 96 [ 853.104804] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 853.105832] FAT-fs (loop3): Filesystem has been set read-only 19:26:09 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 853.206451] loop2: detected capacity change from 0 to 96 19:26:22 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) (fail_nth: 11) 19:26:22 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240)=0x0, &(0x7f0000000280)) r2 = epoll_create(0x4) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000140)) r4 = dup2(r0, r2) syz_io_uring_setup(0xfa7, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/ahci', 0x40840, 0x130) io_uring_register$IORING_REGISTER_PROBE(r7, 0x8, &(0x7f00000002c0)={0x0, 0x0, 0x0, '\x00', [{}, {}, {}]}, 0x3) syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x4, 0x0}, 0x0) syz_io_uring_submit(r1, r6, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x3, 0x0, @fd_index, 0x0, 0x0, 0x8, 0x2, 0x0, {0x0, 0x0, r4}}, 0x7) 19:26:22 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:22 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:22 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7", 0x57, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:22 executing program 7: shmat(0x0, &(0x7f0000ffa000/0x4000)=nil, 0x7000) shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x4000)=nil, 0x0) shmctl$SHM_STAT_ANY(0xffffffffffffffff, 0xf, &(0x7f0000000000)=""/22) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) stat(&(0x7f0000000240)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='comm\x00') setresuid(0x0, r2, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000040), 0x6e, &(0x7f0000000580)=[{&(0x7f00000000c0)=""/134, 0x86}, {&(0x7f0000000180)=""/253, 0xfd}, {&(0x7f0000000280)=""/10, 0xa}, {&(0x7f0000000380)=""/140, 0x8c}, {&(0x7f00000002c0)}, {&(0x7f0000000440)=""/62, 0x3e}, {&(0x7f0000000480)=""/242, 0xf2}], 0x7, &(0x7f0000000600)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}], 0x20}, 0x22) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000680)={0x0}, &(0x7f00000006c0)=0xc) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000700)={{0x1, 0xee01, 0x0, r2, r3, 0x100, 0x2}, 0x3, 0x0, 0x56, 0x8, 0xffffffffffffffff, r4, 0x1}) shmat(r0, &(0x7f0000ffe000/0x1000)=nil, 0x2000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:26:22 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x101042, 0xa0) r1 = openat$incfs(r0, &(0x7f0000000040)='.pending_reads\x00', 0x100, 0x8) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) fsmount(r2, 0x0, 0x0) sendfile(r1, r2, &(0x7f0000000080), 0x0) faccessat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1) 19:26:22 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {0x0, 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 865.643854] loop6: detected capacity change from 0 to 96 [ 865.674216] loop3: detected capacity change from 0 to 96 [ 865.681114] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 865.695714] loop4: detected capacity change from 0 to 96 [ 865.714940] loop2: detected capacity change from 0 to 96 [ 865.719856] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 865.720831] FAT-fs (loop3): Filesystem has been set read-only 19:26:22 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) (fail_nth: 12) 19:26:22 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:22 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x8000000}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'}) r4 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) r6 = openat(r5, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r6, 0x5) readv(r6, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r6, &(0x7f00000000c0)={0x20000002}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) ioctl$BTRFS_IOC_INO_PATHS(r0, 0xc0389423, &(0x7f0000000040)={0x8000, 0x30, [0x3f, 0x4, 0x6, 0xfffffffffffffff8], &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) dup2(r0, r1) 19:26:22 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:22 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {0x0, 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:22 executing program 0: mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x13, 0xffffffffffffffff, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x9, 0x4, 0x0, 0xfd, 0x0, 0x2, 0x2020, 0x6, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8, 0x4, @perf_config_ext={0x58, 0x2}, 0x310, 0xdb, 0x5, 0x8, 0x80, 0xff, 0x7, 0x0, 0x912, 0x0, 0x400}, 0x0, 0xe, r1, 0x1) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fchown(r2, 0xffffffffffffffff, 0x0) r3 = syz_io_uring_setup(0xfa7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) r6 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r6, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000004, 0x40010, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x6, 0x8010, r3, 0x10000000) syz_io_uring_setup(0xfa7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000000)) fgetxattr(r6, &(0x7f0000000200)=@known='trusted.overlay.opaque\x00', &(0x7f0000000240)=""/56, 0x38) socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_setup(0x101, &(0x7f0000000180)={0x0, 0x3b90, 0x8, 0x3}, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)) 19:26:22 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032", 0x59, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 865.883517] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 865.897139] loop6: detected capacity change from 0 to 96 [ 865.933492] loop3: detected capacity change from 0 to 96 19:26:22 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x100, 0x0, 0x2) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r2, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r2, 0x0) [ 865.946724] loop2: detected capacity change from 0 to 96 [ 865.949964] loop4: detected capacity change from 0 to 96 [ 865.967469] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 865.968368] FAT-fs (loop3): Filesystem has been set read-only 19:26:34 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530", 0x45, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:34 executing program 0: mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x13, 0xffffffffffffffff, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x9, 0x4, 0x0, 0xfd, 0x0, 0x2, 0x2020, 0x6, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8, 0x4, @perf_config_ext={0x58, 0x2}, 0x310, 0xdb, 0x5, 0x8, 0x80, 0xff, 0x7, 0x0, 0x912, 0x0, 0x400}, 0x0, 0xe, r1, 0x1) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fchown(r2, 0xffffffffffffffff, 0x0) r3 = syz_io_uring_setup(0xfa7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) r6 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r6, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000004, 0x40010, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x6, 0x8010, r3, 0x10000000) syz_io_uring_setup(0xfa7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000000)) fgetxattr(r6, &(0x7f0000000200)=@known='trusted.overlay.opaque\x00', &(0x7f0000000240)=""/56, 0x38) socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_setup(0x101, &(0x7f0000000180)={0x0, 0x3b90, 0x8, 0x3}, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)) 19:26:34 executing program 7: sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000090}, 0x40000) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x7000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x2, 0x3) [ 877.670109] loop2: detected capacity change from 0 to 96 [ 877.678763] loop6: detected capacity change from 0 to 96 [ 877.680102] loop3: detected capacity change from 0 to 96 [ 877.683198] loop4: detected capacity change from 0 to 96 [ 877.686593] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:26:34 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {0x0, 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:34 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032", 0x59, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:34 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(r2, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r3, 0x3309) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) 19:26:34 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:34 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) (fail_nth: 13) [ 877.697908] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 877.698452] FAT-fs (loop3): Filesystem has been set read-only 19:26:34 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) (fail_nth: 14) 19:26:34 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530", 0x45, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:34 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032", 0x59, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:34 executing program 6: openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 877.783887] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 877.785211] FAULT_INJECTION: forcing a failure. [ 877.785211] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 877.786583] CPU: 1 PID: 6782 Comm: syz-executor.1 Not tainted 6.3.0-rc3-next-20230327 #1 [ 877.787490] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 877.788392] Call Trace: [ 877.788700] [ 877.788974] dump_stack_lvl+0xc1/0xf0 [ 877.789441] should_fail_ex+0x4b4/0x5b0 [ 877.789932] _copy_to_user+0x2e/0x150 [ 877.790389] simple_read_from_buffer+0xd0/0x170 [ 877.790951] proc_fail_nth_read+0x19c/0x230 [ 877.791456] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 877.792016] ? security_file_permission+0xb5/0xe0 [ 877.792589] vfs_read+0x260/0x940 [ 877.793019] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 877.793592] ? __pfx_vfs_read+0x10/0x10 [ 877.794066] ? __fget_light+0xe5/0x280 [ 877.794542] ? __fget_files+0x270/0x480 [ 877.795038] ksys_read+0x12b/0x260 [ 877.795487] ? __pfx_ksys_read+0x10/0x10 [ 877.795985] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 877.796637] do_syscall_64+0x3f/0x90 [ 877.797088] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 877.797709] RIP: 0033:0x7f1a6ff8469c [ 877.798149] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 877.800137] RSP: 002b:00007f1a6d547170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 877.801006] RAX: ffffffffffffffda RBX: 000000000000003c RCX: 00007f1a6ff8469c [ 877.801815] RDX: 000000000000000f RSI: 00007f1a6d5471e0 RDI: 0000000000000004 [ 877.802611] RBP: 00007f1a6d5471d0 R08: 0000000000000000 R09: 0000000000000000 [ 877.803405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 877.804210] R13: 00007ffd0695353f R14: 00007f1a6d547300 R15: 0000000000022000 [ 877.805043] 19:26:34 executing program 5: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r2, 0x5) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) r3 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r4 = epoll_create(0x4) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000140)) dup2(r3, r4) 19:26:34 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300), 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:34 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffd000/0x3000)=nil) [ 877.842127] loop4: detected capacity change from 0 to 96 [ 877.872677] loop2: detected capacity change from 0 to 96 [ 877.881947] loop3: detected capacity change from 0 to 96 [ 877.902113] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 877.903079] FAT-fs (loop3): Filesystem has been set read-only 19:26:34 executing program 6: openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:34 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530", 0x45, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 878.043035] loop4: detected capacity change from 0 to 96 19:26:47 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:26:47 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x100, 0x0, 0x2) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r2, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r2, 0x0) 19:26:47 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300), 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:47 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770", 0x50, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:47 executing program 6: openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:47 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) 19:26:47 executing program 7: r0 = fsmount(0xffffffffffffffff, 0x1, 0x1) stat(&(0x7f0000000240)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0xdf, 0x7f, 0x7f, 0x81, 0x0, 0x7, 0x800, 0x3, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_bp={&(0x7f0000000180), 0x1}, 0x10, 0x3, 0x902, 0x6, 0x4, 0xffffffff, 0x7, 0x0, 0x5, 0x0, 0x1400000000000000}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x804, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="2c77f3b1a25302", @ANYRESHEX, @ANYBLOB=',privport,posixacl,cache=none,cache=mmap,defcontext=unconfined_u,obj_role=$/[@*]\\(,fsuuid=51b633br-5867-bab3-31c7-4a97b4b7,rootcontext=root,uid<', @ANYRESDEC=r1, @ANYBLOB=',subj_role=&+,\x00']) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000300)=0x2, 0x7, 0x6) [ 891.298679] loop2: detected capacity change from 0 to 96 19:26:47 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 891.309795] loop4: detected capacity change from 0 to 96 [ 891.316338] loop3: detected capacity change from 0 to 96 [ 891.323035] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 891.323532] FAT-fs (loop3): Filesystem has been set read-only [ 891.327128] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 891.340791] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 891.341798] FAT-fs (loop4): Filesystem has been set read-only 19:26:47 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300), 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:47 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x100, 0x0, 0x2) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r2, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r2, 0x0) 19:26:47 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:26:47 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 891.413301] loop2: detected capacity change from 0 to 96 [ 891.420139] loop6: detected capacity change from 0 to 96 19:26:47 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770", 0x50, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 891.476826] loop4: detected capacity change from 0 to 96 [ 891.480964] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 891.494217] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 891.495261] FAT-fs (loop4): Filesystem has been set read-only [ 904.036837] loop4: detected capacity change from 0 to 96 19:27:00 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770", 0x50, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:00 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:00 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x3}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)=0x0) r2 = epoll_create(0x4) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000002, 0x13, r4, 0x0) syz_memcpy_off$IO_URING_METADATA_FLAGS(r5, 0x0, &(0x7f0000000000), 0x0, 0x4) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r1, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1, r6}}, 0xfffffffb) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000140)) dup2(r0, r2) 19:27:00 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:00 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x100, 0x0, 0x2) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r2, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r2, 0x0) 19:27:00 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:00 executing program 7: shmat(0xffffffffffffffff, &(0x7f0000ffb000/0x2000)=nil, 0x1000) r0 = shmget$private(0x0, 0x3000, 0x8, &(0x7f0000ff7000/0x3000)=nil) shmctl$IPC_RMID(r0, 0x0) mremap(&(0x7f0000ff9000/0x7000)=nil, 0x7000, 0x4000, 0x3, &(0x7f0000ffc000/0x4000)=nil) mremap(&(0x7f0000ff9000/0x7000)=nil, 0x7000, 0x4000, 0x3, &(0x7f0000ff9000/0x4000)=nil) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r2, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r2, 0xb) shmat(r2, &(0x7f0000ff9000/0x1000)=nil, 0x1000) shmctl$SHM_LOCK(r1, 0xb) shmctl$IPC_RMID(r1, 0x0) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(0x0, 0xb) shmctl$IPC_RMID(0x0, 0x0) syz_io_uring_setup(0x25e8, &(0x7f0000000000)={0x0, 0xf840, 0x2, 0x0, 0x2fa}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x1) sigaltstack(&(0x7f0000ff6000/0x8000)=nil, 0x0) 19:27:00 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x2, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 904.062508] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 904.063036] FAT-fs (loop4): Filesystem has been set read-only [ 904.076173] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:27:00 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000", 0x56, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 904.086698] loop3: detected capacity change from 0 to 96 [ 904.092299] loop2: detected capacity change from 0 to 96 [ 904.103364] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 904.103868] FAT-fs (loop3): Filesystem has been set read-only [ 904.106766] loop6: detected capacity change from 0 to 96 19:27:00 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x3, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 904.148404] loop4: detected capacity change from 0 to 96 19:27:00 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:00 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 904.157417] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 904.157986] FAT-fs (loop4): Filesystem has been set read-only [ 904.175967] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:27:00 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000", 0x56, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:00 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x4, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:27:00 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 904.211055] loop4: detected capacity change from 0 to 96 [ 904.225588] loop3: detected capacity change from 0 to 96 19:27:00 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x100, 0x0, 0x2) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r2, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$IPC_RMID(r2, 0x0) 19:27:00 executing program 5: r0 = getpgrp(0xffffffffffffffff) setpriority(0x1, r0, 0x0) r1 = syz_io_uring_setup(0x650f, &(0x7f0000000000)={0x0, 0x0, 0x20, 0x0, 0x130c}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r2 = epoll_create(0x4) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000140)) dup2(r1, r2) [ 904.242393] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 904.242857] FAT-fs (loop4): Filesystem has been set read-only [ 904.255996] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 904.256472] FAT-fs (loop3): Filesystem has been set read-only [ 904.259331] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 904.266350] loop2: detected capacity change from 0 to 96 [ 904.282990] loop6: detected capacity change from 0 to 96 19:27:00 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000", 0x56, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:00 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 904.332632] loop4: detected capacity change from 0 to 96 [ 904.336726] loop3: detected capacity change from 0 to 96 [ 904.343400] FAT-fs (loop3): invalid media value (0x00) [ 904.343810] FAT-fs (loop3): Can't find a valid FAT filesystem [ 904.346049] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 904.346563] FAT-fs (loop4): Filesystem has been set read-only 19:27:13 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032", 0x59, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:13 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:13 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:13 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:13 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x5, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:27:13 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x100, 0x0, 0x2) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r2, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$IPC_RMID(r2, 0x0) 19:27:13 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) r5 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r7 = mq_open(&(0x7f0000000000)='@\x00', 0xc1, 0xb2, &(0x7f0000000040)={0xa554, 0x7, 0x8001, 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r7, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r7, 0x5000943f, &(0x7f0000000500)={{}, r8, 0x12, @inherit={0xfffffffffffffe4c, &(0x7f0000002940)=ANY=[@ANYBLOB="010000000000000003000000000000000500000000000000ffffffff00000000285d5c0aad000000000000000000000000000000e400000000000000050000000000000009000000000000000100000000000000efbcfd130000000081000000"]}, @subvolid=0x80000000}) r10 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000001680)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) ioctl$BTRFS_IOC_BALANCE_V2(r10, 0xc4009420, &(0x7f0000000900)={0x4, 0x4, {0x8000000000000, @usage=0x400, 0x0, 0xf5, 0x80d, 0x4, 0x855, 0x7f, 0x20, @struct={0xc421, 0x9}, 0x6, 0xff, [0x8, 0x4, 0x4, 0x809, 0xe70d, 0x7e10c57]}, {0x8, @struct={0x1f, 0x8}, 0x0, 0x401, 0x9, 0x4, 0xe24000000, 0x8, 0x411, @struct={0x6, 0x2}, 0xd89, 0x1, [0x0, 0x4, 0x8, 0x1f, 0x3, 0x81]}, {0x7, @usage=0x80000000, r11, 0x8, 0x3, 0x7ff, 0x7fff, 0xffffffffffffff44, 0x8, @struct={0x1, 0x80000001}, 0x3, 0x40, [0xac9c, 0x4, 0xfffffffffffffffc, 0xffff, 0xfffffffffffff001, 0x9]}, {0x10000, 0x6, 0x1}}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r5, 0x50009418, &(0x7f0000000140)={{r6}, r8, 0x0, @inherit={0x50, &(0x7f00000015c0)=ANY=[@ANYBLOB="010000000000000001000000000000000100010000000000090000000000000012000000000000000900000000000000010000000000d21a3ebf097476480000070000000000000007000000000000000100000000000000", @ANYBLOB="586292c4d715b7767b8b246cebbc94016b8830195ae443585a16f6b12dbd3d1540e6b5b5b9a9c169dcd501b276c2ee1475664fbb6336cc7bfb53b826", @ANYRES32=r9]}, @devid=r11}) ioctl$BTRFS_IOC_RM_DEV_V2(0xffffffffffffffff, 0x5000943a, &(0x7f0000000280)={{r4}, 0x0, 0x10, @inherit={0x50, &(0x7f0000000040)={0x0, 0x1, 0xfff, 0x0, {0x22, 0x1, 0x4847, 0x200, 0x3}, [0x14eb]}}, @devid=r11}) dup2(r0, r1) 19:27:13 executing program 7: shmget$private(0x0, 0x1000, 0x78001ac9, &(0x7f0000ffe000/0x1000)=nil) r0 = shmget(0x0, 0x3000, 0x78000000, &(0x7f0000ffb000/0x3000)=nil) shmat(r0, &(0x7f0000ffc000/0x1000)=nil, 0x6000) r1 = pkey_alloc(0x0, 0x3) pkey_free(0xffffffffffffffff) pkey_free(r1) pkey_mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000001, r1) shmat(0x0, &(0x7f0000ffc000/0x3000)=nil, 0x4000) r2 = pkey_alloc(0x0, 0x1) pkey_mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000000, r2) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8000, 0x0, 0x80, 0x5) pkey_free(r1) mbind(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x3, &(0x7f0000000000)=0x782, 0x5, 0x5) mlock2(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1) shmget$private(0x0, 0x4000, 0x1, &(0x7f0000ffc000/0x4000)=nil) shmat(0xffffffffffffffff, &(0x7f0000ffd000/0x1000)=nil, 0x7000) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0xeac18423ec13e4b, 0x10, 0xffffffffffffffff, 0xa3db5000) r3 = shmget(0x1, 0x1000, 0x78000000, &(0x7f0000ffd000/0x1000)=nil) shmat(r3, &(0x7f0000ffb000/0x1000)=nil, 0x4000) [ 917.189972] loop2: detected capacity change from 0 to 96 [ 917.199527] loop4: detected capacity change from 0 to 96 [ 917.209069] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 917.209562] FAT-fs (loop4): Filesystem has been set read-only 19:27:13 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530", 0x45, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 917.239897] loop3: detected capacity change from 0 to 96 19:27:13 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032", 0x59, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 917.243361] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 917.252904] FAT-fs (loop3): invalid media value (0x00) [ 917.253484] FAT-fs (loop3): Can't find a valid FAT filesystem [ 917.264581] loop6: detected capacity change from 0 to 96 19:27:13 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x100, 0x0, 0x2) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r2, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$IPC_RMID(r2, 0x0) [ 917.305697] loop2: detected capacity change from 0 to 96 [ 917.326826] loop4: detected capacity change from 0 to 96 [ 917.339197] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 917.339666] FAT-fs (loop4): Filesystem has been set read-only 19:27:24 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x100, 0x0, 0x2) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r2, 0x0) 19:27:24 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mbind(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, &(0x7f0000000040)=0x5, 0x400, 0x4) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x1ff, 0xff, 0x5) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mincore(&(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f0000000080)=""/56) 19:27:24 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000140)) dup2(r0, 0xffffffffffffffff) r2 = io_uring_setup(0x5c10, &(0x7f0000000000)={0x0, 0x66dc, 0x20, 0x3, 0x3a6}) copy_file_range(r2, &(0x7f0000000080)=0x5, r0, &(0x7f00000000c0)=0x8, 0x6, 0x0) [ 928.369899] loop2: detected capacity change from 0 to 96 [ 928.394709] loop3: detected capacity change from 0 to 96 19:27:24 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530", 0x45, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:24 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x6, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:27:24 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:24 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:24 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032", 0x59, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 928.401376] FAT-fs (loop3): invalid media value (0x00) [ 928.401836] FAT-fs (loop3): Can't find a valid FAT filesystem [ 928.410612] loop6: detected capacity change from 0 to 96 19:27:24 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) r0 = shmget$private(0x0, 0x3000, 0x800, &(0x7f0000ffd000/0x3000)=nil) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) shmat(r0, &(0x7f0000ffb000/0x4000)=nil, 0x3000) 19:27:24 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x100, 0x0, 0x2) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) shmctl$SHM_LOCK(0x0, 0xb) shmctl$IPC_RMID(0x0, 0x0) [ 928.428323] loop4: detected capacity change from 0 to 96 [ 928.434821] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 928.453893] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 928.454925] FAT-fs (loop4): Filesystem has been set read-only 19:27:25 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:25 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:25 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530", 0x45, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:25 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x2}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x10802, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) r4 = epoll_create(0x4) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000140)) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x3, 0x0, @fd_index=0x2, 0xffe, 0x0, 0x15c, 0x2, 0x1, {0x0, r6}}, 0x95) dup2(r0, r4) 19:27:25 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:25 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x7, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 928.528569] loop3: detected capacity change from 0 to 96 [ 928.536649] loop6: detected capacity change from 0 to 96 19:27:25 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x100, 0x0, 0x2) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) shmctl$SHM_LOCK(0x0, 0xb) shmctl$IPC_RMID(0x0, 0x0) [ 928.570565] loop2: detected capacity change from 0 to 96 19:27:25 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 928.592223] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:27:25 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2, &(0x7f0000000000)=0x401, 0x5, 0x4) [ 928.626596] loop4: detected capacity change from 0 to 96 19:27:25 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) r5 = openat(r4, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r5, 0x5) readv(r5, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r0, &(0x7f0000000000)={0x1}) [ 928.657468] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 928.658421] FAT-fs (loop4): Filesystem has been set read-only 19:27:37 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x100, 0x0, 0x2) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) shmctl$SHM_LOCK(0x0, 0xb) shmctl$IPC_RMID(0x0, 0x0) 19:27:37 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770", 0x50, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:37 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {0x0, 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:37 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmget(0x3, 0x2000, 0x80, &(0x7f0000ffc000/0x2000)=nil) shmat(0xffffffffffffffff, &(0x7f0000ff8000/0x4000)=nil, 0x4000) r0 = shmget$private(0x0, 0x2000, 0x91e576ea15de0e5a, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x1, 0x0, 0x0, 0x0, 0x0, 0x60}, 0x0, 0x2000000, 0x1ffffffffffe, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x8000, 0x0, 0x0, 0x1) r1 = shmget$private(0x0, 0x2000, 0x40, &(0x7f0000ffc000/0x2000)=nil) shmat(r1, &(0x7f0000ff9000/0x4000)=nil, 0x5000) 19:27:37 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x8, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 940.584982] loop2: detected capacity change from 0 to 96 19:27:37 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:37 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:37 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000080)={0x4}) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r4, &(0x7f0000000140)) epoll_create(0x80000000) ioctl$BTRFS_IOC_LOGICAL_INO_V2(0xffffffffffffffff, 0xc038943b, &(0x7f0000000040)={0x1e9, 0x20, '\x00', 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0]}) dup2(r0, r1) fcntl$setflags(r4, 0x2, 0x1) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/module/psmouse', 0x600, 0x100) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r5, 0x8010671f, &(0x7f00000004c0)={&(0x7f0000000400)=""/155, 0x9b}) [ 940.589110] loop3: detected capacity change from 0 to 96 19:27:37 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x100, 0x0, 0x2) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r2, 0x0) [ 940.618269] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 940.622653] loop4: detected capacity change from 0 to 96 [ 940.633212] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 940.633812] FAT-fs (loop4): Filesystem has been set read-only [ 940.638357] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 940.639379] FAT-fs (loop2): Filesystem has been set read-only 19:27:37 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x9, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 940.731911] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:27:50 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xa, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:27:50 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r2, 0x0) 19:27:50 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = shmget$private(0x0, 0x1000, 0x200, &(0x7f0000ffb000/0x1000)=nil) shmctl$IPC_RMID(r0, 0x0) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) shmctl$IPC_RMID(r1, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0xa) 19:27:50 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 953.742902] loop4: detected capacity change from 0 to 96 [ 953.745325] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 953.754696] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 953.755766] FAT-fs (loop4): Filesystem has been set read-only 19:27:50 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {0x0, 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:50 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:50 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770", 0x50, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:50 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x151}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240)=0x0, &(0x7f0000000280)) r2 = epoll_create(0x4) r3 = mmap$IORING_OFF_SQES(&(0x7f0000fed000/0x13000)=nil, 0x13000, 0x1000005, 0x50, r0, 0x10000000) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000001140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xfd) r5 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) r6 = fsmount(r5, 0x0, 0x0) r7 = openat(r6, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r7, 0x5) readv(r7, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) io_uring_enter(r7, 0x550f, 0xda5f, 0x0, &(0x7f00000002c0)={[0x1]}, 0x8) r8 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0) r9 = fsmount(r8, 0x0, 0x0) openat(r9, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) syz_io_uring_setup(0x4e35, &(0x7f0000000040)={0x0, 0x189, 0x0, 0x1, 0xd4, 0x0, r9}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) syz_io_uring_submit(r1, r3, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1, r4}}, 0x0) r10 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r10, &(0x7f0000000140)) [ 953.795882] loop2: detected capacity change from 0 to 96 [ 953.800790] loop3: detected capacity change from 0 to 96 [ 953.804387] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 953.805240] FAT-fs (loop2): Filesystem has been set read-only 19:27:50 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770", 0x50, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:50 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xf, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:27:50 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:50 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r2, 0x0) 19:27:50 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 953.942891] loop2: detected capacity change from 0 to 96 19:27:50 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {0x0, 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 953.969572] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 953.980730] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 953.981662] FAT-fs (loop2): Filesystem has been set read-only [ 953.983332] loop4: detected capacity change from 0 to 96 [ 953.991804] FAT-fs (loop4): invalid media value (0x00) [ 953.992528] FAT-fs (loop4): Can't find a valid FAT filesystem 19:27:50 executing program 7: shmat(0xffffffffffffffff, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x15) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0x0, 0xfff, 0xffffffffffffffff, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmat(r0, &(0x7f0000ffd000/0x2000)=nil, 0x2000) [ 954.050859] loop6: detected capacity change from 0 to 24 [ 954.055362] loop3: detected capacity change from 0 to 96 19:27:50 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x48, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:27:50 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000", 0x56, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:27:50 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r2, 0x0) 19:27:50 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 954.144092] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 954.184244] loop2: detected capacity change from 0 to 96 [ 954.197631] loop4: detected capacity change from 0 to 96 [ 954.206197] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 954.207085] FAT-fs (loop2): Filesystem has been set read-only [ 954.209464] FAT-fs (loop4): invalid media value (0x00) [ 954.210255] FAT-fs (loop4): Can't find a valid FAT filesystem 19:28:04 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:04 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:28:04 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000", 0x56, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:04 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_setup(0xfa7, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x4, 0x0}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, {0x3, r5}}, 0x1) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r6, &(0x7f0000000140)) dup2(r0, 0xffffffffffffffff) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x402, 0x0) r8 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) r9 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r10 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000002, 0x13, r9, 0x0) syz_memcpy_off$IO_URING_METADATA_FLAGS(r10, 0x0, &(0x7f0000000000), 0x0, 0x4) syz_io_uring_submit(r10, r2, &(0x7f0000001180)=@IORING_OP_POLL_REMOVE={0x7, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r5}}, 0x20) fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0) r11 = fsmount(r8, 0x0, 0x0) r12 = openat(r11, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r12, 0x5) readv(r12, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) renameat(r7, &(0x7f00000002c0)='./file0\x00', r12, &(0x7f0000000300)='./file0\x00') 19:28:04 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x4c, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 968.026862] loop3: detected capacity change from 0 to 96 [ 968.027832] loop6: detected capacity change from 0 to 8 19:28:04 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300), 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:04 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:04 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x0) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r1, 0xb) shmctl$IPC_RMID(r1, 0x0) [ 968.030263] loop4: detected capacity change from 0 to 96 [ 968.035582] FAT-fs (loop6): Directory bread(block 3) failed [ 968.037034] FAT-fs (loop4): invalid media value (0x00) [ 968.037417] FAT-fs (loop4): Can't find a valid FAT filesystem [ 968.040582] FAT-fs (loop6): Directory bread(block 3) failed [ 968.073214] loop2: detected capacity change from 0 to 96 [ 968.076990] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:28:04 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 968.085614] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 968.086212] FAT-fs (loop2): Filesystem has been set read-only 19:28:04 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:04 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r1, 0xb) shmctl$IPC_RMID(r1, 0x0) 19:28:04 executing program 7: ioctl$EVIOCGLED(0xffffffffffffffff, 0x80404519, &(0x7f0000000000)=""/124) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000100), &(0x7f0000000140)='system_u:object_r:login_exec_t:s0\x00', 0x22, 0x1) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mincore(&(0x7f0000ffc000/0x3000)=nil, 0x3000, &(0x7f0000000080)=""/95) 19:28:04 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300), 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 968.151292] loop4: detected capacity change from 0 to 96 19:28:04 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x68, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:28:04 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000", 0x56, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 968.176169] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 968.176716] FAT-fs (loop4): Filesystem has been set read-only 19:28:04 executing program 5: listxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=""/10, 0xa) r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) r3 = io_uring_setup(0x277e, &(0x7f0000000080)={0x0, 0x2327, 0x0, 0x3, 0x1de}) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) writev(0xffffffffffffffff, &(0x7f0000000680)=[{&(0x7f00000002c0)="de3c5385bbd6a72836dd449e108924a79e6c54410670eeb79dac3c4daac8ef2e043d46758fa78dd53ca826e9633570800ff507d9217cc5ec94d5cdb21f265a4bb2797a547692b83f302198f44679e1ca1dacfce804504e04791b9f731dbaaa9819de2177a3dd36d0af9484cd765008953fe5aa8dbe51866a011b003ae6c2a8a774ca8680c746307111d71d4402fbb8607ae11c52db9bf299cf18d8b0ed3c78bcce6ab4f0c9db266b24e79eb152965c5c3917f5ee077eb516d1599564e81104f36aabebad", 0xc4}, {&(0x7f0000000100)="bffbbb9cc0a4fdc02ce2b9e1f8", 0xd}, {&(0x7f00000003c0)="0d06a0c1fc91f767e69c53c5dfc016c4", 0x10}, {&(0x7f0000000400)="c1df85db37fda2b847cdc56a581b99ba245ab2dadefe84fc47eccb35df2a5e420055989bdb3e04dabbba3c132c0634984ad3332945e7e797206e87f170e7c15f12090b5b51b52721405cfd42ca9a145b0ccc75090cf61bb278d39d6d4c2afb925d878280c541c480b9a98964a8eca08fda3778cf97d2a935b0950ff25cd8ac0b4668d4ce4c547a501dcd333a484f74f1942f477c8466a6098d2dfc61e28db071ea79d4aedd2e18cacc331bbb6dce6247ef405b9a3c25729fc9b9f933064bc70106c931fad9aaad3ad4f9e156da131ce9", 0xd0}, {&(0x7f0000000500)="f61275a97cbae0246b35cbc97cec2025a0c1f84aaea392f086401bf823de6c7b91b282c013333f62dfba79e5b05baaf09732d4b28e7c6580a6940e2bb37ff58e362f4afc157b8a9337c7590f7fa4131dbd85dd9024a33578b53b181fa98af048fc966037cb00fbf0ba55c1e14d67758ad7ea89f3f82d766c7dab0a473626309faa189efbe107b2cef911b21ecb87ffe042c4532f733446d2a5c9", 0x9a}, {&(0x7f00000005c0)="866ed1b045a37d1805757f318cdfcae42eebc19c76353ffd76b706feaaf984e859f131c4fc5092c1c5ac75c11085f89adbf865b8fd935bade2aeaac24e76627d2309a02efa8fa8931f42c5d3fa9deffb3c36ba3d6459d16f88ce0a4737806766752484db92f389cfb177d718268aa7a1b74e0fa38c515a54097931abd636e7cab7d3e2cd4736c2d02e6bd821f851f31567e16734f12d63dc650fda54798991be6048e66954003e677f4640a712b9f6ca65d18cea936861f2", 0xb8}], 0x6) dup2(r0, r1) 19:28:04 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 968.207927] loop6: detected capacity change from 0 to 8 [ 968.216621] loop2: detected capacity change from 0 to 96 [ 968.229299] FAT-fs (loop6): Directory bread(block 3) failed [ 968.229745] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 968.230633] FAT-fs (loop2): Filesystem has been set read-only 19:28:04 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) [ 968.246160] FAT-fs (loop6): Directory bread(block 3) failed [ 968.260034] loop4: detected capacity change from 0 to 96 [ 968.268268] loop3: detected capacity change from 0 to 96 [ 968.277987] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 968.278545] FAT-fs (loop4): Filesystem has been set read-only 19:28:04 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032", 0x59, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 968.306425] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 968.336966] loop2: detected capacity change from 0 to 96 [ 968.345601] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 968.346106] FAT-fs (loop2): Filesystem has been set read-only 19:28:17 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) signalfd4(r0, &(0x7f0000000000)={[0x1]}, 0x8, 0x80000) dup2(r0, r1) 19:28:17 executing program 7: shmat(0x0, &(0x7f0000ffd000/0x3000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:28:17 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x6c, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:28:17 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:17 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) 19:28:17 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:17 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032", 0x59, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:17 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300), 0x0, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 981.130635] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 981.146990] loop2: detected capacity change from 0 to 96 [ 981.154712] loop3: detected capacity change from 0 to 96 [ 981.154840] loop6: detected capacity change from 0 to 8 [ 981.157963] loop4: detected capacity change from 0 to 96 [ 981.178681] FAT-fs (loop6): Directory bread(block 3) failed [ 981.180900] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 981.182146] FAT-fs (loop4): Filesystem has been set read-only [ 981.184298] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 981.185239] FAT-fs (loop2): Filesystem has been set read-only [ 981.191928] FAT-fs (loop6): Directory bread(block 3) failed 19:28:17 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x3, 0x3) 19:28:17 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x74, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:28:17 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:17 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x4}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2000000, 0x2010, r0, 0x0) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r1, 0x6628) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) 19:28:17 executing program 0: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) 19:28:17 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {0x0, 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:17 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {0x0, 0x0, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:17 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032", 0x59, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 981.349709] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 981.365230] loop3: detected capacity change from 0 to 96 [ 981.392291] loop4: detected capacity change from 0 to 96 [ 981.397098] loop2: detected capacity change from 0 to 96 [ 981.414207] loop6: detected capacity change from 0 to 24 [ 981.418056] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 981.419208] FAT-fs (loop4): Filesystem has been set read-only [ 981.424650] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 981.425782] FAT-fs (loop2): Filesystem has been set read-only 19:28:17 executing program 0: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(0x0, 0xb) shmctl$IPC_RMID(r0, 0x0) 19:28:29 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 993.403383] loop3: detected capacity change from 0 to 96 [ 993.426083] loop2: detected capacity change from 0 to 96 [ 993.455160] loop4: detected capacity change from 0 to 96 19:28:29 executing program 0: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(0x0, 0xb) shmctl$IPC_RMID(r0, 0x0) 19:28:29 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {0x0, 0x0, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:29 executing program 7: r0 = open_tree(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1) listen(r0, 0xa12) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffe000/0x2000)=nil, 0x7000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mlock(&(0x7f0000ffb000/0x4000)=nil, 0x4000) madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x16) 19:28:29 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) ioctl$F2FS_IOC_PRECACHE_EXTENTS(r0, 0xf50f, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) 19:28:29 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {0x0, 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:29 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:29 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x7a, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:28:29 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc", 0x2e, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 993.456003] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 993.467003] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 993.467932] FAT-fs (loop2): Filesystem has been set read-only 19:28:30 executing program 5: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x0) pwritev(r0, &(0x7f00000005c0)=[{&(0x7f0000000000)="da6051d54e147636dbc74615396db1f4ae7bda8cbd9c59ed05a2e6b71f3ee39edd6dddfab47c885e23fa7ad525b6a089de711f5ef1b3318d742714e210d5c3978ed82af77b159e9fbbb66c8c65c0c70affd478f22e16ddda0145da444c061e6a75babfaab980365c8d0d90782780ec4a28908e8310b7", 0x76}, {&(0x7f0000000080)="2b53e68369c50e7e85165c41a000364cd2e08f21859286308f1cceb44cae93fb46ef5b9a72df1a4998cc3fcc7ce632dcda47247fe7438096578fbf74a8ba4d319e8e5303de6236e9a8cf6f098f6880002f89be9cdb501ce49522227bbd50e80ea4", 0x61}, {&(0x7f0000000100)}, {&(0x7f00000002c0)="089ca8b2ff5503488ba076b8007d33fbb3e19f394590bd779c08a78dbf83c387bbb290565d3e6a4442a34006ab4f4c77f0eef78de036306ff7527acebba15b3b2412e3dce100a43c1b52bfaf9bbe9075f93af3a9499d9b86e601dcdc3a4974ddb7a4e78969aba0983d25cf540cdd700d826e96ff0548402e0b7e4f6e6e98d75f145990c7d4c8ddb0acb0a87fbe923079a415a0dafdc0054d417f64039e58eee010d849f449c6f876289daa17b6712527587a", 0xb2}, {&(0x7f0000000380)="fcf88108cde50dfa64fdb4097f458b853d72496005a39ca5821620ab8e13910f851961329ca6e84adf87e9e956b6c57022e587f891d0474d3a7eed778b7674e73076124699076b97e406", 0x4a}, {&(0x7f0000000400)="5aa31849f237c8551daa2b63e38f8daa9ecc9f29687b39dcdf86674c88f9a3e994ee8c156edfacf0faa476f24be495cc9da0024598e15bb1291902abe881dd105ba49291de0867904b0a1eb307be95fc7c298b4fa6c29de2ae35e77841bed37a4f9e411458213a499a23cc8295831b6c5f6d464189e1d582565c1547534b6ed343e5147b7f1cf6519388dc1f8d85dbefe54d632db5e2539268c8bea1300ee681105456851f2947bc5489ba3ee1cc5130373ba77b536d9d3c80bbec7a09b400837151", 0xc2}, {&(0x7f0000000500)="b43774594acdc16ffd88817173a16318748e3b4af0a2c3ed8cda6b38cc1245e2a76ec215ce69362ab07a78d9c67ced2347b34c7853b01348fd738de8b815e866c3e5272929f0296b37c0e9900eefc6dcee7db8b0b71c0a7e2d2759ea6b48865c455580015f6eaacc1e5132a909964662a07e3a44fe83d928358c643ba62f6ac59811e570c5f452c7cc17ff33d662e279ecace5c2783b77660f5b3e", 0x9b}], 0x7, 0x20, 0x6) r1 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r2 = epoll_create(0x4) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000140)) dup2(r1, r2) [ 993.484285] loop6: detected capacity change from 0 to 24 [ 993.491142] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 993.491679] FAT-fs (loop4): Filesystem has been set read-only [ 993.512910] loop3: detected capacity change from 0 to 96 19:28:30 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:30 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {0x0, 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 993.573367] loop2: detected capacity change from 0 to 96 [ 993.590669] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 993.591226] FAT-fs (loop2): Filesystem has been set read-only [ 993.606183] loop4: detected capacity change from 0 to 96 [ 993.611851] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 993.612849] FAT-fs (loop4): Filesystem has been set read-only [ 1005.916571] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1005.929669] loop6: detected capacity change from 0 to 24 19:28:42 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530", 0x45, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:42 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xf0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:28:42 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:42 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:42 executing program 5: pause() r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0xac1b, 0x0, 0x2, 0x41}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r0, &(0x7f0000000000)={0x40000009}) dup2(r0, r1) 19:28:42 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {0x0, 0x0, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:42 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mincore(&(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/114) shmat(0xffffffffffffffff, &(0x7f0000ffc000/0x1000)=nil, 0x7000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) shmat(r0, &(0x7f0000ffb000/0x1000)=nil, 0x800) 19:28:42 executing program 0: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(0x0, 0xb) shmctl$IPC_RMID(r0, 0x0) [ 1005.956147] loop4: detected capacity change from 0 to 96 19:28:42 executing program 0: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(0x0, 0x0) [ 1005.978933] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1005.980042] FAT-fs (loop4): Filesystem has been set read-only [ 1005.981933] loop2: detected capacity change from 0 to 96 19:28:42 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x129, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1005.993330] loop3: detected capacity change from 0 to 96 [ 1006.011050] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 1006.012036] FAT-fs (loop2): Filesystem has been set read-only 19:28:42 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300), 0x0, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:42 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:42 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000fff000/0x1000)=nil, 0x1000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) [ 1006.072691] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:28:42 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530", 0x45, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:42 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1006.129287] loop4: detected capacity change from 0 to 96 [ 1006.132964] loop6: detected capacity change from 0 to 24 19:28:42 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x300, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1006.156558] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1006.157634] FAT-fs (loop4): Filesystem has been set read-only 19:28:42 executing program 0: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(0x0, 0x0) 19:28:42 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300), 0x0, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1006.219506] loop3: detected capacity change from 0 to 96 19:28:42 executing program 7: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x0) fsetxattr$security_capability(r0, &(0x7f0000000000), &(0x7f0000000040)=@v2={0x2000000, [{0x3, 0x10001}, {0x5, 0x9}]}, 0x14, 0x1) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) [ 1006.223612] loop2: detected capacity change from 0 to 96 [ 1006.235568] FAT-fs (loop2): invalid media value (0x00) [ 1006.236358] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1006.252714] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1006.302273] loop6: detected capacity change from 0 to 24 19:28:57 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x500, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:28:57 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:57 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) r3 = syz_open_dev$vcsn(&(0x7f0000000000), 0x10001, 0x80000) syz_io_uring_setup(0x669, &(0x7f0000000040)={0x0, 0x19ee, 0x0, 0x2, 0x129, 0x0, r3}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000fee000/0x12000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) dup2(r0, r1) 19:28:57 executing program 7: shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x6000) shmget$private(0x0, 0x3000, 0x40, &(0x7f0000ffc000/0x3000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffb000/0x1000)=nil, 0x4000) shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mincore(&(0x7f0000ffa000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/84) shmget$private(0x0, 0x3000, 0x1, &(0x7f0000ffa000/0x3000)=nil) 19:28:57 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:57 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300), 0x0, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:57 executing program 0: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(0x0, 0x0) 19:28:57 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530", 0x45, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1020.699574] loop4: detected capacity change from 0 to 96 [ 1020.707448] loop6: detected capacity change from 0 to 24 [ 1020.720547] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1020.721127] FAT-fs (loop4): Filesystem has been set read-only [ 1020.730544] loop2: detected capacity change from 0 to 96 [ 1020.733335] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1020.744881] FAT-fs (loop2): invalid media value (0x00) [ 1020.745275] FAT-fs (loop2): Can't find a valid FAT filesystem 19:28:57 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00000000", 0x10, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1020.757390] loop3: detected capacity change from 0 to 96 19:28:57 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e6", 0x17, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:57 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:57 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x600, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:28:57 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770", 0x50, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:28:57 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) r3 = fcntl$dupfd(r0, 0x406, r0) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r3, 0xf502, 0x0) [ 1020.889784] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1020.892051] loop4: detected capacity change from 0 to 96 [ 1020.901208] loop2: detected capacity change from 0 to 96 [ 1020.911108] loop6: detected capacity change from 0 to 24 [ 1020.913081] FAT-fs (loop2): invalid media value (0x00) [ 1020.913731] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1020.933435] loop3: detected capacity change from 0 to 96 [ 1020.950749] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 1020.951840] FAT-fs (loop3): Filesystem has been set read-only 19:28:57 executing program 0: pause() r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0xac1b, 0x0, 0x2, 0x41}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r0, &(0x7f0000000000)={0x40000009}) dup2(r0, r1) 19:28:57 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x700, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:28:57 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1021.045376] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1021.061840] loop2: detected capacity change from 0 to 96 [ 1021.079806] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1021.080749] FAT-fs (loop2): Filesystem has been set read-only 19:29:09 executing program 0: pause() r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0xac1b, 0x0, 0x2, 0x41}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r0, &(0x7f0000000000)={0x40000009}) dup2(r0, r1) 19:29:09 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:09 executing program 5: syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r0 = epoll_create(0x4) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000140)) 19:29:09 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4000, 0x0, 0x0, 0x3) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x2000, 0x0, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_io_uring_setup(0x33f, &(0x7f0000000000)={0x0, 0xf8e7, 0x20, 0x0, 0x28b}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff4000/0xc000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) r2 = shmget(0x1, 0x3000, 0xfaa4d8f93ff04ffb, &(0x7f0000ffd000/0x3000)=nil) shmat(r2, &(0x7f0000ffe000/0x1000)=nil, 0x5000) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000002, 0x13, r4, 0x0) syz_memcpy_off$IO_URING_METADATA_FLAGS(r5, 0x0, &(0x7f0000000000), 0x0, 0x4) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000002, 0x13, r6, 0x0) syz_memcpy_off$IO_URING_METADATA_FLAGS(r7, 0x0, &(0x7f0000000000), 0x0, 0x4) syz_io_uring_submit(r7, r1, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1}, 0x8001) syz_io_uring_submit(0x0, r1, &(0x7f0000000100)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x4, 0x6000, @fd_index, 0xfffffffffffff461, 0x0, 0x0, 0x0, 0x0, {0x0, r3}}, 0x401) 19:29:09 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e6", 0x17, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:09 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770", 0x50, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:09 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x822, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:29:09 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1033.416217] loop3: detected capacity change from 0 to 96 [ 1033.422633] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 1033.423187] FAT-fs (loop3): Filesystem has been set read-only [ 1033.448584] loop6: detected capacity change from 0 to 24 [ 1033.449623] loop4: detected capacity change from 0 to 96 [ 1033.457477] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1033.460285] loop2: detected capacity change from 0 to 96 19:29:10 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770", 0x50, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1033.474553] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1033.475628] FAT-fs (loop4): Filesystem has been set read-only 19:29:10 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000140)) dup2(r0, 0xffffffffffffffff) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) setsockopt$inet6_MCAST_MSFILTER(r4, 0x29, 0x30, &(0x7f0000001140)={0x0, {{0xa, 0x4e23, 0x9, @dev={0xfe, 0x80, '\x00', 0x1e}, 0x2}}, 0x0, 0x3, [{{0xa, 0x4e23, 0x3f, @loopback, 0xfffffff8}}, {{0xa, 0x4e22, 0xbc, @remote, 0xffffffff}}, {{0xa, 0x4e21, 0x1, @mcast1, 0xffffffff}}]}, 0x210) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r4, &(0x7f0000000000)={0x14}) 19:29:10 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) [ 1033.486593] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1033.487248] FAT-fs (loop2): Filesystem has been set read-only 19:29:10 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e6", 0x17, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:10 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x900, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1033.531598] loop3: detected capacity change from 0 to 96 [ 1033.538918] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 1033.539469] FAT-fs (loop3): Filesystem has been set read-only [ 1033.588729] loop6: detected capacity change from 0 to 24 [ 1033.595640] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:29:22 executing program 0: pause() r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0xac1b, 0x0, 0x2, 0x41}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r0, &(0x7f0000000000)={0x40000009}) dup2(r0, r1) 19:29:22 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xa00, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:29:22 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:22 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) shmat(0xffffffffffffffff, &(0x7f0000ffb000/0x3000)=nil, 0x6000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:29:22 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:22 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000", 0x56, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:22 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e6803251000000000000416600", 0x23, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:22 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) r3 = signalfd(r0, &(0x7f0000000000), 0x8) sendmsg$DEVLINK_CMD_RATE_DEL(r3, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x64, 0x0, 0x4, 0x70bd25, 0x25dfdbff, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xe}, @handle=@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @handle=@pci={{0x8}, {0x11}}]}, 0x64}, 0x1, 0x0, 0x0, 0x148}, 0x80) [ 1046.204195] loop3: detected capacity change from 0 to 96 [ 1046.208798] loop6: detected capacity change from 0 to 24 [ 1046.212287] loop2: detected capacity change from 0 to 96 [ 1046.215238] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1046.215425] loop4: detected capacity change from 0 to 96 [ 1046.223653] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 1046.224205] FAT-fs (loop3): Filesystem has been set read-only [ 1046.242291] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1046.243499] FAT-fs (loop4): Filesystem has been set read-only [ 1046.246453] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1046.247557] FAT-fs (loop2): Filesystem has been set read-only 19:29:22 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mincore(&(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f0000000000)=""/80) 19:29:22 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xf00, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:29:22 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e6803251000000000000416600", 0x23, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:22 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000", 0x56, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:22 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) epoll_create1(0x80000) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) 19:29:22 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1046.330423] loop3: detected capacity change from 0 to 96 [ 1046.334480] loop6: detected capacity change from 0 to 24 [ 1046.340652] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1046.345853] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 1046.346359] FAT-fs (loop3): Filesystem has been set read-only 19:29:22 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {0x0, 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:22 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x3) [ 1046.396696] loop2: detected capacity change from 0 to 96 [ 1046.412775] loop4: detected capacity change from 0 to 96 [ 1046.427334] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1046.427872] FAT-fs (loop4): Filesystem has been set read-only [ 1046.434226] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1046.435402] FAT-fs (loop2): Filesystem has been set read-only 19:29:36 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e6803251000000000000416600", 0x23, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:36 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {0x0, 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:36 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x2208, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:29:36 executing program 0: pause() r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0xac1b, 0x0, 0x2, 0x41}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r0, &(0x7f0000000000)={0x40000009}) 19:29:36 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000", 0x56, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1059.785286] loop2: detected capacity change from 0 to 96 [ 1059.794367] loop4: detected capacity change from 0 to 96 19:29:36 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) shmget(0x3, 0x3000, 0x4, &(0x7f0000ffb000/0x3000)=nil) syz_io_uring_setup(0x1e23, &(0x7f0000000000)={0x0, 0x7d4e, 0x1, 0x3, 0x67}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 19:29:36 executing program 5: r0 = syz_io_uring_setup(0x21d9, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x80}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) epoll_create1(0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) r3 = epoll_create(0xd2) r4 = open$dir(&(0x7f0000000000)='./file0\x00', 0x480, 0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000040)={0x10000000}) 19:29:36 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffff", 0x8, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1059.815657] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1059.816256] FAT-fs (loop2): Filesystem has been set read-only [ 1059.844817] loop3: detected capacity change from 0 to 96 [ 1059.852659] loop6: detected capacity change from 0 to 24 19:29:36 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) socket$inet6_tcp(0xa, 0x1, 0x0) 19:29:36 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {0x0, 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:36 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1059.861382] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1059.874231] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 1059.874764] FAT-fs (loop3): Filesystem has been set read-only [ 1059.904499] loop4: detected capacity change from 0 to 96 [ 1059.911276] loop2: detected capacity change from 0 to 96 19:29:36 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c006500", 0x29, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1059.928072] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1059.928623] FAT-fs (loop4): Filesystem has been set read-only [ 1059.931284] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1059.931886] FAT-fs (loop2): Filesystem has been set read-only 19:29:36 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x29ae, 0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f00000000c0)='./file1\x00', 0xb7a, 0x2, &(0x7f0000001280)=[{&(0x7f0000001140)="ec15e2bf9710e2cf7fc9906b95f7553d394108587a60dc78cfbd93dcb604f4c14f05ef1324fad2aea46cb507ab7d60443635b954cd72fa3c9346b102cd3968c4d2618aa92c57799bd3de76a2fcb8c0146f1f50a2c3c87c4b512f2460a6ed3d95b3e7dca15c0c98b7abf06ca3890b3ebb1ff7eaadd197eb1be9ec6677c284ece1e7214467fe9de3e22e21856070eef93a72e752579a9191029dd1117d5706c84686b8f99ac6c3da12a39d7963638138f836d1bace268b9e7c40", 0xb9, 0x9}, {&(0x7f0000001200)="4e049dd65164aae596c0a73aa7d4150de7f77888f44a9d12c6e0924ca57ef1db521281888a7fa85ed74778c50ed920649546bf3ae7a71e8e9ae883dbb3b2c2fdca46290bf668aa7e110f1c1f0a0d00fa885bde6845dbb7e389c6dea89a2a3852a7dfc262c0c81dc476d804a3fa03aa8d0165a45e", 0x74, 0x302ad527}], 0x28000, &(0x7f00000013c0)=ANY=[@ANYBLOB="64acc88802d13bb0a161626f72742c666f776e6572291e0584230846ad688cefe41eba464069330fc23fd909fd6d19a2d025e0e6523fd08985dff0f5e40a095d7c2cf0071a76e4f96a668225a26f1f717d8e26d892841848d3dbc17c826a762ac32b9dfead5fd86be134ae2f09b92e7b28147fc1a10bf3c4a791a7e2d7c9b7f0705e33f64577ef697bacfc9906d3d169c459ddedb199e264988ec14d6057ff3c47d2c7dbef192f2b4111c87b0ae9b381ad88bdf4", @ANYRESDEC=0x0, @ANYBLOB=',smackfstransmute=\x00,\x00']) openat2$dir(0xffffffffffffff9c, &(0x7f0000001300)='./file1\x00', &(0x7f0000001340)={0x802, 0x2, 0x4}, 0x18) r4 = openat(r3, &(0x7f0000001380)='./file1\x00', 0x280981, 0x351) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) ioctl$F2FS_IOC_PRECACHE_EXTENTS(r4, 0xf50f, 0x0) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r5, &(0x7f0000000140)) dup2(r0, r1) 19:29:36 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x2901, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:29:36 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032", 0x59, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:36 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:36 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x0, 0xffffffffffffffff, 0x3) [ 1059.985970] loop5: detected capacity change from 0 to 264192 [ 1059.993720] loop6: detected capacity change from 0 to 24 [ 1059.996925] loop3: detected capacity change from 0 to 96 [ 1060.008344] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 1060.008860] FAT-fs (loop3): Filesystem has been set read-only [ 1060.027361] loop2: detected capacity change from 0 to 96 [ 1060.029839] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1060.037216] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1060.037762] FAT-fs (loop2): Filesystem has been set read-only [ 1060.038532] loop5: detected capacity change from 0 to 264192 19:29:49 executing program 0: pause() syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0xac1b, 0x0, 0x2, 0x41}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r0 = epoll_create(0x4) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000140)) 19:29:49 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:49 executing program 5: r0 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$KEYCTL_MOVE(0x1e, r1, r0, r1, 0x0) add_key$keyring(&(0x7f00000014c0), &(0x7f0000001500)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) r2 = add_key$fscrypt_v1(&(0x7f0000001140), &(0x7f00000011c0)={'fscrypt:', @desc2}, &(0x7f0000001200)={0x0, "1ea53cc505b94c1995d1dfc70290f4423db60c3873696ef42abb0fa45bf6fce93c7b836deb6a28dd24bf0fa6b12193af309c4b031d3ffebbe584c6f9d3066207", 0x2e}, 0x48, r1) r3 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x5fd3, 0x36, 0x1, 0x1f1}, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r4 = epoll_create(0x4) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000140)={0x60000002}) r6 = fsopen(&(0x7f0000001180)='udf\x00', 0x1) r7 = add_key$fscrypt_provisioning(&(0x7f0000001540), &(0x7f0000001580)={'syz', 0x1}, &(0x7f00000015c0)={0x0, 0x0, @auto=[0x10, 0x12, 0x25, 0x3f, 0x1c, 0x17, 0x31, 0x2a]}, 0x10, r0) keyctl$KEYCTL_MOVE(0x1e, r7, 0x0, r2, 0x1) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) r8 = fsmount(r6, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r9, 0x5) ioctl$VFAT_IOCTL_READDIR_BOTH(r9, 0x82307201, &(0x7f0000001280)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) readv(r9, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) epoll_pwait2(r9, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x9, &(0x7f0000000080)={0x0, 0x989680}, &(0x7f00000000c0), 0x8) dup2(r3, r4) 19:29:49 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:49 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032", 0x59, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:49 executing program 7: r0 = shmget(0x2, 0x4000, 0x8, &(0x7f0000ffc000/0x4000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mbind(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000000)=0x80000001, 0x6, 0x4) 19:29:49 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c006500", 0x29, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:49 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x4800, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1072.581319] loop4: detected capacity change from 0 to 96 [ 1072.586601] loop3: detected capacity change from 0 to 96 [ 1072.589598] loop2: detected capacity change from 0 to 96 [ 1072.594099] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 1072.594583] FAT-fs (loop3): Filesystem has been set read-only [ 1072.597584] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1072.598155] FAT-fs (loop4): Filesystem has been set read-only [ 1072.600766] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1072.601429] FAT-fs (loop2): Filesystem has been set read-only 19:29:49 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e77032", 0x59, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:49 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1072.632380] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:29:49 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1072.636276] loop6: detected capacity change from 0 to 24 19:29:49 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mincore(&(0x7f0000ffd000/0x2000)=nil, 0x2000, &(0x7f0000000200)=""/4096) mincore(&(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/233) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x0, 0x3) syz_io_uring_setup(0x4105, &(0x7f0000000100)={0x0, 0x348a, 0x10, 0x0, 0x3d5}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) [ 1072.695678] loop3: detected capacity change from 0 to 96 [ 1072.697966] loop2: detected capacity change from 0 to 96 [ 1072.699337] loop4: detected capacity change from 0 to 96 19:29:49 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c006500", 0x29, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:29:49 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x4c00, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1072.717206] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1072.718325] FAT-fs (loop4): Filesystem has been set read-only [ 1072.721700] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 1072.722606] FAT-fs (loop3): Filesystem has been set read-only [ 1072.725657] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1072.726635] FAT-fs (loop2): Filesystem has been set read-only 19:29:49 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1072.819738] loop6: detected capacity change from 0 to 24 [ 1072.828312] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1072.894835] loop3: detected capacity change from 0 to 96 [ 1072.915482] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 1072.916500] FAT-fs (loop3): Filesystem has been set read-only 19:30:02 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x1, 0x3) 19:30:02 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:02 executing program 0: pause() syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0xac1b, 0x0, 0x2, 0x41}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)) epoll_create(0x4) openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) 19:30:02 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:02 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x6800, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:30:02 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:02 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) r3 = openat$cgroup_freezer_state(r2, &(0x7f0000000000), 0x2, 0x0) preadv(r3, &(0x7f0000000100)=[{&(0x7f0000000040)=""/137, 0x89}], 0x1, 0xc62, 0x9) r4 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) openat(r5, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000500)={{}, 0x0, 0x12, @inherit={0xfffffffffffffe4c, &(0x7f0000002940)={0x1, 0x3, 0x5, 0xffffffff, {0x28, 0x0, 0xe4, 0x5, 0x9}, [0x1, 0x13fdbcef, 0x81]}}, @subvolid=0x80000000}) r6 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r6, 0x84009422, &(0x7f0000000300)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) ioctl$BTRFS_IOC_BALANCE_V2(r6, 0xc4009420, &(0x7f0000000900)={0x4, 0x4, {0x8000000000000, @usage=0x400, 0x0, 0xf5, 0x80d, 0x4, 0x855, 0x7f, 0x20, @struct={0xc421, 0x9}, 0x6, 0xff, [0x8, 0x4, 0x4, 0x809, 0xe70d, 0x7e10c57]}, {0x8, @struct={0x1f, 0x8}, 0x0, 0x401, 0x9, 0x4, 0xe24000000, 0x8, 0x411, @struct={0x6, 0x2}, 0xd89, 0x1, [0x0, 0x4, 0x8, 0x1f, 0x3, 0x81]}, {0x7, @usage=0x80000000, r7, 0x8, 0x3, 0x7ff, 0x7fff, 0xffffffffffffff44, 0x8, @struct={0x1, 0x80000001}, 0x3, 0x40, [0xac9c, 0x4, 0xfffffffffffffffc, 0xffff, 0xfffffffffffff001, 0x9]}, {0x10000, 0x6, 0x1}}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000140)={{}, 0x0, 0x0, @inherit={0x50, &(0x7f00000015c0)=ANY=[@ANYBLOB="010000000000000001000000000000000100010000000000090000000000000012000000000000000900000000000000010000000000d21a3ebf097476480000070000000000000007000000000000000100000000000000", @ANYBLOB="586292c4d715b7767b8b246cebbc94016b8830195ae443585a16f6b12dbd3d1540e6b5b5b9a9c169dcd501b276c2ee1475664fbb6336cc7bfb53b826", @ANYRES32]}, @devid=r7}) ioctl$BTRFS_IOC_RM_DEV_V2(0xffffffffffffffff, 0x5000943a, &(0x7f0000000140)={{}, 0x0, 0x4, @inherit={0x90, &(0x7f0000000040)={0x0, 0x9, 0x0, 0x8, {0x681a88ffb3009ddf, 0x852, 0x8001, 0xffff, 0x3ff}, [0x3, 0x2, 0xa000000000000000, 0x4, 0x0, 0xffffffffffffa750, 0x9, 0x10000, 0x6]}}, @subvolid=0x1}) ioctl$BTRFS_IOC_GET_DEV_STATS(r3, 0xc4089434, &(0x7f00000004c0)={0x0, 0xffffffff, 0x0, [0x6, 0x100, 0xfffffffffffffffe, 0xf2, 0x4], [0x7, 0x8, 0x5536ca8b, 0x10000, 0xde19, 0x1, 0x0, 0x1, 0x9, 0x7, 0x12, 0x2f3, 0x1f, 0x4, 0x5, 0x2, 0x7f, 0x40, 0x81, 0x3ac3, 0x9, 0x5, 0x40, 0x1, 0x5, 0x1a11200000000000, 0x5, 0xffffffffffffffe0, 0x8001, 0x2, 0xd190, 0x5, 0x6, 0x5, 0x3, 0x2, 0x40fb, 0x5f, 0xa0, 0x9, 0xffffffffffffff8e, 0x7, 0x8, 0x3f, 0x8, 0x45d, 0x762, 0x6, 0x8001, 0x6, 0x1, 0x7fff, 0x8, 0x6, 0x6, 0x0, 0x0, 0x9, 0x5, 0x0, 0x1, 0x0, 0x7fffffff, 0x6, 0x8001, 0x400, 0x2, 0x0, 0x8000, 0x7, 0x45, 0x1000, 0x4, 0x1f, 0x1000, 0x4, 0x6, 0x7, 0x5, 0x7f, 0x1, 0x8001, 0x7f, 0x0, 0x7, 0x6, 0x4, 0xff, 0x122, 0xffffffff, 0x6, 0x7f, 0x57c3, 0x101, 0x10001, 0x6, 0x4, 0x7f, 0x2, 0xfffffffffffffff7, 0x0, 0x5ff, 0x3, 0x3, 0x6, 0xffff, 0xa01, 0x10000, 0xd9, 0x729e, 0x1, 0x39, 0x8, 0x2, 0xc821, 0x7f, 0x189, 0xfffffffffffffffa, 0x6, 0x2, 0x9]}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000900)={{r4}, 0x0, 0x12, @inherit={0x68, &(0x7f0000000440)={0x0, 0x4, 0x800000003, 0xe919, {0x3c, 0x4, 0x8, 0x4, 0x30000}, [0x7f, 0x0, 0x100000001, 0x668]}}, @devid=r8}) syz_io_uring_setup(0x6fc6, &(0x7f00000002c0)={0x0, 0x9c56, 0x8, 0x0, 0x39f, 0x0, r5}, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000001900), &(0x7f0000000380)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) 19:30:02 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00000000", 0x10, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1085.581678] loop4: detected capacity change from 0 to 96 [ 1085.592245] loop2: detected capacity change from 0 to 96 [ 1085.596074] loop6: detected capacity change from 0 to 24 [ 1085.600376] loop3: detected capacity change from 0 to 96 [ 1085.607521] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 1085.608083] FAT-fs (loop3): Filesystem has been set read-only [ 1085.629538] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1085.630818] FAT-fs (loop4): Filesystem has been set read-only [ 1085.641731] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:30:02 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030", 0x2a, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:02 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:02 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e7703251", 0x5a, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1085.700050] loop6: detected capacity change from 0 to 24 [ 1085.700644] loop2: detected capacity change from 0 to 96 [ 1085.708462] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1085.708970] FAT-fs (loop2): Filesystem has been set read-only 19:30:02 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x42a4fd3f, 0x2, 0x5) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:30:02 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x6c00, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:30:02 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1085.730462] loop3: detected capacity change from 0 to 96 [ 1085.735985] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 1085.736609] FAT-fs (loop3): Filesystem has been set read-only 19:30:02 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030", 0x2a, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:02 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:02 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r4, &(0x7f0000000000)={0x40000004}) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r5, &(0x7f0000000140)) dup2(r0, r1) [ 1085.792214] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1085.804841] loop4: detected capacity change from 0 to 96 [ 1085.808089] loop2: detected capacity change from 0 to 96 [ 1085.813087] loop6: detected capacity change from 0 to 24 [ 1085.823884] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1085.824523] FAT-fs (loop2): Filesystem has been set read-only [ 1085.844873] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1085.846242] FAT-fs (loop4): Filesystem has been set read-only [ 1098.147849] loop2: detected capacity change from 0 to 96 [ 1098.171135] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1098.171735] FAT-fs (loop2): Filesystem has been set read-only [ 1098.173343] loop6: detected capacity change from 0 to 24 19:30:14 executing program 0: pause() syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0xac1b, 0x0, 0x2, 0x41}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)) epoll_create(0x4) 19:30:14 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:14 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240)=0x0, &(0x7f0000000280)) syz_io_uring_setup(0xfa7, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x4, 0x0}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000000)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x1, 0x0, @fd_index=0x1, 0x2, 0x0, 0x100, 0x5}, 0x8001) r4 = epoll_create(0x4) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000140)) dup2(r0, r4) 19:30:14 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) mincore(&(0x7f0000ffa000/0x2000)=nil, 0x2000, &(0x7f0000000380)=""/4096) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x4000, 0x54000000, &(0x7f0000ffb000/0x4000)=nil) shmctl$IPC_RMID(r1, 0x0) shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x2000) shmat(r0, &(0x7f0000ffd000/0x2000)=nil, 0x0) 19:30:14 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030", 0x2a, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:14 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:14 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x7400, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:30:14 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1098.196446] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1098.200699] loop4: detected capacity change from 0 to 96 [ 1098.205884] loop3: detected capacity change from 0 to 96 19:30:14 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x2}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000001340)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000140)) ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x628}}, './file0\x00'}) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) openat(r4, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) io_uring_register$IORING_REGISTER_FILES(r4, 0x2, &(0x7f0000001300)=[r1], 0x1) r5 = syz_open_dev$usbmon(&(0x7f0000000040), 0x3, 0x201800) ioctl$BTRFS_IOC_SNAP_CREATE(r2, 0x50009401, &(0x7f00000002c0)={{r5}, "81e6c41c33b0508a9f0c72fa86b72835f37b24e4db150f4d69eef03ab87a20ec21b8bca8baf2a34c6a2c535a29fc44fac48a67204d06dca75b9326e3106b5302dba54f06c686ab020a86da8e8c4b1d81a84b758d58ef2f9c582ff8cd6614eea8b3766edfdae7f50c54fd6b2f8f7385704c7d6e45c38eb47dfe112934bbebed76576191fe41af3c01d4f34f57eb3019166a8a22b26e38bda45385a4921b711a618cf030bb8c4e944a2c5e8e653418e313c478c27412ea47da537a47a9056fcfffd5831897a024a8bec47beb2eda9e867eb86b6713fad5c93c7372a34d05faaa040115fa9b3002bddf57390ca739621d7d2eadb20954b4377e2a4d07295ab64858f20615d08264103e1237c05b63ad722f66d9ee040c4742e70d624da9be73d368b57c94ea8af5c455bfe34a71333d6ccf7b695e4241bb8decb0d4d6935d6908a89d0f0d40b7c6b47635f29e8c15b846df7deba389eaded22f8bc73bfcada05571930496ccd94ad75aca6ac707eeeedc30a84cf1b783f19288be9f0025977149029d94d5203eef75f0774d8f368ff6813513fef6016ab840041290f46a792cb0e93c445ad12b40dd538f517a40438614fdb50cb4b63a96408f54926ddcbdbbc8b67c992a3a5b6b53d7f8052f969ca7833fda38cff65eee522c5e2be3b52384f65e6b717b8da9f937d14b38447e27ed863bded72a8dc5dec7a677c35d32c73bdfa7d53df312d2b9fde98e8a154ee097a0811f0e66a0ebf4f6b977ccf7179b4c082c400f96b4ff90d1117e224f738ff1cf956768df8fa3c476d6693d3bc1fea77f19ad921cb64408c2546922efba8f44f4803942dfd7e0c6859f37c9686fd50c2dc8c64207d63a3b69713cfec1c1b4d5d649edb8e871e1e8974048baa580810edbfee864f4aca9273dfdb512f92a22dc6b0e8d05b523261a96d0849d30a0a1e3f95ddb6204bd8715ba4a8bed1e80b596ad5835b2d1b3c05add3683881fe054322ec87423eb8f9d30a2958dbfc2fd4f422c1534eadeeec810e851e9223aeb828a1edaa16c3610a59bef261fae82cee63c9b61e98e24eac5679d8b57efcb5fef424e132c0f93b6db5929f4040628914baa4fa32097b105fc19935164d5341abdb096760538a506c594b3ba3563fbd2b521cbc098a7229089c9cd4484226f546d3af5d1aa62030f9261a4ce0f76e575241b25adc6609c706a7c86eda2704c4a70d89ce6864e13623bf10497d6f725cc1d473c93a1b446141e7d2376d389a78034873e8bc581a27266a63e5723922cd9bdeedd566847a736673613eed28ca556932a84091e9b456de9db91ccc2222a4558e8c376487eecef9c59454512c6e9cc210b08415ccb7eaafe97b5a7a14a8f0dce3162d61465da6f8130b961348ee5596e9944caaa090a1cde3d01609f7859c9e203bf31d9986da1c8e5a002b61418fbfa9726d7a5445f4f2aa3ba2ddcd12f0ee6033f031fe1c5ce4d1ce97d8772e2e54d1460cb3d4bd10d7150f18c57936cd1c241f071aed42e04f517c112e518191e57ac8037321434cb8ac19a187dc8a09742f376d4a8d5efc8ee5a081b926da9acb104c2faebb9736f2968661477b7be2de1105abcf5edefff5731aa7c64ce0ec01925747ca2386846a5ef8ea19922fc3771041ca5f3a5114637dd7ca7945f542a803d078be984fdec3e298b7c10c146359a87aabd4bfe7226336e7ac8952b91005185b089b95055262b05ca8143d3889da1f754f5f9443c609396d7fd6246cb111ba9304b3b09118396be2e6e732eb80736daa8d2cf5f2c3137740d85fecf19faaddb619a94de55f5b683302bf0d594ce92a8ef5b8977f820aa08d93db5fcb1844014cbb4260b7163fef0b1773d49703228792994b51b399a1d5aa2dbaf917eee5be01c92dde5e5d49fe53ee0c168e7005bf20d6ac657fefa32274cf10748288fd99006a2e33c8bcb22184e0d22bafef45700a7e3929cbf7089bdb9caeaacd27cdd78865ff59bf4b4930bece0df60a0c4e2e4e60d23c5c9f20f733413c409776a7166d6c707f7b5a3a8dcab8c1e7ad57945a5eaceec86f56869c4172dec5d0cb60d376e310c5f61ae17380650c0baf7af488e19513eff6574a34e7c9e0beb53bc24e08219779bb7a306d2eefb908e1f8900f8009892e33f78baaaad00fa18854c32bae3c66d15cd150cc841d0a7281571e27051a91980cdf14ffbc942f2d9a1b5d99ae94b270822f6b75faf7a88450980b6a3ebe019017af293b851e60523a3decc6d43d39ec03817d81eba4154085a61f21b11f52a4b86aeba40e8f5f4da64e19781cab3ae26a6299ded5429c237570e9319932684a90ad8e70b95d57f04a04b08b8cbe52e63a931c07b4a105e567d94bdceea3533249feacc541ed2f8f87ff870631c1921589153b3a98bb2dc64a0b95ee73a7f9cf7c0a3fdb0f83ef9c827867d089fd5875ff51fd0cfd98fe4ab8aeec767f4631ffb5eb8dfc2b46b1fce7b10d5bd0abc8aa6450a6332f015c00723c5c1418576be88e2ef80837a835be5b99fc60783e91d90cf7da24526bec2404e20d4dd772fc5e03b01848690d6fb392966f792fa0bfa6fa7f9f71a7d0d167a7743ac2e90e3906368b68d8f5d11c15456242ae6ef26ea2b8510b0c126c414be2bd9b9743f1333caf16f8ce5a4b8106d03083c54b5a5d380403d31eb6bd8ca89a8f68a86dd542aa7465131772b0a2574bc98235fcdba31f50c09c99882d31fef37c9c5324d810068fec78c6256faa1dd45d974d960c71a18f93fd00a35df3bdff9daea7ecde2701f53c47a009b93fa04f47949658a1ebb28c2e2bc4cbd1af9f8bc7e8625eb317247cf7fdc8a9ac33bb62868674ec7e9ff13aff1c4cca294ccc0935df4bbca2e815399557e9845b41e3871952b97098d6d742c8acb2c1098fd305efe44b1d6706f12f93942b972131bcef75b57420e838e268e53398bd75091f2e871f410e4380a5fe34b4873b888f86a379c242f48087f47076f887b8beda0e0dd561d2a7f820929a33fba5dc120dd990a5d939d3bac2801e0fe38ceb64ce125dee5798efdcf26a1729038fa2d5eb26c3f829174d2045c4c9efeb0e0f2b44f2ff4723c0e40e6bcabe79fc11a7f88f7c2ce04360905eb413880d6e647a3ab02fc3e37f485cf8b13a0c6b37fb8ff2ab99fc1905cb5317c081748f1b1cf295dca52138892dd8b0ec7c501aaee52213d1f9944c537520a1a951c788ffb279bf91ab84ae5365183fa0e9efe7b46e29f9b8d4bb803c011d4ec8713a64cfe094a2119bef1d07d6616a5852d18293bc36a0a6024b6db07e4875dcf6531ca081b4857bfa6bcbfc34ba62d7feddf6e15eef7f61f0c02be2effcd6edf506a477d388879901c2ff8dda9a50790613788f202fee6d25980a45ea1149c13d9a74685e11b83612bb9de3a0bcc018d64026584c9a4b1850a8cd6787399f83fcd9a69aab60744d829b0ecb022576268c4022b8e0df2b308a6541f592b352a1141bc9860e7df9346229c8878751d39b533a80dbc8a00b31805057a8ba92ba20b54def89eeb91cab361964b163a095c234f687a68ddd94fd286ea37e85f97bc03d3ceca437125412c566209f784d30a8393e304f251213cd75f92bebf97199e1307dece857bc1da7a8626a3828ef3450bdad7204d9a9c45260e373b350784d2ce4810d475f9dd64021da33d00f215faa59fe50e54a3df840de70e240d8a35a5412edea33ab882c3b6b26af779f92d4fc278a6e8dfc3eda7b102b15b90e637137bbcec02b5039afc173158c456341184ae0c12e900f7f5375259871121498f5b271bb73cf05b1a36a46e7c81e65daba4572218e3dc633e00af0fc6d41bf92ad6aa6f338ba719fb9394e6fd7149d8ad3e53b58177f52208bd2d51803025b422453a9631e1db72d6e1d9f7eb7e09897952437de416f2cc494436f3e428bfe93e65a9c14d195a5b91297fc7f9264528465368eb7290e5c2f91c04fb5a9913fd6f1543036ac94c95fd2439159786448f222c3fdaba5d8785a57a793c168358b40bfc5c54cb89f077f867973a96ca18c0164c97cff2ff269736fcfd47e2da8f0a0dab161e2fe035ef9df93d57cd4575918543443fa92585d9530f0f6fb62b094ee5b46268c5a5f229e50666a2d22ec2a78cbd4093e627c5200efb20cd0c5fa9dd92e1e9e0d61b05494eb4dd0e184b5dc8770e480689cd2ae8523a43a72dab80b4cb8af5c26a961b65dcce1cdf08a37ec100bb37e1f8268da5ffceec148b5b135d75c017fafc065911a56ae9e630bb3cf2b6afaa3dfbb5aa80245cec65cd63f1a282b820dee78fccf911226ee7df954a164ba62aabeddb264d0f9acfd3e652527a5258952583d377c555403fa083d30e30372548ec1126534c48152a3e90223070312d801dd25949194f59dc0f882dbd62102e4bc4cf3466c9c7caed82717e2ab07d1a1f669a35704bd863536051da5e6215903ef9232132572c7459cf168ddc8e2f994a220e2fa047b3ce95351238bafc93f18f3989123f8e6f0b159ddd073647795b0551675b21a3841118c40b0d52bfd73780cfee2bbee4cd5c9cec3326d6926db93d27aac485adab09ecae9fa6a5ae038e039baa4a5a090d8dd0cd3b988ab5d47b7723e4ad2a28a117ff45d9e19025e124cc2ae4fcfe4e49f7c371f75104cb4dddca6179eb11c4b6c9cb69e7b4c09d46d9db39c2c3f20bfac03134bbfa8e75edf5165e3794f422e0a480cd452f2bffb9a60e169d79f680828291c0d1a888307671bb7acded992a2d220d15bc99aca9c275ab6434c525925d854cc0384716fbc8b9f098dd2a90f7f34691e6a9b7a77004e60592f67ff76a68dc5faef964d8ce785994a9c26fb62f7b668af0555b1cfeba6e73058095b446c22d0bacb96becc5f9ef465bc2798937f50646ab68f6c74c93112af8508df257a08258fb9e9a185f6aee56afaf241a5cde0bb46931a8b75bd6b2f8e74c2f9ed9bcbb78a3d9a8f58a6265f6c8409c743f10732fa2fbfd3f1673140e5e4ba9cd3824c2e40ca583bf2206cb04a345e9464d022706dbbc54197cda96e4542fa4d464fefa71f81468688c283b9c45cfde29ceda16a039d739bb8e3024d70f84c43af4f0cdb90b28588da0c0d1a10a1df68b9bea6b69c17b0d9a3ee020afb630786dbe871a88db79ae3c2e62e25492f401bf37b4cb6d2b55835e61a2f265de7404779f91c3197739fb32fac8990c89666e444daaa87de28108950ff3c045a5cf16bbff45a6a51a1385cb4e2c3b8c465ec9ae049f9e3d93d976cdfdf344b4158f29435002e389b82a92a64567b277c52dc0d9cbbbf4e3a9d6fdfd2ef0a9e779d1e17b47d037dacaf70e37e7f521d40717ed7752a852f18bdb93a5897cf19f7fdb7f2be34b25110daa3144b872786676b96c4d52493d86f019f742975a879af2ce04cd13a99f13390192e7873518be8e19b5517f6deba8109fb9166c1a2bd6478f29e7365cabe3dbd262ef8f09a848bbbcafecdc0bf01392edb87d6fc48cfb85071c45d493aedc601380d9e81cab8228a2413d248753836f903a4b82083d1b1656e60cb9f7e6002826e3f84b57b9509c736827584412905fa765fbeca0d7b0a9025cefc7cf3c684e8b0a390b81af3b13936941e92153bc61b4bf2f8ec4d7a0c00b845c0c89ec5f75dbef7195b6e4dd923f2020369793ca3270d202aa2b6c456e45252a42a81aa2dd0eafcc75878452aae88711f7ad5a272f26140cf2556826559dcb343980b3feaaf6c8589e78c34c62f865b721ea91d07903727ed7ca9d70b603acc4eed4a1"}) syz_io_uring_setup(0x1918, &(0x7f0000000080)={0x0, 0x30f9, 0x1, 0x1, 0x3a1}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000100), &(0x7f00000012c0)) dup2(r0, 0xffffffffffffffff) 19:30:14 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffff", 0x8, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:14 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x7a00, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1098.232205] FAT-fs (loop3): invalid media value (0x00) [ 1098.232976] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1098.238126] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1098.239299] FAT-fs (loop4): Filesystem has been set read-only 19:30:14 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x40000, 0x3) r0 = shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffd000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) 19:30:14 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c0065003000", 0x2b, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1098.294260] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1098.300597] loop2: detected capacity change from 0 to 96 19:30:14 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:14 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1098.346849] loop6: detected capacity change from 0 to 24 [ 1098.358623] loop3: detected capacity change from 0 to 96 [ 1098.359976] loop4: detected capacity change from 0 to 96 19:30:14 executing program 5: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r2, 0x5) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) r3 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, r2}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r4 = epoll_create(0x4) r5 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) r6 = fsmount(r5, 0x0, 0x0) r7 = openat(r6, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r7, 0x5) readv(r7, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) epoll_pwait(r7, &(0x7f0000000080), 0x0, 0x44a40ca0, &(0x7f00000000c0)={[0x2]}, 0x8) r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r8, &(0x7f0000000140)) dup2(r3, r4) [ 1098.367828] FAT-fs (loop3): invalid media value (0x00) [ 1098.368238] FAT-fs (loop3): Can't find a valid FAT filesystem 19:30:26 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:26 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1110.178841] loop4: detected capacity change from 0 to 96 [ 1110.189529] loop3: detected capacity change from 0 to 96 19:30:26 executing program 0: pause() syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0xac1b, 0x0, 0x2, 0x41}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)) 19:30:26 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) r3 = socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$EXT4_IOC_CHECKPOINT(r3, 0x4004662b, &(0x7f0000000000)=0x2) 19:30:26 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:26 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c0065003000", 0x2b, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:26 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'}) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000004, 0x10, r0, 0xd95c9000) mremap(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil) shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000000)=""/252) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffa000/0x3000)=nil, 0x6800) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:30:26 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xf000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1110.200333] FAT-fs (loop3): invalid media value (0x00) [ 1110.200775] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1110.207187] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1110.216331] loop6: detected capacity change from 0 to 24 [ 1110.225690] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1110.226841] FAT-fs (loop4): Filesystem has been set read-only 19:30:26 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2, 0x0, 0x5, 0x3) [ 1110.238710] loop2: detected capacity change from 0 to 96 19:30:26 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1110.251380] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1110.252243] FAT-fs (loop2): Filesystem has been set read-only 19:30:26 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c0065003000", 0x2b, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1110.283750] loop3: detected capacity change from 0 to 96 19:30:26 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x30000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:30:26 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:26 executing program 7: r0 = shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) io_uring_enter(0xffffffffffffffff, 0x0, 0xa2e7, 0x0, 0x0, 0x0) r1 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) r3 = openat(r2, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r3, 0x5) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file1\x00', 0x0, 0x0, &(0x7f0000000200), 0x302a040, &(0x7f0000000400)=ANY=[@ANYRESHEX=r0]) chdir(&(0x7f0000000140)='./file0\x00') r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x181042, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000340)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="00000000000000002e2f66696c65310000116d8e714645aca27e38a0de322c8e5e4f868e63c4cfde2caadecd601d3855276c44215579ccb5b62a88ba55fa98f0b8a71a2346bc167532eaef74e0090036b4eba8079749faa2e018aef990012f8755abc7b6e555b79432ece2a10ffd2cbce437fbe34b3a9dfdd38f8326"]) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24880, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x9, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(r4, 0x4, &(0x7f0000000240)='\x00', &(0x7f0000000300)='./file2\x00', 0xffffffffffffffff) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r5, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0xff, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000040), 0x5}, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) sendfile(r5, r4, 0x0, 0xfffffdef) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) [ 1110.313936] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1110.329428] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1110.330555] FAT-fs (loop3): Filesystem has been set read-only 19:30:26 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:26 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) readv(r0, &(0x7f0000000580)=[{&(0x7f0000000000)=""/206, 0xce}, {&(0x7f0000000100)=""/7, 0x7}, {&(0x7f00000002c0)=""/9, 0x9}, {&(0x7f0000000300)=""/171, 0xab}, {&(0x7f00000003c0)=""/167, 0xa7}, {&(0x7f0000000480)=""/225, 0xe1}], 0x6) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) r5 = openat(r4, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r5, 0x5) readv(r5, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000000600)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}], 0x1f, "5ba47441c7694c"}) ioctl$BTRFS_IOC_INO_LOOKUP(r5, 0xd0009412, &(0x7f0000001600)={r6, 0xffffffffffffffff}) 19:30:26 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x34000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1110.372390] loop6: detected capacity change from 0 to 24 [ 1110.374200] loop2: detected capacity change from 0 to 96 [ 1110.405468] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1110.408127] loop4: detected capacity change from 0 to 96 [ 1110.415966] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1110.417221] FAT-fs (loop2): Filesystem has been set read-only [ 1110.428110] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1110.428778] FAT-fs (loop4): Filesystem has been set read-only [ 1123.820236] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1123.827239] loop4: detected capacity change from 0 to 96 19:30:40 executing program 0: pause() 19:30:40 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:40 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:40 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:40 executing program 7: r0 = shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffa000/0x1000)=nil) shmat(r0, &(0x7f0000ffa000/0x1000)=nil, 0x7000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r1 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffa000/0x3000)=nil) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmallocinfo\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x8) shmat(r1, &(0x7f0000ffd000/0x2000)=nil, 0x1000) 19:30:40 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x80000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:30:40 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:40 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x1}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) [ 1123.836335] loop6: detected capacity change from 0 to 8 [ 1123.839191] loop3: detected capacity change from 0 to 96 [ 1123.840770] loop2: detected capacity change from 0 to 96 [ 1123.843922] FAT-fs (loop6): invalid media value (0x00) [ 1123.844443] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1123.849648] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1123.850200] FAT-fs (loop4): Filesystem has been set read-only [ 1123.871068] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1123.872406] FAT-fs (loop3): Filesystem has been set read-only [ 1123.876469] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1123.877598] FAT-fs (loop2): Filesystem has been set read-only 19:30:40 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0", 0x5, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:40 executing program 5: pipe(&(0x7f0000000000)={0xffffffffffffffff}) r1 = syz_io_uring_setup(0x650f, &(0x7f00000000c0)={0x0, 0x0, 0x2d, 0x1, 0x6, 0x0, r0}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000180), &(0x7f0000000080)) r2 = epoll_create(0x4) fallocate(r2, 0x39, 0x4, 0xfff) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/ldiscs\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000140)) dup2(r1, r2) 19:30:40 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:40 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x400300, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:30:40 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = shmget$private(0x0, 0x4000, 0x78000000, &(0x7f0000ff5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) shmget(0x0, 0xb000, 0x78000000, &(0x7f0000ff2000/0xb000)=nil) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) [ 1123.946911] loop6: detected capacity change from 0 to 8 [ 1123.954782] loop4: detected capacity change from 0 to 96 19:30:40 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1123.962697] FAT-fs (loop6): invalid media value (0x00) [ 1123.963153] FAT-fs (loop6): Can't find a valid FAT filesystem 19:30:40 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1123.977072] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000000f) [ 1123.978268] FAT-fs (loop4): Filesystem has been set read-only [ 1123.988276] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:30:40 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1124.020295] loop3: detected capacity change from 0 to 96 [ 1124.035295] loop2: detected capacity change from 0 to 96 [ 1124.045775] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1124.046417] FAT-fs (loop2): Filesystem has been set read-only [ 1124.050759] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1124.051943] FAT-fs (loop3): Filesystem has been set read-only [ 1124.057954] loop6: detected capacity change from 0 to 8 [ 1124.062950] FAT-fs (loop6): invalid media value (0x00) [ 1124.063418] FAT-fs (loop6): Can't find a valid FAT filesystem 19:30:53 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0", 0x5, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:53 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {0x0, 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:53 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmget$private(0x0, 0x1000, 0x4, &(0x7f0000fff000/0x1000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) syz_io_uring_setup(0x37db, &(0x7f0000000000)={0x0, 0x6f2c, 0x2, 0x0, 0x97}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:30:53 executing program 5: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) fsmount(r3, 0x0, 0x7e) r5 = openat(r4, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r5, 0x5) readv(r5, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) ftruncate(r5, 0x5) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) r6 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x0, 0x0, r2}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r7 = epoll_create(0x4) fsmount(r5, 0x1, 0x84) r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r8, &(0x7f0000000140)) dup2(r6, r7) 19:30:53 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:53 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xe0ffff, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:30:53 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:53 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xf00, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1136.535592] loop2: detected capacity change from 0 to 96 [ 1136.536820] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1136.541356] loop4: detected capacity change from 0 to 96 [ 1136.557617] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000000f) [ 1136.558264] FAT-fs (loop4): Filesystem has been set read-only [ 1136.562616] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1136.563232] FAT-fs (loop2): Filesystem has been set read-only [ 1136.566295] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1136.567556] loop3: detected capacity change from 0 to 96 [ 1136.579784] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1136.580422] FAT-fs (loop3): Filesystem has been set read-only [ 1136.587264] loop6: detected capacity change from 0 to 24 19:30:53 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xf0ffff, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:30:53 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0", 0x5, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:53 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1136.639622] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:30:53 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {0x0, 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:30:53 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0", 0x5, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1136.672690] loop4: detected capacity change from 0 to 96 [ 1136.680920] loop2: detected capacity change from 0 to 96 [ 1136.684258] loop3: detected capacity change from 0 to 96 [ 1136.695562] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1136.696139] FAT-fs (loop3): Filesystem has been set read-only [ 1136.714719] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1136.715325] FAT-fs (loop2): Filesystem has been set read-only [ 1136.733836] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000000f) [ 1136.734912] FAT-fs (loop4): Filesystem has been set read-only 19:31:06 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:06 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x1000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:31:06 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1150.127989] loop6: detected capacity change from 0 to 24 19:31:06 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {0x0, 0x0, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:06 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, &(0x7f0000000000)=0x8000, 0x1, 0x4) r0 = shmget(0x1, 0x1000, 0x4, &(0x7f0000ffe000/0x1000)=nil) shmctl$IPC_RMID(r0, 0x0) 19:31:06 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_setup(0xfa7, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x4, 0x0}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, {0x3, r5}}, 0x1) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r6, &(0x7f0000000140)) dup2(r0, 0xffffffffffffffff) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x402, 0x0) r8 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) r9 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r10 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000002, 0x13, r9, 0x0) syz_memcpy_off$IO_URING_METADATA_FLAGS(r10, 0x0, &(0x7f0000000000), 0x0, 0x4) syz_io_uring_submit(r10, r2, &(0x7f0000001180)=@IORING_OP_POLL_REMOVE={0x7, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r5}}, 0x20) fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0) r11 = fsmount(r8, 0x0, 0x0) r12 = openat(r11, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r12, 0x5) readv(r12, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) renameat(r7, &(0x7f00000002c0)='./file0\x00', r12, &(0x7f0000000300)='./file0\x00') 19:31:06 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {0x0, 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:06 executing program 5: sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x200, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7, 0x65}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x40040c1}, 0x1) r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) readv(r1, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/182, 0xb6}, {&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000001380)=""/240, 0xf0}, {&(0x7f0000001480)=""/112, 0x70}, {&(0x7f0000001500)=""/71, 0x47}, {&(0x7f0000000100)=""/40, 0x28}, {&(0x7f0000001580)=""/92, 0x5c}], 0x7) 19:31:06 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {0x0, 0x0, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1150.184966] loop4: detected capacity change from 0 to 96 [ 1150.187246] loop2: detected capacity change from 0 to 96 [ 1150.190270] loop3: detected capacity change from 0 to 96 [ 1150.191221] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:31:06 executing program 5: write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000001140)={{0x7f, 0x45, 0x4c, 0x46, 0x40, 0x1f, 0x3f, 0x8, 0x7fffffff, 0x2, 0x6, 0x763, 0x24b, 0x38, 0x3a7, 0x22000000, 0x8, 0x20, 0x2, 0xae, 0xede6, 0x8}, [], "767e1f58dc51f81b44859ca6604831570a0d1aaf982e8b8c3713f7d9edd6968d42d05ecaaae6e3037172a9c582aec1747279133e14ceaaa012e479d7501d514a5cdacd38d19f3b7fcf764cb95eae9f450bd76da710824a8b6fef03140d8cc2dcdabe56ec1a9dfc5a65050a5fc3df30c095abd768d06575493b14779dd8a72f94184e8a82d365da123a6b486a05ec566ea380817c63c1078c7cd298f209e84ccbfb08e0a4fa41e65c90e281afcc98e02ae4e2a3aa725b940ab507864cd7488968bbde5f8d246dad35ef0d4372d38f72e7b2d47240ad2b5067748de91dc7e11181e79517cdecbebf4dd0ba21363ae6be38d56460613c98f7390d35bc0586cdbb94ec0f91"}, 0x13b) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r2, 0x5) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) r3 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r4 = epoll_create(0x4) mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x1000002, 0x4000010, r3, 0x10000000) r5 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) r6 = fsmount(r5, 0x0, 0x0) r7 = openat(r6, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r7, 0x5) readv(r7, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), r7) r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r8, &(0x7f0000000140)) dup2(r3, r4) [ 1150.211533] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1150.212116] FAT-fs (loop4): Filesystem has been set read-only 19:31:06 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mincore(&(0x7f0000ffc000/0x3000)=nil, 0x3000, &(0x7f0000000000)=""/4096) [ 1150.223031] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1150.223594] FAT-fs (loop3): Filesystem has been set read-only 19:31:06 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:06 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:06 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:06 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x2000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:31:06 executing program 0: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) fsmount(r3, 0x0, 0x7e) r5 = openat(r4, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r5, 0x5) readv(r5, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) ftruncate(r5, 0x5) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) r6 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x0, 0x0, r2}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r7 = epoll_create(0x4) fsmount(r5, 0x1, 0x84) r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r8, &(0x7f0000000140)) dup2(r6, r7) [ 1150.298209] loop6: detected capacity change from 0 to 24 19:31:06 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xd0be}) ioctl$BTRFS_IOC_DEFRAG_RANGE(r3, 0x40309410, &(0x7f0000000040)={0x20, 0xcc0, 0x1, 0x4, 0x1, [0xf8e7, 0x3ff, 0x8001, 0x1]}) r4 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) openat(r5, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) write$binfmt_aout(r5, &(0x7f00000002c0)={{0x10b, 0x7, 0x8, 0xb9, 0x222, 0x4, 0x1b0, 0x5}, "173a5acc37ce07a4c11621b6408a08de8754d030c80ecd6d70ff76b1747eb3f6b3a41bdb9c97a2e257f2780b92f4dbf89db76ffec48cdbbfaa22e472c4e8c7a2d6d145e3b16a4f7ab4735959544a7e7066bfed2761654d7e0e53b1aef8e18febc4267119f2aba80c0e3fef78a8e62b58ee477610a2d494afd26c64b0aaeabdb2b844929a6c18095bb0a94742367b78140ecef197324ff56803d191eb1126", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x8be) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) [ 1150.336175] loop2: detected capacity change from 0 to 96 19:31:06 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mincore(&(0x7f0000ffd000/0x3000)=nil, 0x3000, &(0x7f0000000040)=""/139) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x8000, &(0x7f0000000000)=0x1ff, 0x7, 0x5) r0 = shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x4000) [ 1150.352916] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1150.353595] FAT-fs (loop2): Filesystem has been set read-only 19:31:06 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {0x0, 0x0, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1150.371352] loop4: detected capacity change from 0 to 96 [ 1150.380716] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1150.396439] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1150.397077] FAT-fs (loop4): Filesystem has been set read-only [ 1150.403427] loop3: detected capacity change from 0 to 96 19:31:06 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r2, 0x0) 19:31:06 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1150.428485] loop6: detected capacity change from 0 to 24 19:31:06 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = syz_io_uring_setup(0x7b7d, &(0x7f0000000000)={0x0, 0xfa93, 0x0, 0x2, 0x3e3, 0x0, r0}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r2 = epoll_create(0x4) mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000008, 0x50, r1, 0x10000000) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000140)) r4 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x10000, 0x0) fsmount(r5, 0x0, 0xf) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r6 = fsmount(r4, 0x0, 0x0) openat(r6, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) io_uring_enter(r6, 0x6c51, 0x8489, 0x1, &(0x7f0000000100)={[0x5]}, 0x8) dup2(r0, r2) [ 1150.436805] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1150.438132] FAT-fs (loop3): Filesystem has been set read-only 19:31:06 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:07 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300), 0x0, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:07 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x3000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:31:07 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:07 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mincore(&(0x7f0000ff9000/0x2000)=nil, 0x2000, &(0x7f0000000040)=""/32) [ 1150.557423] loop4: detected capacity change from 0 to 96 [ 1150.569175] loop2: detected capacity change from 0 to 96 [ 1150.588686] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1150.589381] FAT-fs (loop4): Filesystem has been set read-only [ 1150.591757] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1150.595421] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1150.596440] FAT-fs (loop2): Filesystem has been set read-only 19:31:18 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x4000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:31:18 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:18 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:18 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r2, 0x0) [ 1161.681987] loop2: detected capacity change from 0 to 96 19:31:18 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x9}}, './file0\x00'}) r4 = open(&(0x7f0000000040)='./file0\x00', 0x2000, 0x1) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000080)={0x2012}) dup2(r0, r1) 19:31:18 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300), 0x0, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:18 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:18 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(0x0, 0xb) shmctl$SHM_LOCK(r0, 0xb) shmget$private(0x0, 0x3000, 0x40, &(0x7f0000ffc000/0x3000)=nil) shmat(r0, &(0x7f0000ffb000/0x1000)=nil, 0x3000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) shmat(r0, &(0x7f0000ffb000/0x2000)=nil, 0x1000) r1 = shmget$private(0x0, 0x4000, 0x4, &(0x7f0000ffb000/0x4000)=nil) shmctl$SHM_STAT(r1, 0xd, &(0x7f0000000000)=""/80) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) [ 1161.691268] loop4: detected capacity change from 0 to 96 [ 1161.697738] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1161.701087] loop3: detected capacity change from 0 to 96 [ 1161.707945] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1161.708525] FAT-fs (loop3): Filesystem has been set read-only [ 1161.732641] FAT-fs (loop4): bogus number of reserved sectors [ 1161.733998] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1161.744166] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1161.745417] FAT-fs (loop2): Filesystem has been set read-only [ 1161.750615] loop6: detected capacity change from 0 to 24 [ 1175.533814] loop6: detected capacity change from 0 to 24 19:31:32 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:31:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x5000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:31:32 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:32 executing program 5: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r2, 0x5) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) r3 = syz_io_uring_setup(0xda7, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r4 = epoll_create(0x4) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000140)) dup2(r3, r4) 19:31:32 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:32 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:32 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300), 0x0, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:32 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0", 0x5, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1175.546739] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1175.577866] loop4: detected capacity change from 0 to 96 [ 1175.583708] loop3: detected capacity change from 0 to 96 [ 1175.586205] loop2: detected capacity change from 0 to 96 [ 1175.596070] FAT-fs (loop4): bogus number of reserved sectors [ 1175.596501] FAT-fs (loop4): Can't find a valid FAT filesystem 19:31:32 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000", 0x16, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x6000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1175.612067] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1175.613139] FAT-fs (loop3): Filesystem has been set read-only 19:31:32 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) r3 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r3) [ 1175.617768] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000000f) [ 1175.618697] FAT-fs (loop2): Filesystem has been set read-only 19:31:32 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1175.657167] loop6: detected capacity change from 0 to 24 19:31:32 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) shmctl$SHM_STAT_ANY(0x0, 0xf, &(0x7f0000000000)=""/208) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) get_mempolicy(&(0x7f0000000100), &(0x7f0000000140), 0x4, &(0x7f0000ffc000/0x1000)=nil, 0x1) shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x4000)=nil, 0x0) shmctl$IPC_RMID(0x0, 0x0) 19:31:32 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1175.683871] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:31:32 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00000000", 0x10, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1175.764591] loop4: detected capacity change from 0 to 96 [ 1175.770672] FAT-fs (loop4): bogus number of reserved sectors [ 1175.771107] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1175.785761] loop3: detected capacity change from 0 to 96 19:31:43 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:43 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:43 executing program 7: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x0) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2, 0xffffffffffffffff}, 0x0, 0x0, 0x1, 0x7, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) shmat(r0, &(0x7f0000ffc000/0x1000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mincore(&(0x7f0000ff8000/0x8000)=nil, 0x8000, &(0x7f0000000000)=""/220) 19:31:43 executing program 5: r0 = fsmount(0xffffffffffffffff, 0x0, 0x70) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f0000001240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="0900000006e5c100554729a30338560000002e2f66696c653100"]) r1 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x8000}, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r2 = epoll_create(0x80000000) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000140)) dup2(r1, r2) r4 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) r6 = openat(r5, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r6, 0x5) readv(r6, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r5, 0xc0189379, &(0x7f00000011c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r3, @ANYBLOB="00000000000000002e2f66a002653100"]) syz_io_uring_setup(0x76df, &(0x7f0000001140)={0x0, 0x72a6, 0x0, 0x2, 0x1c8, 0x0, r7}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000fef000/0x11000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 19:31:43 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x7000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:31:43 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{0x0}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:43 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0", 0x5, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1187.157049] loop4: detected capacity change from 0 to 96 [ 1187.160993] loop3: detected capacity change from 0 to 96 [ 1187.163356] loop2: detected capacity change from 0 to 96 [ 1187.172258] FAT-fs (loop4): bogus number of reserved sectors [ 1187.172631] FAT-fs (loop4): Can't find a valid FAT filesystem 19:31:43 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000", 0x16, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1187.184380] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1187.184926] FAT-fs (loop3): Filesystem has been set read-only [ 1187.185605] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000000f) [ 1187.186322] FAT-fs (loop2): Filesystem has been set read-only [ 1187.206209] loop6: detected capacity change from 0 to 24 [ 1187.213565] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:31:43 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{0x0}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:43 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:43 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0", 0x5, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:43 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(0x0, 0xb) shmctl$SHM_LOCK(r0, 0xb) shmget$private(0x0, 0x3000, 0x40, &(0x7f0000ffc000/0x3000)=nil) shmat(r0, &(0x7f0000ffb000/0x1000)=nil, 0x3000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) shmat(r0, &(0x7f0000ffb000/0x2000)=nil, 0x1000) r1 = shmget$private(0x0, 0x4000, 0x4, &(0x7f0000ffb000/0x4000)=nil) shmctl$SHM_STAT(r1, 0xd, &(0x7f0000000000)=""/80) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:31:43 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) r0 = shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_STAT(r0, 0x2, &(0x7f0000000000)=""/131) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) shmget$private(0x0, 0x4000, 0x78000000, &(0x7f0000ffc000/0x4000)=nil) 19:31:43 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000", 0x16, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1187.301952] loop4: detected capacity change from 0 to 96 [ 1187.308807] loop3: detected capacity change from 0 to 96 19:31:43 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x9000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1187.313303] loop2: detected capacity change from 0 to 96 [ 1187.320925] FAT-fs (loop4): bogus number of reserved sectors [ 1187.321769] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1187.325994] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1187.326550] FAT-fs (loop3): Filesystem has been set read-only [ 1187.327220] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000000f) [ 1187.327699] FAT-fs (loop2): Filesystem has been set read-only [ 1187.338066] loop6: detected capacity change from 0 to 24 19:31:43 executing program 5: r0 = syz_io_uring_setup(0x7e41, &(0x7f0000000000), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) r3 = dup2(r0, r1) ioctl$TIOCSPTLCK(0xffffffffffffffff, 0x40045431, &(0x7f0000000100)=0x1) r4 = pidfd_getfd(r2, r3, 0x0) r5 = syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000014c0), 0x1000000, &(0x7f0000001580)={[{@hide}, {@cruft}, {@uid}, {@check_strict}], [{@smackfsfloor={'smackfsfloor', 0x3d, '{.'}}]}) r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000001640), r4) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r4, &(0x7f0000001700)={&(0x7f0000001600)={0x10, 0x0, 0x0, 0x24020043}, 0xc, &(0x7f00000016c0)={&(0x7f0000001680)={0x40, r6, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x46}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xffffffc1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x200}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004080}, 0x200000c4) epoll_ctl$EPOLL_CTL_MOD(r4, 0x3, r5, &(0x7f00000015c0)={0x20000000}) [ 1187.368532] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:31:55 executing program 5: r0 = syz_io_uring_setup(0x6513, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) 19:31:55 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:55 executing program 7: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffd000/0x2000)=nil, 0x0) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x4000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:31:55 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041", 0x21, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:55 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:55 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000080)={0x4}) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r4, &(0x7f0000000140)) epoll_create(0x80000000) ioctl$BTRFS_IOC_LOGICAL_INO_V2(0xffffffffffffffff, 0xc038943b, &(0x7f0000000040)={0x1e9, 0x20, '\x00', 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0]}) dup2(r0, r1) fcntl$setflags(r4, 0x2, 0x1) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/module/psmouse', 0x600, 0x100) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r5, 0x8010671f, &(0x7f00000004c0)={&(0x7f0000000400)=""/155, 0x9b}) [ 1199.261389] loop6: detected capacity change from 0 to 24 19:31:55 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{0x0}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:55 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xa000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1199.276902] loop4: detected capacity change from 0 to 96 [ 1199.293630] loop3: detected capacity change from 0 to 96 19:31:55 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041", 0x21, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1199.308198] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1199.308750] FAT-fs (loop3): Filesystem has been set read-only [ 1199.311856] FAT-fs (loop4): bogus number of reserved sectors [ 1199.312771] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1199.330956] loop2: detected capacity change from 0 to 96 [ 1199.338971] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:31:55 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffff", 0x8, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1199.357800] loop6: detected capacity change from 0 to 24 19:31:55 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000080)={0x4}) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r4, &(0x7f0000000140)) epoll_create(0x80000000) ioctl$BTRFS_IOC_LOGICAL_INO_V2(0xffffffffffffffff, 0xc038943b, &(0x7f0000000040)={0x1e9, 0x20, '\x00', 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0]}) dup2(r0, r1) fcntl$setflags(r4, 0x2, 0x1) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/module/psmouse', 0x600, 0x100) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r5, 0x8010671f, &(0x7f00000004c0)={&(0x7f0000000400)=""/155, 0x9b}) [ 1199.360608] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1199.361798] FAT-fs (loop2): Filesystem has been set read-only 19:31:55 executing program 5: r0 = syz_io_uring_setup(0xbf6, &(0x7f0000001140), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) r5 = openat(r4, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r5, 0x5) readv(r5, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f0000000000)=ANY=[@ANYBLOB="01ce8a173800000018000000", @ANYRES32=r0, @ANYBLOB="00100000000000002e2f66696c653000"]) r7 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0) r8 = fsmount(r7, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r9, 0x5) readv(r9, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) ppoll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x2000}, {0xffffffffffffffff, 0x401}, {r5, 0x400}, {r6, 0xc0}, {r9, 0x5004}], 0x5, &(0x7f0000000080), &(0x7f00000000c0)={[0xd415]}, 0x8) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) [ 1199.407490] loop3: detected capacity change from 0 to 96 19:31:55 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041", 0x21, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:55 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:55 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xf000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:31:55 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:31:55 executing program 7: r0 = shmget$private(0x0, 0x2000, 0x80, &(0x7f0000ffb000/0x2000)=nil) shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) [ 1199.462821] loop4: detected capacity change from 0 to 96 [ 1199.475496] loop6: detected capacity change from 0 to 24 [ 1199.490107] FAT-fs (loop4): bogus number of reserved sectors [ 1199.492234] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1199.534385] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1199.553333] loop2: detected capacity change from 0 to 96 [ 1199.566195] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1199.566861] FAT-fs (loop2): Filesystem has been set read-only 19:32:07 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:07 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:07 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, r2, @out_args}, './file0\x00'}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) 19:32:07 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) syz_io_uring_setup(0x52b5, &(0x7f0000000000)={0x0, 0x648e, 0x0, 0x1, 0x120}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:32:07 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000080)={0x4}) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r4, &(0x7f0000000140)) epoll_create(0x80000000) ioctl$BTRFS_IOC_LOGICAL_INO_V2(0xffffffffffffffff, 0xc038943b, &(0x7f0000000040)={0x1e9, 0x20, '\x00', 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0]}) dup2(r0, r1) fcntl$setflags(r4, 0x2, 0x1) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/module/psmouse', 0x600, 0x100) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r5, 0x8010671f, &(0x7f00000004c0)={&(0x7f0000000400)=""/155, 0x9b}) 19:32:07 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00", 0x27, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:07 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x22080000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:32:07 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1211.180160] loop2: detected capacity change from 0 to 96 [ 1211.194587] loop4: detected capacity change from 0 to 96 [ 1211.201201] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1211.201692] FAT-fs (loop2): Filesystem has been set read-only [ 1211.204367] FAT-fs (loop4): bogus number of reserved sectors [ 1211.204742] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1211.208776] loop3: detected capacity change from 0 to 96 19:32:07 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1211.233677] loop6: detected capacity change from 0 to 24 19:32:07 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1211.257328] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1211.258626] FAT-fs (loop3): Filesystem has been set read-only [ 1211.270857] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1211.283894] loop2: detected capacity change from 0 to 96 [ 1211.293082] FAT-fs (loop2): bogus number of reserved sectors [ 1211.293610] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1211.298286] loop4: detected capacity change from 0 to 96 [ 1211.301074] FAT-fs (loop4): bogus number of reserved sectors [ 1211.301561] FAT-fs (loop4): Can't find a valid FAT filesystem 19:32:07 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00", 0x27, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:07 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) [ 1211.383958] loop6: detected capacity change from 0 to 24 19:32:19 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00", 0x27, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:19 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1) 19:32:19 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:19 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000080)={0x4}) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r4, &(0x7f0000000140)) epoll_create(0x80000000) ioctl$BTRFS_IOC_LOGICAL_INO_V2(0xffffffffffffffff, 0xc038943b, &(0x7f0000000040)={0x1e9, 0x20, '\x00', 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0]}) dup2(r0, r1) fcntl$setflags(r4, 0x2, 0x1) openat$sysfs(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/module/psmouse', 0x600, 0x100) 19:32:19 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) r3 = dup2(r0, r1) waitid$P_PIDFD(0x3, r3, &(0x7f0000000000), 0x2, &(0x7f0000000080)) 19:32:19 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:19 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000", 0x20}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x29010000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1222.990861] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1223.010461] loop6: detected capacity change from 0 to 24 19:32:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x48000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1223.023100] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:32:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x4c000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1223.052948] loop3: detected capacity change from 0 to 96 [ 1223.073055] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1223.073592] FAT-fs (loop3): Filesystem has been set read-only [ 1223.076514] loop2: detected capacity change from 0 to 96 [ 1223.079319] loop4: detected capacity change from 0 to 96 19:32:19 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030", 0x2a, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1223.090910] FAT-fs (loop2): bogus number of reserved sectors [ 1223.091819] FAT-fs (loop2): Can't find a valid FAT filesystem 19:32:19 executing program 7: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x0) sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="30032cbd7000fbdbdf257000000008000300", @ANYRES32=0x0, @ANYRES16=r0], 0x58}, 0x1, 0x0, 0x0, 0x20008840}, 0x40) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, &(0x7f0000000140)=0x7d58, 0x9, 0x2) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mlock2(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0) shmctl$IPC_RMID(0x0, 0x0) [ 1223.119951] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:32:19 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100), 0x0, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1223.141277] loop6: detected capacity change from 0 to 24 19:32:19 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x10}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) 19:32:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x68000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1223.182410] loop3: detected capacity change from 0 to 96 19:32:19 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000080)={0x4}) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r4, &(0x7f0000000140)) epoll_create(0x80000000) ioctl$BTRFS_IOC_LOGICAL_INO_V2(0xffffffffffffffff, 0xc038943b, &(0x7f0000000040)={0x1e9, 0x20, '\x00', 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0]}) dup2(r0, r1) fcntl$setflags(r4, 0x2, 0x1) [ 1223.197981] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1223.198506] FAT-fs (loop3): Filesystem has been set read-only 19:32:19 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:19 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:19 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmget$private(0x0, 0x4000, 0x1, &(0x7f0000ffc000/0x4000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x2ab, 0x3) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc001, &(0x7f0000000000)=0x21, 0x100000000, 0x4) [ 1223.214762] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1223.309534] loop2: detected capacity change from 0 to 96 [ 1223.311585] loop4: detected capacity change from 0 to 96 [ 1223.319937] FAT-fs (loop2): bogus number of reserved sectors [ 1223.320455] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1223.336437] FAT-fs (loop4): bogus number of reserved sectors [ 1223.337298] FAT-fs (loop4): Can't find a valid FAT filesystem 19:32:31 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:31 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1235.430143] loop4: detected capacity change from 0 to 96 19:32:31 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000080)={0x4}) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r4, &(0x7f0000000140)) epoll_create(0x80000000) ioctl$BTRFS_IOC_LOGICAL_INO_V2(0xffffffffffffffff, 0xc038943b, &(0x7f0000000040)={0x1e9, 0x20, '\x00', 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0]}) dup2(r0, r1) 19:32:31 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mremap(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x3000, 0x7, &(0x7f0000ff9000/0x3000)=nil) shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000000)=""/96) 19:32:31 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x6c000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:32:31 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030", 0x2a, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:31 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x20000001) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x80000000}) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x300, 0x0) epoll_pwait(r1, &(0x7f0000000100)=[{}, {}, {}, {}], 0x4, 0x1, &(0x7f00000002c0)={[0x20]}, 0x8) io_uring_setup(0x5030, &(0x7f0000000040)={0x0, 0x400655f, 0x1, 0x3c26, 0x242, 0x0, r2}) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000140)) dup2(r0, r1) 19:32:31 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{0x0}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1235.442164] loop2: detected capacity change from 0 to 96 [ 1235.450609] loop3: detected capacity change from 0 to 96 [ 1235.452612] FAT-fs (loop4): bogus number of reserved sectors [ 1235.453153] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1235.456370] FAT-fs (loop2): bogus number of reserved sectors [ 1235.456787] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1235.464453] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1235.464988] FAT-fs (loop3): Filesystem has been set read-only [ 1235.480197] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:32:32 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1235.511736] loop6: detected capacity change from 0 to 24 19:32:32 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{0x0}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:32 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x74000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1235.556409] loop4: detected capacity change from 0 to 96 [ 1235.562709] FAT-fs (loop4): bogus number of reserved sectors [ 1235.563271] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1235.570443] loop2: detected capacity change from 0 to 96 [ 1235.575975] loop3: detected capacity change from 0 to 96 [ 1235.576683] FAT-fs (loop2): bogus number of reserved sectors [ 1235.577117] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1235.592926] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1235.593484] FAT-fs (loop3): Filesystem has been set read-only 19:32:32 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:32 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000080)={0x4}) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r4, &(0x7f0000000140)) epoll_create(0x80000000) ioctl$BTRFS_IOC_LOGICAL_INO_V2(0xffffffffffffffff, 0xc038943b, &(0x7f0000000040)={0x1e9, 0x20, '\x00', 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0]}) 19:32:32 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f0000000000), &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, &(0x7f0000000080)={r3, r1, 0x7}) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) r5 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) fsmount(r5, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r4, &(0x7f0000000140)) dup2(r0, r1) 19:32:32 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030", 0x2a, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1235.667607] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1235.712330] loop6: detected capacity change from 0 to 24 19:32:43 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{0x0}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:43 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000080)={0x4}) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r4, &(0x7f0000000140)) epoll_create(0x80000000) 19:32:43 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c0065003000", 0x2b, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:43 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:43 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:43 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmctl$IPC_RMID(0x0, 0x0) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x5d0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000ff8000/0x4000)=nil) 19:32:43 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x7a000000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1247.412834] loop6: detected capacity change from 0 to 24 19:32:43 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) openat(r4, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000080)={0x40000001}) r5 = dup(r1) r6 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000040)={0x1}) [ 1247.453298] loop3: detected capacity change from 0 to 96 19:32:43 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c0065003000", 0x2b, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1247.462962] loop4: detected capacity change from 0 to 96 [ 1247.469214] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1247.469934] FAT-fs (loop3): Filesystem has been set read-only [ 1247.474125] FAT-fs (loop4): bogus number of FAT structure [ 1247.474619] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1247.492161] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1247.494460] loop2: detected capacity change from 0 to 96 19:32:44 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000080)={0x4}) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r4, &(0x7f0000000140)) [ 1247.507807] FAT-fs (loop2): bogus number of reserved sectors [ 1247.508671] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1247.517954] loop6: detected capacity change from 0 to 24 19:32:44 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:44 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:44 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/156, 0x9c, 0x1, &(0x7f00000000c0)=""/57, 0x39}, &(0x7f0000000140)=0x40) 19:32:44 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c0065003000", 0x2b, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1247.597638] loop3: detected capacity change from 0 to 96 19:32:44 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x9effffff, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1247.622077] loop6: detected capacity change from 0 to 24 [ 1247.655888] loop4: detected capacity change from 0 to 96 [ 1247.664087] FAT-fs (loop4): bogus number of FAT structure [ 1247.664928] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1247.673653] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:32:55 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000080)={0x4}) openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) 19:32:55 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xf0ffffff, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:32:55 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f80100", 0x18}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:55 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:55 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:55 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) r4 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) r6 = openat(r5, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r6, 0x5) readv(r6, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, r6, 0x10000000) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r7 = fsmount(r3, 0x0, 0x0) r8 = openat(r7, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r8, 0x5) readv(r8, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r8) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) 19:32:55 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:55 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) [ 1258.820134] loop3: detected capacity change from 0 to 96 [ 1258.828514] FAT-fs (loop6): bogus number of reserved sectors [ 1258.829055] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1258.842894] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1258.843596] FAT-fs (loop3): Filesystem has been set read-only [ 1258.860836] loop2: detected capacity change from 0 to 96 [ 1258.864529] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:32:55 executing program 7: r0 = shmget(0x0, 0x3000, 0x0, &(0x7f0000ffa000/0x3000)=nil) shmat(r0, &(0x7f0000ff6000/0xa000)=nil, 0xe441bbcb3a8c4757) shmget(0x3, 0x3000, 0x80, &(0x7f0000ffa000/0x3000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000040)=0x101, 0x1000, 0x2) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mbind(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000000000)=0xfff, 0x8, 0x0) [ 1258.868356] loop4: detected capacity change from 0 to 96 19:32:55 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000080)={0x4}) [ 1258.878467] FAT-fs (loop2): bogus number of reserved sectors [ 1258.879262] FAT-fs (loop2): Can't find a valid FAT filesystem 19:32:55 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:55 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:55 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xffffe000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1258.944177] FAT-fs (loop6): bogus number of reserved sectors [ 1258.944599] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1258.949158] loop3: detected capacity change from 0 to 96 [ 1258.963660] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1258.964350] FAT-fs (loop3): Filesystem has been set read-only 19:32:55 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:32:55 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1259.008718] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1259.052929] loop2: detected capacity change from 0 to 96 [ 1259.059302] FAT-fs (loop2): bogus number of reserved sectors [ 1259.059715] loop4: detected capacity change from 0 to 96 [ 1259.059784] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1259.062785] FAT-fs (loop4): bogus number of FAT structure [ 1259.063577] FAT-fs (loop4): Can't find a valid FAT filesystem 19:33:07 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:07 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:07 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:07 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xfffff000, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:33:07 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x8020000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000140)) dup2(r0, r1) 19:33:07 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00", 0x4, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:07 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) epoll_create(0x4) r1 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) openat(r2, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) 19:33:07 executing program 7: shmget$private(0x0, 0x3000, 0x1000, &(0x7f0000ffd000/0x3000)=nil) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmat(r0, &(0x7f00007ff000/0x800000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mbind(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4000, &(0x7f0000000000)=0x9, 0x6, 0x6) [ 1270.995688] loop3: detected capacity change from 0 to 96 [ 1270.995928] loop2: detected capacity change from 0 to 96 [ 1270.998251] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1271.004680] loop4: detected capacity change from 0 to 96 [ 1271.005993] FAT-fs (loop2): bogus number of reserved sectors [ 1271.007079] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1271.008825] FAT-fs (loop6): bogus number of reserved sectors [ 1271.009314] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1271.018917] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1271.019435] FAT-fs (loop3): Filesystem has been set read-only [ 1271.027869] FAT-fs (loop4): bogus number of FAT structure [ 1271.028870] FAT-fs (loop4): Can't find a valid FAT filesystem 19:33:07 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xffffff7f, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:33:07 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:07 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0", 0x5, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:07 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240)=0x0, &(0x7f0000000280)) r2 = epoll_create(0x4) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) io_setup(0x2, &(0x7f0000000000)=0x0) io_submit(r4, 0x1, &(0x7f0000001a00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0}]) io_getevents(r4, 0x0, 0x4000000, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f0000001140)=ANY=[@ANYBLOB="010000000100000100000000cc7fe14548c34a2b037eec0eae038dc351", @ANYRES32=r0, @ANYBLOB="04000000000000002e2f66696c653100"]) r6 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) r7 = fsmount(r6, 0x0, 0x0) r8 = openat(r7, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r8, 0x5) readv(r8, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) r9 = socket$nl_sock_diag(0x10, 0x3, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_FILES_UPDATE={0x14, 0x2, 0x0, 0x0, 0x9, &(0x7f00000002c0)=[r0, r5, r3, r8, r9, r2], 0x6, 0x0, 0x1}, 0x5) r10 = dup(r0) io_submit(r4, 0x1, &(0x7f0000000080)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x7e0, r2, &(0x7f0000000000)="6cd532ea7a364c0aadd8f3fc54e5058586a40ea704fa579474b1ab111fd7", 0x1e, 0x1, 0x0, 0x0, r10}]) r11 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r11, &(0x7f0000000140)) dup2(r0, r2) 19:33:07 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) epoll_create(0x4) r1 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) fsmount(r1, 0x0, 0x0) 19:33:07 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000", 0x20}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1271.110295] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1271.112867] loop3: detected capacity change from 0 to 96 19:33:07 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1271.121240] loop6: detected capacity change from 0 to 24 [ 1271.126540] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000000f) [ 1271.127156] FAT-fs (loop3): Filesystem has been set read-only 19:33:07 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) shmctl$IPC_RMID(0x0, 0x0) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) [ 1271.151094] FAT-fs (loop6): bogus number of reserved sectors [ 1271.152438] FAT-fs (loop6): Can't find a valid FAT filesystem 19:33:07 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xffffff9e, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:33:07 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0", 0x5, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1271.219627] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1271.223952] loop4: detected capacity change from 0 to 96 [ 1271.226538] loop2: detected capacity change from 0 to 96 [ 1271.239119] loop3: detected capacity change from 0 to 96 [ 1271.240415] FAT-fs (loop4): bogus number of FAT structure [ 1271.241207] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1271.260020] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000000f) [ 1271.260617] FAT-fs (loop3): Filesystem has been set read-only 19:33:20 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) openat(r4, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) r5 = syz_open_dev$mouse(&(0x7f0000000000), 0x3, 0x8000) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000040)={0x10000004}) dup2(r0, r1) 19:33:20 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:20 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:20 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mincore(&(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/18) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x7) 19:33:20 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b000808010002400040", 0x14}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:20 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) epoll_create(0x4) r1 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) 19:33:20 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0", 0x5, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:20 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xfffffff0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1284.127179] loop2: detected capacity change from 0 to 96 [ 1284.143715] loop4: detected capacity change from 0 to 96 [ 1284.145546] loop6: detected capacity change from 0 to 24 [ 1284.146279] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1284.153478] loop3: detected capacity change from 0 to 96 [ 1284.156069] FAT-fs (loop2): bogus number of reserved sectors [ 1284.156801] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1284.162435] FAT-fs (loop6): bogus number of reserved sectors [ 1284.163350] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1284.165815] FAT-fs (loop4): invalid media value (0x00) [ 1284.166630] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1284.189280] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000000f) [ 1284.190243] FAT-fs (loop3): Filesystem has been set read-only 19:33:20 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xffffffff, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:33:20 executing program 7: shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x4000) r0 = shmget(0x0, 0x4000, 0x54000200, &(0x7f0000ffc000/0x4000)=nil) shmget(0x2, 0x2000, 0x10, &(0x7f0000ffb000/0x2000)=nil) shmat(r0, &(0x7f0000ffd000/0x2000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x0, 0x3f, 0x3) 19:33:20 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x40000}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000800000/0x800000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r2, 0x942e, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000140)) dup2(r0, r1) [ 1284.223902] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:33:20 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:20 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) epoll_create(0x4) fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:33:20 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='\t\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:33:20 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:20 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:20 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b000808010002400040", 0x14}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1284.312902] loop6: detected capacity change from 0 to 24 [ 1284.331082] FAT-fs (loop6): bogus number of reserved sectors [ 1284.331961] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1284.336790] loop3: detected capacity change from 0 to 96 [ 1284.346612] loop4: detected capacity change from 0 to 96 [ 1284.347941] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1284.348467] FAT-fs (loop3): Filesystem has been set read-only [ 1284.349107] FAT-fs (loop4): invalid media value (0x00) [ 1284.349437] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1284.352904] loop2: detected capacity change from 0 to 96 [ 1284.367064] FAT-fs (loop2): bogus number of reserved sectors [ 1284.367857] FAT-fs (loop2): Can't find a valid FAT filesystem 19:33:35 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:35 executing program 7: r0 = shmget$private(0x0, 0x1000, 0x10, &(0x7f0000ffa000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x1000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:33:35 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:35 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) epoll_create(0x4) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:33:35 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:35 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b000808010002400040", 0x14}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1298.755138] loop4: detected capacity change from 0 to 96 [ 1298.757220] loop2: detected capacity change from 0 to 96 19:33:35 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="0f000000", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:33:35 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)=0x0) r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000008, 0x10, r0, 0x8000000) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1, {0x0, r3}}, 0xff) syz_io_uring_submit(r2, r1, &(0x7f0000000080)=@IORING_OP_WRITE={0x17, 0x0, 0x2007, @fd=r0, 0x1, &(0x7f0000000040)="bbb4a8f05f3e4dde16be", 0xa, 0x8, 0x0, {0x0, r3}}, 0x800) r4 = epoll_create(0x4) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f00000000c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x1, 0x0, @fd_index=0x6, 0x74a2, 0x0, 0x7, 0x2, 0x1, {0x0, r5}}, 0x1f) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r6, &(0x7f0000000140)) r7 = dup2(r0, r4) close(r7) [ 1298.762365] FAT-fs (loop2): bogus number of reserved sectors [ 1298.763204] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1298.764237] FAT-fs (loop4): invalid media value (0x00) [ 1298.764919] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1298.791563] loop3: detected capacity change from 0 to 96 [ 1298.798689] loop6: detected capacity change from 0 to 24 [ 1298.810553] FAT-fs (loop6): bogus number of reserved sectors [ 1298.811541] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1298.822375] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1298.823440] FAT-fs (loop3): Filesystem has been set read-only 19:33:35 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:35 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:35 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:35 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x8, 0x0, 0x0, 0x9, &(0x7f0000000000)={0x77359400}, 0x1, 0x1}, 0x8) r3 = epoll_create(0x4) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/locks\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000140)) dup2(r0, r3) 19:33:35 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:33:35 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:35 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmget$private(0x0, 0x3000, 0xe500151a7af4e8a7, &(0x7f0000ffd000/0x3000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) [ 1298.955941] loop4: detected capacity change from 0 to 96 19:33:35 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1298.959863] loop2: detected capacity change from 0 to 96 [ 1298.960664] FAT-fs (loop4): bogus number of FAT sectors [ 1298.961379] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1298.976109] FAT-fs (loop2): bogus number of FAT structure [ 1298.976805] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1299.006983] loop6: detected capacity change from 0 to 24 [ 1299.016829] loop3: detected capacity change from 0 to 96 [ 1299.026172] FAT-fs (loop6): bogus number of reserved sectors [ 1299.026920] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1299.062468] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1299.063548] FAT-fs (loop3): Filesystem has been set read-only [ 1311.406962] loop3: detected capacity change from 0 to 96 [ 1311.411790] loop4: detected capacity change from 0 to 96 [ 1311.418129] loop2: detected capacity change from 0 to 96 [ 1311.428067] FAT-fs (loop2): bogus number of FAT structure [ 1311.428779] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1311.439538] FAT-fs (loop3): bogus number of reserved sectors [ 1311.439967] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1311.445443] FAT-fs (loop4): bogus number of FAT sectors [ 1311.446186] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1311.450235] loop6: detected capacity change from 0 to 24 [ 1311.452734] FAT-fs (loop6): bogus number of reserved sectors [ 1311.453248] FAT-fs (loop6): Can't find a valid FAT filesystem 19:33:47 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:47 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:47 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) 19:33:47 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x410000000800000, 0x0) r0 = shmget$private(0x0, 0x1000, 0x400, &(0x7f0000ffc000/0x1000)=nil) r1 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(0xffffffffffffffff, 0x0, 0x0) r3 = openat(r2, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r3, 0x5) readv(r3, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r1, 0x0, 0x0) r5 = openat(r4, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r5, 0x5) readv(r5, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000004, 0x40010, r5, 0xa83d5000) write$P9_RLCREATE(r4, &(0x7f0000000080)={0x18, 0xf, 0x2, {{0x4, 0x3, 0x4}, 0x401}}, 0x18) shmat(r0, &(0x7f0000ffc000/0x3000)=nil, 0x2000) mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1) 19:33:47 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:47 executing program 0: io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:33:47 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:47 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="40010000", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:33:48 executing program 0: io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:33:48 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="c00e0000", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:33:48 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:48 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:48 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0xa3e9, 0x0, 0x3}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) openat(r2, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) r3 = open(&(0x7f0000000180)='./file0\x00', 0x8880, 0xc) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000340)={0x40000000}) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/schedstat\x00', 0x0, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000000)='io.weight\x00', 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000040)={0x1000200a}) r6 = syz_open_dev$ptys(0xc, 0x3, 0x1) fstat(r6, &(0x7f0000000080)) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r4, &(0x7f0000000140)) r7 = dup2(r0, 0xffffffffffffffff) perf_event_open(&(0x7f00000002c0)={0x4, 0x80, 0x7, 0xba, 0x20, 0x7, 0x0, 0x10001, 0x180, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x54, 0x0, @perf_config_ext={0xfffffffffffffff9, 0x2}, 0x41200, 0x81, 0x6, 0x1, 0x3e6, 0x1f, 0x6, 0x0, 0x1, 0x0, 0x7fffffff}, 0xffffffffffffffff, 0xb, r7, 0xc) [ 1311.539454] loop3: detected capacity change from 0 to 96 19:33:48 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:33:48 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1311.568046] FAT-fs (loop3): bogus number of reserved sectors [ 1311.568450] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1311.587565] loop6: detected capacity change from 0 to 24 [ 1311.593354] loop4: detected capacity change from 0 to 96 [ 1311.599502] FAT-fs (loop4): bogus number of FAT sectors [ 1311.599885] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1311.605553] FAT-fs (loop6): bogus number of reserved sectors [ 1311.606490] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1311.613870] loop2: detected capacity change from 0 to 96 [ 1311.625203] FAT-fs (loop2): bogus number of FAT structure [ 1311.625578] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1329.782258] loop2: detected capacity change from 0 to 96 19:34:06 executing program 0: io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:34:06 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f80100", 0x18}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:06 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:06 executing program 7: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) ioctl$BTRFS_IOC_DEV_REPLACE(0xffffffffffffffff, 0xca289435, &(0x7f0000000000)={0x2, 0x6, @start={0x0, 0x1, "9b74e5f4b9856fcf8e9bcbda5ab4dfc9977c91c1de3fcd9fb06efd2f5caf98811bd4a600219754b0a2a7d57677105e27f9bc2dd64250c5bd4a60898642abdb74b1fed88f2fc6e37864ffca9ff0a340e4aec40f3db8bc657c9a667d2966c31bbf066c9cb66d6f579e3dee166bbe46c84bee7e61305d6613da243c02409b5fd08c8a2c78c6e1217a3f654cebe57eb142a286437e4276d251cf44fabee3375d114a642637d55121d618720161f1b62895544ac38b699dc6a3a262b21a97a82cf4347b9a2d2fe7ec65ae69938c109cef70b636ff53fce969aeab161c72cdd7efe62ea697985edad4e909d6a96c3b9383bb429e42729739c44cd2ae5ed65a2be9bba8aefcf529ab24770de9687b842ad7c4c89d251a95de8a36f6b41f1d7dec65967eb340024e46660c2ec1f200e0c853595b9d7f8f759fde37c7ec495b3d51db39ad162f947ae21a3e371d5e9ee457eb5437d871c6689431fef5a5eecd769443d8ad33aee386e723947aa87be27f00b1b054a9f2863e568ad49ae86434f147d53beb1c986c84b6cb6750dd0518f685030b7bffd5e72ef87f95866a9f2bc5561833c1dd318e775318e306c86307566175a007d314832b0480a3b0daab42a1c9e4fa58b65abda0237caa256d0942fd6c1ee7e2d1dae5ab8a8a0f6b1899f2d19cad497f2a1bca898a937ee8f459df02c9ff67641ccc58969260f17090106834f78db7ccfa05efaf304f2f47c3aa52226a93b50de02a3d9b316c38b5b36a658b41beb5c6458fd38e2240de0f0d433330827dfe171c63dd87e7f2e203b6690b96edb9121ebf8d555d71b9c5794cafaf9416eaad241c0b30360f25d050ba79977dc17fccf0acbd657fed03008c9170c8272a730c7029c470c2c6b5c345e9a6aa3e2f9833cb284ff2a7d6ab3b7642bedaab02a6fc35a7496faed57c88b1b1668c5aa16178bc79d86416f4dbf7f985353e1c6897fde186ec6e4733b9947e6d468d6d1a7c34a67470cbf09a5b1fe09ef11700e89130e8d7178b1b073757cf62704ade5c3daa710e49a1c7cd05c975b7047e7183df4fcfc2a85d415cdc63c3e2b33d1660da4acb8b54a2a9b869796371f2021f5c8ce10290866f8c75d4f191fade41fa4f5fc730a80e592488971aa2483f7b027ab274ecc5998bbcf7d1ecf42c80100a1f69aca5aeb4c1b75cd0fbb8ac22a49f1aa8fbb16032258f21bd8c74d7230adb7ed2925b201135db5a8732b9b835fec25586486915c653440a24fab4acaeeeb58dc1f1c0b12b13b728d2e48537e986729288f4d04bb8c492860e7327c09dfc2b873b5413643bc451c914b4a60f4f4be446f698502e4040f948f2d19de852abd25f404430906973566ac8343df94fc68d1fcad0dd99faaf217b6ff60845d3e35ed5237d4c81439c41e76e8735d47b66cfe267b8aa46f6789946638b3415e3c9d48ab6a02c01", "5940e22b27e90a9f8c00e21de00e7fa62a5c1a530fb393cb0456e5975c4e2792091ffa5f9b3ddbad193641990b8dbae4af9802333b3b1118afc4329e079023165076b9e04e0b82d90a86cdc972064b54184d408bc915569c2cd275f6b650e156de5105501e2a46746e34df73855dac6648933ce6241ec13f800a4c8ef8e9547585e83307f7dfdf71338cd80e238eb3faaa0bd69aee4380732ca5a7b45ea015354c4c87bfd7703212163460701f9472d37799646e20a7cd0c6313e6440e94bf2efc487f620eb17ad6466cb16df5012c390b2d0d1de3a48ef5265295f92d8ca285cdb7e638c6207fe505d2582496f0f271be7020389c61d508305a243282ab0d6c753e5d116954ff316b889826197098546aedbe5071b457241bc1a7568eabff1a014a3db94426b47b5d343fbcafe76a2ec960ee5dd0e51b37ebc3a850e2ac5587ea790db937baad94f7ff93f44764d180f2b33a9c948b22e3b45452581d14b004be91b1b27dcb35b2290ed4067c26dd562ad0e3ff2e602595d436648881df8234fd633685269f203cf1f4f6122784a54c4671dc5f8708eafedadf3186c2e4460fcba5c483bc93e39a1c275607e6843037f3d8c05fe3e14bb0e5a99080815470cd5aaa531ca31e6a2292ac7cfc0b61d9ca52f6fd2b11fc660797382d629909b8550bf0b245076917207e1a22e1b1f21e289340dea6d6c24c06215ae5bd605a42bc8572163088e7451cfec9aa5272c3a4555f46db456315275f72b0b928908cc6031c9e2bb89f374177eeec9f40513dcd7a89f852828c2885899fda80c0004b29519c5196c3d836b5fd9fa36dee465a469beb75ad229d008f374b982c944667162bc0d5de61869e2aaee4977232679dbadb60d8e5c06611973a090ea63055a3b8e676252f7e3c090e3ecb15cf70153bc432ccff9672c037b8d0002392fea34a9bf5c300522a6b0ae1f585a7a8a38d0e395e5d0c318e98132f0f6d921d0d58c7da0e88f829df892956b9e4c41c15de2ebab8609790773a645eea2ddf3a75e560d65eb286fef50bf06d99936f4650f14c046261e28aa18887dd43c525ce8182c7286a741a00b61608d5623b81ca0451d22eb955eae137d755f4a92fe50eb8e732f2a19edea8e9f6deeb6dcc231daf2abdc5d2312abc0e5c2d2d67c984e6ccccf3c39a326f3018a20c0d8a5cf7fe17b0f2bde7c1bd893224ae3fe557c3d5f09a53c7bbda488617779d31fac0e4be4504dfbb80187e255016dec346708bee01dd66b7bc259d922ae61a8df56e49ca5517bfd281476582ff635841f9017365b21d6bc3aeabdab9cd2c6dccafcf9318da6374ca8ea8fd9ce7b68dee964ad800c6b83d12f7f00ebfaf59cec6581e41989a33351e05de6cf85740afbf2af0494c9df56163b71c961cb6175ba150df24f262f98bad1dd08fe686fdf5ef4779c5f60835375ccf08"}, [0x9a, 0xc, 0x5, 0x401, 0x602, 0x9, 0x2, 0x0, 0x20000000, 0x0, 0x3ff, 0x5, 0x78a, 0x20, 0x2, 0x176, 0xffffffffffff0fcf, 0x861b, 0x4, 0x6, 0x3f, 0x5, 0x100, 0x4, 0x3ff, 0x2, 0xe40d, 0x2, 0x7fffffff, 0x9, 0x1ff000, 0x1, 0x7fffffff, 0x1, 0xfffffffffffffff8, 0x1, 0x3, 0x1, 0x2, 0xe000000000000, 0x8000, 0xefe, 0x7ff, 0x9, 0x6, 0x4, 0x5, 0x0, 0x40, 0x8, 0x5, 0x7, 0x7fff, 0x3, 0xffffffff, 0x6, 0x8, 0xa0b0, 0x8, 0x4, 0xffff, 0xfffffffffffff791, 0x4, 0x10001]}) ioctl$BTRFS_IOC_DEV_REPLACE(r0, 0xca289435, &(0x7f0000000a40)={0x3, 0x6, @start={r1, 0x1, "506de75fe7558f71dbc72d0fb0514eb0b0460632a0ac042d3b0fc4680d13fa23bdbbfd7aa5df4705aa9f83c8190bc9c7c828370c989d1303db5293f2b5bf1e3719db9932014613b0e590c22b5ff70124ce06babd5f28d12c5c104e0876feada4725ffc00d41fe1f6aa7174f3ffb665fc06412d3efdf9b80a8ad875014927ac5e1bbee8cf1a2e3e0f62ffb6404ee6761932198aad106d63fbad0e4e8da247effea671d7cd9c683f0a7080354bba7efb358d4c850a77232a6eba0a70df7e76354defe821c2296687c99be90dcc20bd9ad125225cba9be59ef40cc355b3cd180ce7cbc5d742decb96973eaa389d8b050bc959f21a52270eef3eb11c8e0b999b703feaf47fae5f8c4e991994bb656e4f2130fe0572995e0398c5ebbf5e8fc96a5d1ab2fc9fc8d2290fad34c06506e09469a605d7d5bd76ea77e3106486e0ae9cb1c24c7fe0191f6a60f8739fca074161410a9cb09b844e582124c6ec6bb23e8edc43d92d78ad6ca383aa196f29b8d3b4adb0baba133ba9fb219783949e13f0a361df095514f820d519fc414f60cd56fc5abb2a5bfc94b05be3b62f815222e57bb66622fdbbcbbd7f404024084567e383e45e61527e3cd44b8c9908c74ef1f1d3c6f65dec8dffaa0288b1cddd90511b51a3f258584b94db9b365d98c1aaffd4f0255e44136048d63010adde4124a3a05858cba22e9f91d70e8249a01b9907c82c797eecef9eb0d3972c12f903ad6ef60e8a92a96e0bee451968884d17ee1fe0fedba9598382525ae61704daefcd4cab67e985fc9377b343d24b03cd76ab1a3386fbf9c7cd51c6dc26b50e74250ed9d7288f9d0cc3829d5f931ead7e6ceb20bd55329278841082dadec9fdebf3fb1b038c3e8c8ae060185971d0bfb9ded737cbcdd86b6cb734b81bf101cc36075cb71fb96b2a074061ad9534d8f44fd442168d75337397c48dfedac40bc846f2acb11ae79f846dddbb1af48fab9d507311bb65912857be5d53525bb541360b7cbb4ea857cfcc388a2a8bf9620c128a43dfda79c8afbfb0412766c31aab985d4f02f8e64b095778cec070b6392cbebb2ccec7eb9057fe3d7afc3bf91718f3c9d6675486c36106ca71f916d3fd06e61d69e22ce42c5b7a7bcb303454cce204715be30fdd7bd001ccb63e1d38f9da24c82fa29b65b74fb54bd3d6567fda6a89ae0613361f3e4f54ebe21f78d4cb64672a0330a77548687a918b72e129ad2c374239d15970df863097eb1e6f8673a3b5bd4a83c58661a7f0892aa83242681e05801fe4b7cc3574de424275aba393d41130bde80b54d07cb7a9e85a8017f62c4b9419db8378ce80cf243349dc57fce9d2b4b2a4ea40f62a79b2e58a28be7739c40c7a2be46f1342e211d199fc4e7d4dc5caa990acf10936d8214c824b60125f4d61eb1035d6d384da1aadd5d7c1a6d0db19af71e8739cb12c54", "eff67a51c60093b24bcfefb851bbb6d18685b021bb17c759274dbabef25871a3195bafd3c4aebbfe7d881eb4d2c75f0cd08b2a7bc51c5ab7ff02d914142cff144e49a6b965edd243f3be82f1e4ea65ad6401230ba4470ddc6298bc3b448a92f31000dd5d6bd87227b5ffdb12e89d7ab7fb91367a4f3158b2574b89dfb3193e79559e787da48a972e2c70e6a48401ddec058d6cec7b2b39173ec72e3cab930851d158a149363e96c034e46d887b2b85b91436a4aab77f3a99d9aa61f85434b624ba21f9d5c5b0cea8777e83b45912fee3998e36f3a3e3b2f7b2477eae9a468ab4ee4f4983cd2761af655c343d1883f918803807ae22a3019daa09471c9ea8acb09ccc6e17cec6618bcf13201f09104e8e0e9a93cac4d7bbf9437326ad16a40e1287c8bbbb9e766570b0f619f3491de36a06266e3917a38835c72c47cff5f92d22267b2487cac7144003095a52e3d59cb54d7a0762e634b4bdd34abdbf6be1265ec47df5ede10c9b949fc39f87ad3da066f116e7fac74d045754117a56dd19d2cf84de95a8d53240362d284d5596f137767230c241ad4725fce57b2631785b575cc670171af28e6158568d1c191ecb0bdd1c36c0cc4d67e50c089d5eff14ed0dae67406ee6e489d8aa795fdaf8e373a43c975ed6b61f4875540a1f6f0cde0245414cb894b613879b7e2c2726c0f010f12d48c3607a40b532b57fe214dd267204110fad849bc8fd277a6c2ad96b4fe88403ac859e22c973b0a182f98cd30594380c05485fa045f0bc2b0c8556387eafa15c90d48e86652e225779e6cf3b40cc69437c6574cf2427d95f094b06617ccbd1eec9f6573d363cb088ddb535af867d538cacc7cccd627ae6008dc2020f7b22b2ade4759eb004a965c3e15a8291e01ee1bac2a0eaaba8834c82df72c54c1d3d25a25aaf5a5bc430ea4039063d6182960686bf19ea282e808a19bb686c0a1cdd09bb5eea7bbc61006ac4f113c960a4b1bf1bddfa942ba4bf8f9a0ce3af469c8ea508409dbbbd173d3b30f6023f8e1221ecf9da10dc7a41b677a1c5f0c3f40dbcee4acfb8a410e14c9fd9465b63d153f961c386ea0c96b8d7756699ed6a9008ab2c1847b3583c1b02970124cd232ea0050c3e24a55a64d3981b271f05aee5e60478d19b3c3c0284f7e86e738a34f07e086490abda585badc6dd88b4ad24e8bf3ae4ea7c8414967326c583695068a509287b6dbb370e250397c87f9cfed43fbfd50c6227409291a51e732a73b47018b3893439759f313c276a1916bafb4dccafc388e8e030da014e31b814ae2641ba464a604b1e7e362423d871ed49935820361e4b5301c77bd05de33d5d637828d8eb423cce3854d75dc8fd940a88909b769e4518b032c5f55b79a917e3ac86398d5f6f5e2ae7d64591f0577368584358d6804a985e2a9d5189c167b35d1ceb223b4f6518b4ba"}, [0x3c, 0x0, 0x1, 0x4, 0x6, 0x8, 0x1f, 0xfffffffffffffff8, 0x3, 0x6, 0x3, 0x800, 0x7, 0x4, 0x100000001, 0x2, 0x4, 0x5, 0x7, 0x9, 0x838c, 0x2, 0x3ff, 0x3, 0x401, 0xfff, 0x4, 0x1ff, 0xeaf7, 0xab31, 0x4, 0x3, 0x7, 0x6, 0xe97c, 0x7f, 0x9, 0xffff, 0x1000, 0x2, 0x7fc, 0x7ff, 0x7, 0x2, 0x8, 0xffff, 0x401, 0x9, 0xffffffffffff2f35, 0x81, 0x800, 0x6, 0x7, 0x4, 0x3ff, 0x268, 0x2, 0x7fff, 0xfffffffffffffffc, 0x401, 0x9, 0x165d, 0x800, 0x589]}) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000001480)={[0x4]}, 0x8, 0x100800) fcntl$getownex(r2, 0x10, &(0x7f00000014c0)) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) [ 1329.802976] loop6: detected capacity change from 0 to 24 write$binfmt_aout(r0, &(0x7f0000002040)=ANY=[@ANYBLOB="65000c7ff701000044030000f7ffffffd6020000010000000000000000000000f461509bc0052a52fd4c77be02b3aaedd238ae5e3afcbd6e567f907e3b2d2fd764bf75132c4621447a71b3d7d23f1e68df0b2c1dbfcf97dada1d982c19a12bd03137106654e233c8e140c8b6dcf9b8dad11ff3e4226247aae4e7ef62e280552659cb76936b322c148f27a5a7635e4b0dad796de9eb053171e4769b409ef86c4e067077a663000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000035c10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005d713a1557770f0f34ca9320168485bd296aa1454c647de15e9b3a6e3ebac52b30838bc7600a6e70e4e7459dda10dd2fb4e8d5bfe0424f981fe54fc708965dcb7e87d3a5e0757c2576dda2d255b1e3a843b7e8d45ad59fb62bdafe55fd3c938df73a7e31c5f1df8297e1c165a4d46ce511f3fc21a8c31850e3b4977a9c0b3d4809da898989c9b891384210a07bf687dd88c1bce5a567"], 0xaa5) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) fsmount(r3, 0x0, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r3, 0x942e, 0x0) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:34:06 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:06 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="e03f0300", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:34:06 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:06 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) dup2(r0, r1) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000002, 0x13, r3, 0x0) syz_memcpy_off$IO_URING_METADATA_FLAGS(r4, 0x0, &(0x7f0000000000), 0x0, 0x4) syz_io_uring_setup(0xfa7, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x4, 0x0}, 0x0) syz_io_uring_submit(r4, r6, &(0x7f0000000040)=@IORING_OP_OPENAT={0x12, 0x2, 0x0, r0, 0x0, &(0x7f0000000000)='./file0\x00', 0x8, 0x40001, 0x23456}, 0x68) [ 1329.805617] FAT-fs (loop6): bogus number of reserved sectors [ 1329.806061] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1329.839546] loop3: detected capacity change from 0 to 96 19:34:06 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1329.849485] FAT-fs (loop3): bogus number of reserved sectors [ 1329.849880] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1329.850473] loop4: detected capacity change from 0 to 96 19:34:06 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1329.876190] loop2: detected capacity change from 0 to 96 [ 1329.883499] FAT-fs (loop2): bogus number of FAT structure [ 1329.883874] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1329.908668] loop6: detected capacity change from 0 to 24 [ 1329.912349] FAT-fs (loop6): bogus number of reserved sectors [ 1329.912745] FAT-fs (loop6): Can't find a valid FAT filesystem 19:34:06 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{0x0}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:06 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="effdffff", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:34:06 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:06 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:06 executing program 0: r0 = syz_io_uring_setup(0x0, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:34:06 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) r1 = shmget$private(0x0, 0x4000, 0x4, &(0x7f0000ffa000/0x4000)=nil) shmat(r1, &(0x7f0000ffc000/0x3000)=nil, 0x3000) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) r2 = shmget(0x0, 0x2000, 0x200, &(0x7f0000ffa000/0x2000)=nil) shmctl$IPC_INFO(r2, 0x3, &(0x7f0000000040)) shmat(r0, &(0x7f0000ffd000/0x2000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, &(0x7f0000000000)=0xe3ba, 0x2, 0x7) [ 1329.986288] loop2: detected capacity change from 0 to 96 [ 1329.991182] loop3: detected capacity change from 0 to 96 [ 1329.994194] FAT-fs (loop2): bogus number of FAT structure [ 1329.994586] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1330.010219] FAT-fs (loop3): bogus number of reserved sectors [ 1330.010977] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1330.036133] loop4: detected capacity change from 0 to 96 [ 1330.041150] FAT-fs (loop4): bogus number of FAT sectors [ 1330.041533] FAT-fs (loop4): Can't find a valid FAT filesystem 19:34:18 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{0x0}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:18 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1341.805993] loop4: detected capacity change from 0 to 96 [ 1341.827841] FAT-fs (loop4): bogus number of FAT sectors [ 1341.828305] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1341.831328] loop3: detected capacity change from 0 to 96 [ 1341.847623] FAT-fs (loop3): bogus number of reserved sectors [ 1341.848083] FAT-fs (loop3): Can't find a valid FAT filesystem 19:34:18 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000", 0x20}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:18 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="00f0ffff", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:34:18 executing program 5: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) r3 = dup2(r0, r1) r4 = fcntl$getown(r3, 0x9) r5 = clone3(&(0x7f00000001c0)={0x1a3363500, &(0x7f0000000180), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r6 = getpgid(r5) r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r7, &(0x7f0000000200)='E', 0x140000) perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x1f, 0x2, 0x4, 0x3, 0x0, 0x7, 0x40000, 0x6, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffa, 0x5, @perf_config_ext={0x8, 0x100000000}, 0x10, 0x744e47c4, 0x1, 0x17, 0x8001, 0x6, 0xe79, 0x0, 0x401, 0x0, 0x100000000}, r6, 0xc, r7, 0x8) r8 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x2000006, 0x110, r0, 0x0) r9 = fsmount(r8, 0x0, 0x0) openat(r9, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) clone3(&(0x7f0000000480)={0xa002100, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080), {0x12}, &(0x7f00000002c0)=""/187, 0xbb, &(0x7f0000000380)=""/207, &(0x7f00000000c0)=[r4, r6, 0x0, 0xffffffffffffffff], 0x4, {r9}}, 0x58) 19:34:18 executing program 0: r0 = syz_io_uring_setup(0x0, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:34:18 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:18 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0x0, 0x2) shmat(0xffffffffffffffff, &(0x7f0000ff9000/0x4000)=nil, 0xe000) [ 1341.864862] loop6: detected capacity change from 0 to 24 [ 1341.866410] loop2: detected capacity change from 0 to 96 19:34:18 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1341.878401] FAT-fs (loop2): bogus number of FAT structure [ 1341.879478] FAT-fs (loop2): Can't find a valid FAT filesystem 19:34:18 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) r1 = shmget$private(0x0, 0x5000, 0x78000000, &(0x7f0000ffa000/0x5000)=nil) shmctl$IPC_INFO(r1, 0x3, &(0x7f0000000000)=""/94) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:34:18 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{0x0}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:18 executing program 0: r0 = syz_io_uring_setup(0x0, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) [ 1341.922260] loop4: detected capacity change from 0 to 96 [ 1341.926049] FAT-fs (loop4): bogus number of FAT sectors [ 1341.926424] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1341.942446] loop3: detected capacity change from 0 to 96 [ 1341.953076] FAT-fs (loop3): bogus number of reserved sectors [ 1341.953523] FAT-fs (loop3): Can't find a valid FAT filesystem 19:34:32 executing program 0: r0 = syz_io_uring_setup(0x650f, 0x0, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:34:32 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = shmget$private(0x0, 0x3000, 0x20, &(0x7f0000ffd000/0x3000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) shmat(r0, &(0x7f0000ff9000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:34:32 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1355.949781] loop6: detected capacity change from 0 to 24 19:34:32 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c020000", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:34:32 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, 0x0) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:32 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b000808010002400040", 0x14}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:32 executing program 5: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) r1 = shmget$private(0x0, 0x4000, 0x4, &(0x7f0000ffa000/0x4000)=nil) shmat(r1, &(0x7f0000ffc000/0x3000)=nil, 0x3000) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) r2 = shmget(0x0, 0x2000, 0x200, &(0x7f0000ffa000/0x2000)=nil) shmctl$IPC_INFO(r2, 0x3, &(0x7f0000000040)) shmat(r0, &(0x7f0000ffd000/0x2000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, &(0x7f0000000000)=0xe3ba, 0x2, 0x7) [ 1355.970126] loop3: detected capacity change from 0 to 96 [ 1355.973271] FAT-fs (loop6): bogus number of reserved sectors [ 1355.973665] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1355.975325] FAT-fs (loop3): bogus number of reserved sectors [ 1355.975743] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1355.996913] loop2: detected capacity change from 0 to 96 19:34:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c030000", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1356.006458] FAT-fs (loop2): invalid media value (0x00) [ 1356.006859] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1356.013766] loop4: detected capacity change from 0 to 96 19:34:32 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:32 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:32 executing program 0: r0 = syz_io_uring_setup(0x650f, 0x0, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:34:32 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b000808010002400040", 0x14}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c040000", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1356.079368] loop3: detected capacity change from 0 to 96 [ 1356.086146] FAT-fs (loop3): bogus number of reserved sectors [ 1356.086597] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1356.088105] loop6: detected capacity change from 0 to 24 [ 1356.093260] FAT-fs (loop6): bogus number of reserved sectors [ 1356.093693] FAT-fs (loop6): Can't find a valid FAT filesystem 19:34:32 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) r0 = shmget$private(0x0, 0x3000, 0x78000000, &(0x7f0000ffc000/0x3000)=nil) shmat(r0, &(0x7f0000ffb000/0x1000)=nil, 0x1000) mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x0, 0xffffffffffffff24, 0x0) 19:34:32 executing program 5: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = shmget$private(0x0, 0x3000, 0x20, &(0x7f0000ffd000/0x3000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) shmat(r0, &(0x7f0000ff9000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:34:32 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, 0x0) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:32 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:32 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1356.177028] loop4: detected capacity change from 0 to 96 [ 1356.189995] loop2: detected capacity change from 0 to 96 [ 1356.192194] FAT-fs (loop2): invalid media value (0x00) [ 1356.192556] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1356.196201] loop3: detected capacity change from 0 to 96 [ 1356.205116] FAT-fs (loop3): bogus number of reserved sectors [ 1356.205434] loop6: detected capacity change from 0 to 24 [ 1356.205526] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1356.225089] FAT-fs (loop6): bogus number of reserved sectors [ 1356.225901] FAT-fs (loop6): Can't find a valid FAT filesystem 19:34:45 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:45 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c050000", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:34:45 executing program 5: shmget$private(0x0, 0x3000, 0x1000, &(0x7f0000ffd000/0x3000)=nil) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmat(r0, &(0x7f00007ff000/0x800000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mbind(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4000, &(0x7f0000000000)=0x9, 0x6, 0x6) 19:34:45 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000", 0x20}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:45 executing program 0: r0 = syz_io_uring_setup(0x650f, 0x0, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:34:45 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, 0x0) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:45 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b000808010002400040", 0x14}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1368.510949] loop2: detected capacity change from 0 to 96 19:34:45 executing program 7: epoll_pwait2(0xffffffffffffffff, &(0x7f0000000000)=[{}], 0x1, &(0x7f0000000040)={0x77359400}, &(0x7f0000000080)={[0x3ff]}, 0x8) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x4000) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000) shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f00000000c0)=""/12) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x2000) mbind(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x2, 0x0, 0x7fc, 0x1) [ 1368.522763] loop6: detected capacity change from 0 to 24 [ 1368.535383] FAT-fs (loop2): invalid media value (0x00) [ 1368.535805] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1368.548961] loop3: detected capacity change from 0 to 96 [ 1368.550249] loop4: detected capacity change from 0 to 96 [ 1368.564704] FAT-fs (loop6): bogus number of FAT structure [ 1368.565580] FAT-fs (loop6): Can't find a valid FAT filesystem 19:34:45 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:45 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c060000", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:34:45 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x0, &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:34:45 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1368.620081] loop2: detected capacity change from 0 to 96 19:34:45 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\a\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:34:45 executing program 5: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmctl$IPC_RMID(0x0, 0x0) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x5d0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000ff8000/0x4000)=nil) 19:34:45 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1368.655040] FAT-fs (loop2): bogus number of FAT sectors [ 1368.656811] FAT-fs (loop2): Can't find a valid FAT filesystem 19:34:45 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1368.719902] loop6: detected capacity change from 0 to 24 [ 1368.721304] loop3: detected capacity change from 0 to 96 [ 1368.724064] FAT-fs (loop6): bogus number of FAT structure [ 1368.724439] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1368.734043] FAT-fs (loop3): bogus number of reserved sectors [ 1368.734827] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1368.741555] loop4: detected capacity change from 0 to 96 19:34:59 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:34:59 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000ffc000/0x1000)=nil, 0x3000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000ffd000/0x3000)=nil) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:35:00 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:00 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\b\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:35:00 executing program 5: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) syz_io_uring_setup(0x52b5, &(0x7f0000000000)={0x0, 0x648e, 0x0, 0x1, 0x120}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:35:00 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:00 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:00 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x0, &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) [ 1383.499143] loop4: detected capacity change from 0 to 96 [ 1383.504921] loop3: detected capacity change from 0 to 96 [ 1383.512467] FAT-fs (loop3): bogus number of reserved sectors [ 1383.513248] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1383.548471] loop2: detected capacity change from 0 to 96 [ 1383.552450] loop6: detected capacity change from 0 to 24 19:35:00 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mbind(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x4000, &(0x7f0000000080)=0x4, 0x365a, 0x4) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2, 0x0, 0x0, 0x3) shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x3000)=nil, 0x4000) mincore(&(0x7f0000ff8000/0x4000)=nil, 0x4000, &(0x7f0000000000)=""/90) [ 1383.562048] FAT-fs (loop2): bogus number of FAT sectors [ 1383.562684] FAT-fs (loop2): Can't find a valid FAT filesystem [ 1383.566118] FAT-fs (loop6): bogus number of FAT structure [ 1383.566819] FAT-fs (loop6): Can't find a valid FAT filesystem 19:35:00 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:00 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:00 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x0, &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:35:00 executing program 5: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) syz_io_uring_setup(0x52b5, &(0x7f0000000000)={0x0, 0x648e, 0x0, 0x1, 0x120}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:35:00 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:00 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\t\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:35:00 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f80100", 0x18}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1383.710057] loop3: detected capacity change from 0 to 96 [ 1383.714257] loop4: detected capacity change from 0 to 96 [ 1383.722584] FAT-fs (loop3): bogus number of reserved sectors [ 1383.723494] FAT-fs (loop3): Can't find a valid FAT filesystem 19:35:00 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mlock(&(0x7f0000ffa000/0x1000)=nil, 0x1000) [ 1383.764887] loop6: detected capacity change from 0 to 24 [ 1383.774098] loop2: detected capacity change from 0 to 96 [ 1383.791055] FAT-fs (loop2): bogus number of FAT sectors [ 1383.791692] FAT-fs (loop2): Can't find a valid FAT filesystem 19:35:00 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:35:11 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\n\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:35:11 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:11 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:35:11 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmget(0x1, 0x13000, 0x8, &(0x7f0000fed000/0x13000)=nil) mlock(&(0x7f0000ffb000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2, 0x0, 0x7e, 0x3) shmget(0x2, 0x3000, 0x1000, &(0x7f0000ffd000/0x3000)=nil) [ 1395.080631] loop3: detected capacity change from 0 to 96 [ 1395.087469] loop4: detected capacity change from 0 to 96 19:35:11 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:11 executing program 5: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) syz_io_uring_setup(0x52b5, &(0x7f0000000000)={0x0, 0x648e, 0x0, 0x1, 0x120}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:35:11 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:11 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, 0x0, 0x10000, 0x100) [ 1395.101431] loop6: detected capacity change from 0 to 24 [ 1395.103848] loop2: detected capacity change from 0 to 96 [ 1395.107299] FAT-fs (loop6): bogus number of FAT structure [ 1395.107694] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1395.107891] FAT-fs (loop3): bogus number of FAT structure [ 1395.108486] FAT-fs (loop3): Can't find a valid FAT filesystem 19:35:11 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c0f0000", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:35:11 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:35:11 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, 0x0, 0x10000, 0x100) 19:35:11 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:11 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:11 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mmap$binder(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x800) 19:35:11 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:11 executing program 5: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) syz_io_uring_setup(0x52b5, &(0x7f0000000000)={0x0, 0x648e, 0x0, 0x1, 0x120}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) [ 1395.219152] loop3: detected capacity change from 0 to 96 [ 1395.219471] loop6: detected capacity change from 0 to 24 [ 1395.227520] loop4: detected capacity change from 0 to 96 [ 1395.228296] FAT-fs (loop3): bogus number of FAT structure [ 1395.228714] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1395.231966] FAT-fs (loop6): bogus number of FAT structure [ 1395.232376] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1395.232429] loop2: detected capacity change from 0 to 96 [ 1395.234325] FAT-fs (loop2): bogus number of FAT sectors [ 1395.234740] FAT-fs (loop2): Can't find a valid FAT filesystem 19:35:24 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:24 executing program 0: syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:35:24 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, 0x0, 0x10000, 0x100) 19:35:24 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) shmctl$SHM_STAT(r1, 0xd, &(0x7f0000000140)=""/233) syz_io_uring_setup(0x6418, &(0x7f0000000040)={0x0, 0xbb95, 0x10, 0x3, 0x179, 0x0, r0}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) 19:35:24 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:24 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:24 executing program 5: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) syz_io_uring_setup(0x52b5, &(0x7f0000000000)={0x0, 0x648e, 0x0, 0x1, 0x120}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$IPC_RMID(r0, 0x0) 19:35:24 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3cf00000", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:35:49 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, 0x0) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:49 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b0008080100", 0x10}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:49 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:35:49 executing program 5: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) syz_io_uring_setup(0x52b5, &(0x7f0000000000)={0x0, 0x648e, 0x0, 0x1, 0x120}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) shmctl$SHM_LOCK(0x0, 0xb) shmctl$IPC_RMID(0x0, 0x0) [ 1432.976453] loop2: detected capacity change from 0 to 96 [ 1432.999813] loop3: detected capacity change from 0 to 96 [ 1433.001391] loop6: detected capacity change from 0 to 24 [ 1433.010142] FAT-fs (loop6): bogus number of FAT sectors [ 1433.010891] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1433.011792] FAT-fs (loop3): bogus number of FAT structure [ 1433.012584] FAT-fs (loop3): Can't find a valid FAT filesystem 19:36:01 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, 0x0, 0x0) 19:36:01 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x3000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x8000, 0x0, 0x7, 0x2) move_pages(0xffffffffffffffff, 0x3, &(0x7f0000000000)=[&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil], &(0x7f0000000040)=[0x1, 0x7, 0x1, 0x576191c1, 0xeae, 0xee, 0x2, 0x7, 0x5, 0x4], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4) 19:36:01 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b000808010002400040", 0x14}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:01 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:01 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c290100", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:36:01 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:01 executing program 5: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) 19:36:01 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffd000/0x2000)=nil, 0x0) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x4000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) [ 1445.097047] loop2: detected capacity change from 0 to 96 [ 1445.103275] loop3: detected capacity change from 0 to 96 [ 1445.122871] loop6: detected capacity change from 0 to 24 [ 1445.134457] FAT-fs (loop3): invalid media value (0x00) [ 1445.135242] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1445.137188] FAT-fs (loop6): bogus number of FAT sectors [ 1445.137859] FAT-fs (loop6): Can't find a valid FAT filesystem 19:36:01 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c000300", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:36:01 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b000808010002400040", 0x14}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:01 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:01 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) mmap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x2000000, 0x10, 0xffffffffffffffff, 0x7440d000) 19:36:01 executing program 5: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) 19:36:01 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:01 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}], 0x1) 19:36:01 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffd000/0x2000)=nil, 0x0) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x4000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) [ 1445.316471] loop6: detected capacity change from 0 to 24 [ 1445.321792] loop3: detected capacity change from 0 to 96 [ 1445.331931] FAT-fs (loop3): invalid media value (0x00) [ 1445.332736] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1445.354695] loop2: detected capacity change from 0 to 96 19:36:01 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mlock(&(0x7f0000ffa000/0x1000)=nil, 0x1000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r0 = shmget(0x1, 0x2000, 0x1000, &(0x7f0000ffb000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) 19:36:01 executing program 5: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) 19:36:01 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c000500", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:36:01 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}], 0x1) 19:36:01 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1445.495923] loop6: detected capacity change from 0 to 24 [ 1445.511281] FAT-fs (loop6): bogus number of FAT sectors [ 1445.511968] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1458.395717] loop2: detected capacity change from 0 to 96 19:36:14 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b000808010002400040", 0x14}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:14 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c000600", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:36:14 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:14 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0x60, 0x1) 19:36:14 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffd000/0x2000)=nil, 0x0) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x4000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 19:36:14 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:14 executing program 5: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) 19:36:14 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}], 0x1) [ 1458.405669] loop3: detected capacity change from 0 to 96 [ 1458.413146] FAT-fs (loop3): invalid media value (0x00) [ 1458.413527] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1458.440674] loop6: detected capacity change from 0 to 24 19:36:14 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\a\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1458.457224] FAT-fs (loop6): bogus number of FAT sectors [ 1458.457962] FAT-fs (loop6): Can't find a valid FAT filesystem 19:36:15 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:15 executing program 5: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(0x0, 0xb) shmctl$IPC_RMID(r0, 0x0) [ 1458.487632] loop3: detected capacity change from 0 to 96 [ 1458.492431] FAT-fs (loop3): bogus number of FAT sectors [ 1458.492805] FAT-fs (loop3): Can't find a valid FAT filesystem 19:36:28 executing program 5: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(0x0, 0xb) shmctl$IPC_RMID(r0, 0x0) 19:36:28 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffd000/0x2000)=nil, 0x0) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x4000) 19:36:28 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:28 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {0x0}], 0x2) 19:36:28 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, 0x0, 0x10000, 0x100) 19:36:28 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmat(r0, &(0x7f0000ffd000/0x1000)=nil, 0x4000) 19:36:28 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:28 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\"\b\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1471.618588] loop3: detected capacity change from 0 to 96 [ 1471.628739] loop2: detected capacity change from 0 to 96 [ 1471.629984] FAT-fs (loop3): bogus number of FAT sectors [ 1471.630616] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1471.646908] loop6: detected capacity change from 0 to 24 [ 1471.658947] FAT-fs (loop6): bogus number of FAT sectors [ 1471.659575] FAT-fs (loop6): Can't find a valid FAT filesystem 19:36:28 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffd000/0x2000)=nil, 0x0) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) 19:36:28 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\t\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:36:28 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmctl$IPC_RMID(0x0, 0x0) mlock(&(0x7f0000ffe000/0x2000)=nil, 0x2000) mbind(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x4000, 0x0, 0x2397, 0x5) 19:36:28 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, 0x0, 0x10000, 0x100) 19:36:28 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {0x0}], 0x2) 19:36:28 executing program 5: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(0x0, 0xb) shmctl$IPC_RMID(r0, 0x0) 19:36:28 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:28 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, 0x0) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:28 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffd000/0x2000)=nil, 0x0) shmctl$SHM_LOCK(r1, 0xb) 19:36:28 executing program 7: shmat(0x0, &(0x7f0000ffb000/0x3000)=nil, 0x7000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) [ 1471.792781] loop2: detected capacity change from 0 to 96 [ 1471.803222] loop3: detected capacity change from 0 to 96 [ 1471.805395] FAT-fs (loop3): bogus number of FAT sectors [ 1471.805786] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1471.810766] loop6: detected capacity change from 0 to 24 19:36:39 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r1, 0xb) shmctl$SHM_LOCK(r1, 0xb) 19:36:39 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, 0x0) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:39 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\n\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:36:39 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, 0x0, 0x10000, 0x100) 19:36:39 executing program 5: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(0x0, 0x0) 19:36:39 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {0x0}], 0x2) 19:36:39 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x204800, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0xd9448000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0) ioctl$TIOCGPTPEER(r1, 0x5441, 0x36d) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) mmap$perf(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000001, 0x10010, r3, 0x0) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 19:36:39 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1483.010977] loop6: detected capacity change from 0 to 24 [ 1483.043083] loop2: detected capacity change from 0 to 96 [ 1483.050131] loop3: detected capacity change from 0 to 96 19:36:39 executing program 5: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(0x0, 0x0) 19:36:39 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r1, 0xb) 19:36:39 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, 0x0) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:39 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c000f00", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1483.179059] loop6: detected capacity change from 0 to 24 19:36:50 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r1, 0xb) 19:36:50 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\b\"\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:36:50 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x100) 19:36:50 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000340)=""/108, 0x6c}], 0x1) 19:36:50 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mlock(&(0x7f0000ffa000/0x1000)=nil, 0x1000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r0 = shmget(0x1, 0x2000, 0x1000, &(0x7f0000ffb000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) 19:36:50 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:50 executing program 5: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(0x0, 0x0) 19:36:50 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1494.417797] loop2: detected capacity change from 0 to 96 [ 1494.433258] loop6: detected capacity change from 0 to 24 19:36:50 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1494.446477] loop3: detected capacity change from 0 to 96 [ 1494.452568] FAT-fs (loop3): bogus number of FAT sectors [ 1494.452936] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1494.464070] loop5: detected capacity change from 0 to 96 19:36:51 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) [ 1494.481902] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1494.482629] FAT-fs (loop5): Filesystem has been set read-only 19:36:51 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c012900", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:36:51 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r1, 0xb) 19:36:51 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:36:51 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1494.548864] loop2: detected capacity change from 0 to 96 [ 1494.553830] loop6: detected capacity change from 0 to 24 19:36:51 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mlock(&(0x7f0000ffa000/0x1000)=nil, 0x1000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r0 = shmget(0x1, 0x2000, 0x1000, &(0x7f0000ffb000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) 19:36:51 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000340)=""/108, 0x6c}], 0x1) 19:36:51 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1494.599573] loop5: detected capacity change from 0 to 96 [ 1494.626275] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1494.626804] FAT-fs (loop5): Filesystem has been set read-only [ 1494.637473] loop3: detected capacity change from 0 to 96 [ 1494.640457] FAT-fs (loop3): bogus number of FAT sectors [ 1494.640840] FAT-fs (loop3): Can't find a valid FAT filesystem 19:37:02 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mlock(&(0x7f0000ffa000/0x1000)=nil, 0x1000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r0 = shmget(0x1, 0x2000, 0x1000, &(0x7f0000ffb000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) 19:37:02 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) 19:37:02 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f8", 0x16}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:37:02 executing program 2: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000000040)="461546eaa32b6fff972cf0f16cf9a03cedd86e51f96b9935c8f2a21754fb9e0a97f432af1e29c1f2116d094ffbabf543dd2ff51c6b794023194a3e671304c6706c1e1da6dbdb9b518e73203be5", 0x4d, r1}, 0x68) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x100, 0x0, 0x2) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r2, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$IPC_RMID(r2, 0x0) 19:37:02 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1506.014456] loop6: detected capacity change from 0 to 24 19:37:02 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1506.021802] loop5: detected capacity change from 0 to 96 19:37:02 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00H\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:37:02 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000340)=""/108, 0x6c}], 0x1) [ 1506.052279] loop3: detected capacity change from 0 to 96 19:37:02 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) r5 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r7 = mq_open(&(0x7f0000000000)='@\x00', 0xc1, 0xb2, &(0x7f0000000040)={0xa554, 0x7, 0x8001, 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r7, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r7, 0x5000943f, &(0x7f0000000500)={{}, r8, 0x12, @inherit={0xfffffffffffffe4c, &(0x7f0000002940)=ANY=[@ANYBLOB="010000000000000003000000000000000500000000000000ffffffff00000000285d5c0aad000000000000000000000000000000e400000000000000050000000000000009000000000000000100000000000000efbcfd130000000081000000"]}, @subvolid=0x80000000}) r10 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000001680)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) ioctl$BTRFS_IOC_BALANCE_V2(r10, 0xc4009420, &(0x7f0000000900)={0x4, 0x4, {0x8000000000000, @usage=0x400, 0x0, 0xf5, 0x80d, 0x4, 0x855, 0x7f, 0x20, @struct={0xc421, 0x9}, 0x6, 0xff, [0x8, 0x4, 0x4, 0x809, 0xe70d, 0x7e10c57]}, {0x8, @struct={0x1f, 0x8}, 0x0, 0x401, 0x9, 0x4, 0xe24000000, 0x8, 0x411, @struct={0x6, 0x2}, 0xd89, 0x1, [0x0, 0x4, 0x8, 0x1f, 0x3, 0x81]}, {0x7, @usage=0x80000000, r11, 0x8, 0x3, 0x7ff, 0x7fff, 0xffffffffffffff44, 0x8, @struct={0x1, 0x80000001}, 0x3, 0x40, [0xac9c, 0x4, 0xfffffffffffffffc, 0xffff, 0xfffffffffffff001, 0x9]}, {0x10000, 0x6, 0x1}}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r5, 0x50009418, &(0x7f0000000140)={{r6}, r8, 0x0, @inherit={0x50, &(0x7f00000015c0)=ANY=[@ANYBLOB="010000000000000001000000000000000100010000000000090000000000000012000000000000000900000000000000010000000000d21a3ebf097476480000070000000000000007000000000000000100000000000000", @ANYBLOB="586292c4d715b7767b8b246cebbc94016b8830195ae443585a16f6b12dbd3d1540e6b5b5b9a9c169dcd501b276c2ee1475664fbb6336cc7bfb53b826", @ANYRES32=r9]}, @devid=r11}) ioctl$BTRFS_IOC_RM_DEV_V2(0xffffffffffffffff, 0x5000943a, &(0x7f0000000280)={{r4}, 0x0, 0x10, @inherit={0x50, &(0x7f0000000040)={0x0, 0x1, 0xfff, 0x0, {0x22, 0x1, 0x4847, 0x200, 0x3}, [0x14eb]}}, @devid=r11}) dup2(r0, r1) [ 1506.062670] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1506.063869] FAT-fs (loop5): Filesystem has been set read-only [ 1506.065340] FAT-fs (loop3): bogus number of FAT sectors [ 1506.065723] FAT-fs (loop3): Can't find a valid FAT filesystem 19:37:02 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00L\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:37:02 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mlock(&(0x7f0000ffa000/0x1000)=nil, 0x1000) mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) shmget(0x1, 0x2000, 0x1000, &(0x7f0000ffb000/0x2000)=nil) 19:37:02 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, 0x0) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:37:02 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, 0x0, 0x10000, 0x100) 19:37:02 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 1) 19:37:02 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:37:02 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) [ 1506.179578] loop6: detected capacity change from 0 to 24 [ 1506.192794] loop5: detected capacity change from 0 to 96 19:37:02 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) r5 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r7 = mq_open(&(0x7f0000000000)='@\x00', 0xc1, 0xb2, &(0x7f0000000040)={0xa554, 0x7, 0x8001, 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r7, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r7, 0x5000943f, &(0x7f0000000500)={{}, r8, 0x12, @inherit={0xfffffffffffffe4c, &(0x7f0000002940)=ANY=[@ANYBLOB="010000000000000003000000000000000500000000000000ffffffff00000000285d5c0aad000000000000000000000000000000e400000000000000050000000000000009000000000000000100000000000000efbcfd130000000081000000"]}, @subvolid=0x80000000}) r10 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000001680)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) ioctl$BTRFS_IOC_BALANCE_V2(r10, 0xc4009420, &(0x7f0000000900)={0x4, 0x4, {0x8000000000000, @usage=0x400, 0x0, 0xf5, 0x80d, 0x4, 0x855, 0x7f, 0x20, @struct={0xc421, 0x9}, 0x6, 0xff, [0x8, 0x4, 0x4, 0x809, 0xe70d, 0x7e10c57]}, {0x8, @struct={0x1f, 0x8}, 0x0, 0x401, 0x9, 0x4, 0xe24000000, 0x8, 0x411, @struct={0x6, 0x2}, 0xd89, 0x1, [0x0, 0x4, 0x8, 0x1f, 0x3, 0x81]}, {0x7, @usage=0x80000000, r11, 0x8, 0x3, 0x7ff, 0x7fff, 0xffffffffffffff44, 0x8, @struct={0x1, 0x80000001}, 0x3, 0x40, [0xac9c, 0x4, 0xfffffffffffffffc, 0xffff, 0xfffffffffffff001, 0x9]}, {0x10000, 0x6, 0x1}}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r5, 0x50009418, &(0x7f0000000140)={{r6}, r8, 0x0, @inherit={0x50, &(0x7f00000015c0)=ANY=[@ANYBLOB="010000000000000001000000000000000100010000000000090000000000000012000000000000000900000000000000010000000000d21a3ebf097476480000070000000000000007000000000000000100000000000000", @ANYBLOB="586292c4d715b7767b8b246cebbc94016b8830195ae443585a16f6b12dbd3d1540e6b5b5b9a9c169dcd501b276c2ee1475664fbb6336cc7bfb53b826", @ANYRES32=r9]}, @devid=r11}) ioctl$BTRFS_IOC_RM_DEV_V2(0xffffffffffffffff, 0x5000943a, &(0x7f0000000280)={{r4}, 0x0, 0x10, @inherit={0x50, &(0x7f0000000040)={0x0, 0x1, 0xfff, 0x0, {0x22, 0x1, 0x4847, 0x200, 0x3}, [0x14eb]}}, @devid=r11}) dup2(r0, r1) [ 1506.210044] FAULT_INJECTION: forcing a failure. [ 1506.210044] name failslab, interval 1, probability 0, space 0, times 0 [ 1506.210794] CPU: 0 PID: 9069 Comm: syz-executor.5 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1506.211336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1506.211873] Call Trace: [ 1506.212057] [ 1506.212213] dump_stack_lvl+0xc1/0xf0 [ 1506.212487] should_fail_ex+0x4b4/0x5b0 [ 1506.212778] ? getname_flags.part.0+0x50/0x4f0 [ 1506.213103] should_failslab+0x9/0x20 [ 1506.213368] kmem_cache_alloc+0x5a/0x390 [ 1506.213666] ? lockdep_hardirqs_on_prepare+0x12d/0x3f0 [ 1506.214041] getname_flags.part.0+0x50/0x4f0 [ 1506.214364] getname+0x92/0xe0 [ 1506.214598] do_sys_openat2+0xf9/0x4c0 [ 1506.214878] ? __pfx_do_sys_openat2+0x10/0x10 [ 1506.215192] ? __pfx_rcu_core+0x10/0x10 [ 1506.215484] __x64_sys_openat+0x143/0x200 [ 1506.215777] ? __pfx___x64_sys_openat+0x10/0x10 [ 1506.216105] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1506.216475] do_syscall_64+0x3f/0x90 [ 1506.216743] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1506.217103] RIP: 0033:0x7fa75b2ecb19 [ 1506.217366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1506.218574] RSP: 002b:00007fa758862188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1506.219080] RAX: ffffffffffffffda RBX: 00007fa75b3fff60 RCX: 00007fa75b2ecb19 [ 1506.219586] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1506.220060] RBP: 00007fa7588621d0 R08: 0000000000000000 R09: 0000000000000000 [ 1506.220569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1506.221070] R13: 00007ffc07f9a1bf R14: 00007fa758862300 R15: 0000000000022000 [ 1506.221592] 19:37:02 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00h\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1506.231337] loop3: detected capacity change from 0 to 96 19:37:02 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, 0x0, 0x10000, 0x100) 19:37:02 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00l\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1506.297826] loop6: detected capacity change from 0 to 24 19:37:14 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00t\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:37:14 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mlock(&(0x7f0000ffa000/0x1000)=nil, 0x1000) shmget(0x1, 0x2000, 0x1000, &(0x7f0000ffb000/0x2000)=nil) 19:37:14 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) 19:37:14 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, 0x0) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:37:14 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 2) 19:37:14 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) r5 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r7 = mq_open(&(0x7f0000000000)='@\x00', 0xc1, 0xb2, &(0x7f0000000040)={0xa554, 0x7, 0x8001, 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r7, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r7, 0x5000943f, &(0x7f0000000500)={{}, r8, 0x12, @inherit={0xfffffffffffffe4c, &(0x7f0000002940)=ANY=[@ANYBLOB="010000000000000003000000000000000500000000000000ffffffff00000000285d5c0aad000000000000000000000000000000e400000000000000050000000000000009000000000000000100000000000000efbcfd130000000081000000"]}, @subvolid=0x80000000}) r10 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000001680)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) ioctl$BTRFS_IOC_BALANCE_V2(r10, 0xc4009420, &(0x7f0000000900)={0x4, 0x4, {0x8000000000000, @usage=0x400, 0x0, 0xf5, 0x80d, 0x4, 0x855, 0x7f, 0x20, @struct={0xc421, 0x9}, 0x6, 0xff, [0x8, 0x4, 0x4, 0x809, 0xe70d, 0x7e10c57]}, {0x8, @struct={0x1f, 0x8}, 0x0, 0x401, 0x9, 0x4, 0xe24000000, 0x8, 0x411, @struct={0x6, 0x2}, 0xd89, 0x1, [0x0, 0x4, 0x8, 0x1f, 0x3, 0x81]}, {0x7, @usage=0x80000000, r11, 0x8, 0x3, 0x7ff, 0x7fff, 0xffffffffffffff44, 0x8, @struct={0x1, 0x80000001}, 0x3, 0x40, [0xac9c, 0x4, 0xfffffffffffffffc, 0xffff, 0xfffffffffffff001, 0x9]}, {0x10000, 0x6, 0x1}}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r5, 0x50009418, &(0x7f0000000140)={{r6}, r8, 0x0, @inherit={0x50, &(0x7f00000015c0)=ANY=[@ANYBLOB="010000000000000001000000000000000100010000000000090000000000000012000000000000000900000000000000010000000000d21a3ebf097476480000070000000000000007000000000000000100000000000000", @ANYBLOB="586292c4d715b7767b8b246cebbc94016b8830195ae443585a16f6b12dbd3d1540e6b5b5b9a9c169dcd501b276c2ee1475664fbb6336cc7bfb53b826", @ANYRES32=r9]}, @devid=r11}) ioctl$BTRFS_IOC_RM_DEV_V2(0xffffffffffffffff, 0x5000943a, &(0x7f0000000280)={{r4}, 0x0, 0x10, @inherit={0x50, &(0x7f0000000040)={0x0, 0x1, 0xfff, 0x0, {0x22, 0x1, 0x4847, 0x200, 0x3}, [0x14eb]}}, @devid=r11}) dup2(r0, r1) 19:37:14 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, 0x0, 0x10000, 0x100) 19:37:14 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) [ 1517.643249] loop6: detected capacity change from 0 to 24 [ 1517.655536] loop5: detected capacity change from 0 to 96 19:37:14 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) [ 1517.679368] loop3: detected capacity change from 0 to 96 19:37:14 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 3) [ 1517.810927] loop5: detected capacity change from 0 to 96 [ 1517.828678] FAULT_INJECTION: forcing a failure. [ 1517.828678] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1517.829908] CPU: 0 PID: 9117 Comm: syz-executor.5 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1517.830452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1517.830997] Call Trace: [ 1517.831182] [ 1517.831342] dump_stack_lvl+0xc1/0xf0 [ 1517.831621] should_fail_ex+0x4b4/0x5b0 [ 1517.831902] strncpy_from_user+0x38/0x3f0 [ 1517.832194] getname_flags.part.0+0x95/0x4f0 [ 1517.832505] ? rcu_read_lock_any_held+0x79/0xa0 [ 1517.832827] getname+0x92/0xe0 [ 1517.833064] do_sys_openat2+0xf9/0x4c0 [ 1517.833343] ? __pfx_do_sys_openat2+0x10/0x10 [ 1517.833671] __x64_sys_openat+0x143/0x200 [ 1517.833969] ? __pfx___x64_sys_openat+0x10/0x10 [ 1517.834292] ? ksys_write+0x1a7/0x260 [ 1517.834567] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1517.834941] do_syscall_64+0x3f/0x90 [ 1517.835210] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1517.835577] RIP: 0033:0x7fa75b2ecb19 [ 1517.835832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1517.837034] RSP: 002b:00007fa758862188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1517.837545] RAX: ffffffffffffffda RBX: 00007fa75b3fff60 RCX: 00007fa75b2ecb19 [ 1517.838040] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1517.838511] RBP: 00007fa7588621d0 R08: 0000000000000000 R09: 0000000000000000 [ 1517.838994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1517.839469] R13: 00007ffc07f9a1bf R14: 00007fa758862300 R15: 0000000000022000 [ 1517.839965] 19:37:25 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 4) 19:37:25 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x100) 19:37:25 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 1) 19:37:25 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00z\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:37:25 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) r5 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r7 = mq_open(&(0x7f0000000000)='@\x00', 0xc1, 0xb2, &(0x7f0000000040)={0xa554, 0x7, 0x8001, 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r7, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r7, 0x5000943f, &(0x7f0000000500)={{}, r8, 0x12, @inherit={0xfffffffffffffe4c, &(0x7f0000002940)=ANY=[@ANYBLOB="010000000000000003000000000000000500000000000000ffffffff00000000285d5c0aad000000000000000000000000000000e400000000000000050000000000000009000000000000000100000000000000efbcfd130000000081000000"]}, @subvolid=0x80000000}) r10 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000001680)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) ioctl$BTRFS_IOC_BALANCE_V2(r10, 0xc4009420, &(0x7f0000000900)={0x4, 0x4, {0x8000000000000, @usage=0x400, 0x0, 0xf5, 0x80d, 0x4, 0x855, 0x7f, 0x20, @struct={0xc421, 0x9}, 0x6, 0xff, [0x8, 0x4, 0x4, 0x809, 0xe70d, 0x7e10c57]}, {0x8, @struct={0x1f, 0x8}, 0x0, 0x401, 0x9, 0x4, 0xe24000000, 0x8, 0x411, @struct={0x6, 0x2}, 0xd89, 0x1, [0x0, 0x4, 0x8, 0x1f, 0x3, 0x81]}, {0x7, @usage=0x80000000, r11, 0x8, 0x3, 0x7ff, 0x7fff, 0xffffffffffffff44, 0x8, @struct={0x1, 0x80000001}, 0x3, 0x40, [0xac9c, 0x4, 0xfffffffffffffffc, 0xffff, 0xfffffffffffff001, 0x9]}, {0x10000, 0x6, 0x1}}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r5, 0x50009418, &(0x7f0000000140)={{r6}, r8, 0x0, @inherit={0x50, &(0x7f00000015c0)=ANY=[@ANYBLOB="010000000000000001000000000000000100010000000000090000000000000012000000000000000900000000000000010000000000d21a3ebf097476480000070000000000000007000000000000000100000000000000", @ANYBLOB="586292c4d715b7767b8b246cebbc94016b8830195ae443585a16f6b12dbd3d1540e6b5b5b9a9c169dcd501b276c2ee1475664fbb6336cc7bfb53b826", @ANYRES32=r9]}, @devid=r11}) dup2(r0, r1) 19:37:25 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) shmget(0x1, 0x2000, 0x1000, &(0x7f0000ffb000/0x2000)=nil) 19:37:25 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r1, 0xb) shmctl$SHM_LOCK(r1, 0xb) 19:37:25 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, 0x0) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) [ 1529.432890] loop3: detected capacity change from 0 to 96 [ 1529.434449] FAULT_INJECTION: forcing a failure. [ 1529.434449] name failslab, interval 1, probability 0, space 0, times 0 [ 1529.435587] CPU: 1 PID: 9131 Comm: syz-executor.0 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1529.436176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1529.436767] Call Trace: [ 1529.436957] [ 1529.437132] dump_stack_lvl+0xc1/0xf0 [ 1529.437435] should_fail_ex+0x4b4/0x5b0 [ 1529.437754] should_failslab+0x9/0x20 [ 1529.438052] __kmem_cache_alloc_node+0x5b/0x310 [ 1529.438416] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1529.438837] kmalloc_trace+0x26/0xc0 [ 1529.439134] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1529.439497] io_sqe_buffers_register+0x675/0x9c0 [ 1529.439862] ? __do_sys_io_uring_register+0x199/0x2210 [ 1529.440263] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 1529.440663] ? __fget_files+0x270/0x480 [ 1529.440969] __do_sys_io_uring_register+0xfbd/0x2210 [ 1529.441343] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1529.441750] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1529.442186] ? fput+0x2f/0x1a0 [ 1529.442426] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 1529.442829] ? ksys_write+0x1a7/0x260 [ 1529.443129] ? __pfx_ksys_write+0x10/0x10 [ 1529.443446] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1529.443844] do_syscall_64+0x3f/0x90 [ 1529.444122] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1529.444495] RIP: 0033:0x7f5ad5d87b19 [ 1529.444762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1529.446015] RSP: 002b:00007f5ad32fd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 1529.446513] RAX: ffffffffffffffda RBX: 00007f5ad5e9af60 RCX: 00007f5ad5d87b19 [ 1529.447024] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000003 [ 1529.447532] RBP: 00007f5ad32fd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1529.448041] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 1529.448551] R13: 00007ffc02a38a5f R14: 00007f5ad32fd300 R15: 0000000000022000 [ 1529.449090] [ 1529.451881] loop5: detected capacity change from 0 to 96 [ 1529.461402] FAULT_INJECTION: forcing a failure. [ 1529.461402] name failslab, interval 1, probability 0, space 0, times 0 [ 1529.462212] CPU: 1 PID: 9133 Comm: syz-executor.5 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1529.462742] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1529.463281] Call Trace: [ 1529.463456] [ 1529.463617] dump_stack_lvl+0xc1/0xf0 [ 1529.463882] should_fail_ex+0x4b4/0x5b0 [ 1529.464185] ? __alloc_file+0x21/0x240 [ 1529.464457] should_failslab+0x9/0x20 [ 1529.464721] kmem_cache_alloc+0x5a/0x390 [ 1529.465014] __alloc_file+0x21/0x240 [ 1529.465281] alloc_empty_file+0x71/0x190 [ 1529.465565] path_openat+0xd8/0x2750 [ 1529.465841] ? __pfx_path_openat+0x10/0x10 [ 1529.466220] ? __create_object+0x3ee/0xc90 [ 1529.466519] do_filp_open+0x1ba/0x410 [ 1529.466788] ? __pfx_do_filp_open+0x10/0x10 [ 1529.467079] ? expand_files+0x446/0x8e0 [ 1529.467363] ? find_held_lock+0x2c/0x110 [ 1529.467642] ? alloc_fd+0x2eb/0x760 [ 1529.467907] ? lock_release+0x1e3/0x680 [ 1529.468196] ? do_raw_spin_lock+0x125/0x270 [ 1529.468486] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1529.468813] ? _raw_spin_unlock+0x1e/0x40 [ 1529.469108] ? alloc_fd+0x2eb/0x760 [ 1529.469368] do_sys_openat2+0x171/0x4c0 [ 1529.469644] ? __pfx_do_sys_openat2+0x10/0x10 [ 1529.469972] __x64_sys_openat+0x143/0x200 [ 1529.470256] ? __pfx___x64_sys_openat+0x10/0x10 [ 1529.470582] ? ksys_write+0x1a7/0x260 [ 1529.470861] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1529.471258] do_syscall_64+0x3f/0x90 [ 1529.471537] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1529.471908] RIP: 0033:0x7fa75b2ecb19 [ 1529.472179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1529.473409] RSP: 002b:00007fa758862188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1529.473945] RAX: ffffffffffffffda RBX: 00007fa75b3fff60 RCX: 00007fa75b2ecb19 [ 1529.474468] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1529.474977] RBP: 00007fa7588621d0 R08: 0000000000000000 R09: 0000000000000000 [ 1529.475455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1529.475946] R13: 00007ffc07f9a1bf R14: 00007fa758862300 R15: 0000000000022000 [ 1529.476458] [ 1529.484869] loop6: detected capacity change from 0 to 24 19:37:26 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) 19:37:26 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 2) 19:37:26 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 5) 19:37:26 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c00f000", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:37:26 executing program 4: shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(r0, 0xb) 19:37:26 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:37:26 executing program 7: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmget(0x1, 0x2000, 0x1000, &(0x7f0000ffb000/0x2000)=nil) [ 1529.594378] loop5: detected capacity change from 0 to 96 19:37:26 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r5 = mq_open(&(0x7f0000000000)='@\x00', 0xc1, 0xb2, &(0x7f0000000040)={0xa554, 0x7, 0x8001, 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r5, 0x5000943f, &(0x7f0000000500)={{}, r6, 0x12, @inherit={0xfffffffffffffe4c, &(0x7f0000002940)=ANY=[@ANYBLOB="010000000000000003000000000000000500000000000000ffffffff00000000285d5c0aad000000000000000000000000000000e400000000000000050000000000000009000000000000000100000000000000efbcfd130000000081000000"]}, @subvolid=0x80000000}) r7 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000001680)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) ioctl$BTRFS_IOC_BALANCE_V2(r7, 0xc4009420, &(0x7f0000000900)={0x4, 0x4, {0x8000000000000, @usage=0x400, 0x0, 0xf5, 0x80d, 0x4, 0x855, 0x7f, 0x20, @struct={0xc421, 0x9}, 0x6, 0xff, [0x8, 0x4, 0x4, 0x809, 0xe70d, 0x7e10c57]}, {0x8, @struct={0x1f, 0x8}, 0x0, 0x401, 0x9, 0x4, 0xe24000000, 0x8, 0x411, @struct={0x6, 0x2}, 0xd89, 0x1, [0x0, 0x4, 0x8, 0x1f, 0x3, 0x81]}, {0x7, @usage=0x80000000, r8, 0x8, 0x3, 0x7ff, 0x7fff, 0xffffffffffffff44, 0x8, @struct={0x1, 0x80000001}, 0x3, 0x40, [0xac9c, 0x4, 0xfffffffffffffffc, 0xffff, 0xfffffffffffff001, 0x9]}, {0x10000, 0x6, 0x1}}) dup2(r0, r1) [ 1529.620034] loop3: detected capacity change from 0 to 96 [ 1529.634933] loop6: detected capacity change from 0 to 24 19:37:26 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c000003", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:37:26 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:37:26 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 3) [ 1529.742183] loop3: detected capacity change from 0 to 96 [ 1542.865979] loop5: detected capacity change from 0 to 96 [ 1542.869508] loop3: detected capacity change from 0 to 96 19:37:39 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c004003", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:37:39 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(r0, 0xb) 19:37:39 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100) 19:37:39 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c00f000", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:37:39 executing program 7: shmget(0x1, 0x2000, 0x1000, &(0x7f0000ffb000/0x2000)=nil) 19:37:39 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 6) 19:37:39 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r5 = mq_open(&(0x7f0000000000)='@\x00', 0xc1, 0xb2, &(0x7f0000000040)={0xa554, 0x7, 0x8001, 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r5, 0x5000943f, &(0x7f0000000500)={{}, r6, 0x12, @inherit={0xfffffffffffffe4c, &(0x7f0000002940)=ANY=[@ANYBLOB="010000000000000003000000000000000500000000000000ffffffff00000000285d5c0aad000000000000000000000000000000e400000000000000050000000000000009000000000000000100000000000000efbcfd130000000081000000"]}, @subvolid=0x80000000}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000001680)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) dup2(r0, r1) 19:37:39 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 4) [ 1542.898160] FAULT_INJECTION: forcing a failure. [ 1542.898160] name failslab, interval 1, probability 0, space 0, times 0 [ 1542.898960] CPU: 1 PID: 9180 Comm: syz-executor.5 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1542.899514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1542.900061] Call Trace: [ 1542.900249] [ 1542.900419] dump_stack_lvl+0xc1/0xf0 [ 1542.900706] should_fail_ex+0x4b4/0x5b0 [ 1542.901020] ? security_file_alloc+0x38/0x170 [ 1542.901329] should_failslab+0x9/0x20 [ 1542.901586] kmem_cache_alloc+0x5a/0x390 [ 1542.901880] security_file_alloc+0x38/0x170 [ 1542.902180] __alloc_file+0xb6/0x240 [ 1542.902451] alloc_empty_file+0x71/0x190 [ 1542.902726] path_openat+0xd8/0x2750 [ 1542.902993] ? __pfx_path_openat+0x10/0x10 [ 1542.903277] ? __create_object+0x3ee/0xc90 [ 1542.903573] do_filp_open+0x1ba/0x410 [ 1542.903839] ? __pfx_do_filp_open+0x10/0x10 [ 1542.904132] ? expand_files+0x446/0x8e0 [ 1542.904409] ? find_held_lock+0x2c/0x110 [ 1542.904689] ? alloc_fd+0x2eb/0x760 [ 1542.904943] ? lock_release+0x1e3/0x680 [ 1542.905223] ? do_raw_spin_lock+0x125/0x270 [ 1542.905513] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1542.905832] ? _raw_spin_unlock+0x1e/0x40 [ 1542.906119] ? alloc_fd+0x2eb/0x760 [ 1542.906388] do_sys_openat2+0x171/0x4c0 [ 1542.906658] ? __pfx_do_sys_openat2+0x10/0x10 [ 1542.906974] __x64_sys_openat+0x143/0x200 [ 1542.907254] ? __pfx___x64_sys_openat+0x10/0x10 [ 1542.907573] ? ksys_write+0x1a7/0x260 [ 1542.907840] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1542.908198] do_syscall_64+0x3f/0x90 [ 1542.908454] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1542.908796] RIP: 0033:0x7fa75b2ecb19 [ 1542.909047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1542.910290] RSP: 002b:00007fa758862188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1542.910824] RAX: ffffffffffffffda RBX: 00007fa75b3fff60 RCX: 00007fa75b2ecb19 [ 1542.911326] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1542.911828] RBP: 00007fa7588621d0 R08: 0000000000000000 R09: 0000000000000000 [ 1542.912326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1542.912829] R13: 00007ffc07f9a1bf R14: 00007fa758862300 R15: 0000000000022000 [ 1542.913334] 19:37:39 executing program 7: shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) 19:37:39 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r5 = mq_open(&(0x7f0000000000)='@\x00', 0xc1, 0xb2, &(0x7f0000000040)={0xa554, 0x7, 0x8001, 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r5, 0x5000943f, &(0x7f0000000500)={{}, r6, 0x12, @inherit={0xfffffffffffffe4c, &(0x7f0000002940)=ANY=[@ANYBLOB="010000000000000003000000000000000500000000000000ffffffff00000000285d5c0aad000000000000000000000000000000e400000000000000050000000000000009000000000000000100000000000000efbcfd130000000081000000"]}, @subvolid=0x80000000}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:37:39 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\b', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:37:39 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 1) 19:37:39 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(0x0, 0xb) shmctl$SHM_LOCK(r0, 0xb) 19:37:39 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, 0x0, 0x10000, 0x100) 19:37:39 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 5) [ 1542.975832] loop3: detected capacity change from 0 to 96 [ 1542.986960] loop6: detected capacity change from 0 to 24 [ 1542.991801] FAULT_INJECTION: forcing a failure. [ 1542.991801] name failslab, interval 1, probability 0, space 0, times 0 [ 1542.992606] CPU: 1 PID: 9203 Comm: syz-executor.0 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1542.993123] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1542.993652] Call Trace: [ 1542.993828] [ 1542.993987] dump_stack_lvl+0xc1/0xf0 [ 1542.994272] should_fail_ex+0x4b4/0x5b0 [ 1542.994562] should_failslab+0x9/0x20 [ 1542.994821] __kmem_cache_alloc_node+0x5b/0x310 [ 1542.995144] ? percpu_ref_init+0xdf/0x400 [ 1542.995435] kmalloc_trace+0x26/0xc0 [ 1542.995705] ? __pfx_io_rsrc_node_ref_zero+0x10/0x10 [ 1542.996041] percpu_ref_init+0xdf/0x400 [ 1542.996314] ? kasan_set_track+0x25/0x30 [ 1542.996600] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1542.996959] io_sqe_buffers_register+0x675/0x9c0 [ 1542.997288] ? __do_sys_io_uring_register+0x199/0x2210 [ 1542.997646] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 1542.998002] ? __fget_files+0x270/0x480 [ 1542.998296] __do_sys_io_uring_register+0xfbd/0x2210 [ 1542.998645] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1542.999036] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1542.999429] ? fput+0x2f/0x1a0 [ 1542.999671] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 1543.000033] ? ksys_write+0x1a7/0x260 [ 1543.000297] ? __pfx_ksys_write+0x10/0x10 [ 1543.000590] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1543.000956] do_syscall_64+0x3f/0x90 [ 1543.001217] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1543.001566] RIP: 0033:0x7f5ad5d87b19 [ 1543.001816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1543.002995] RSP: 002b:00007f5ad32fd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 1543.003534] RAX: ffffffffffffffda RBX: 00007f5ad5e9af60 RCX: 00007f5ad5d87b19 [ 1543.004042] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000003 [ 1543.004543] RBP: 00007f5ad32fd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1543.005056] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 1543.005561] R13: 00007ffc02a38a5f R14: 00007f5ad32fd300 R15: 0000000000022000 [ 1543.006090] 19:37:39 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 7) [ 1543.015115] FAULT_INJECTION: forcing a failure. [ 1543.015115] name failslab, interval 1, probability 0, space 0, times 0 [ 1543.015887] CPU: 0 PID: 9202 Comm: syz-executor.6 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1543.016419] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1543.016954] Call Trace: [ 1543.017133] [ 1543.017290] dump_stack_lvl+0xc1/0xf0 [ 1543.017558] should_fail_ex+0x4b4/0x5b0 [ 1543.017844] ? getname_flags.part.0+0x50/0x4f0 [ 1543.018183] should_failslab+0x9/0x20 [ 1543.018443] kmem_cache_alloc+0x5a/0x390 [ 1543.018729] ? __pfx_lock_release+0x10/0x10 [ 1543.019040] getname_flags.part.0+0x50/0x4f0 [ 1543.019341] ? rcu_read_lock_any_held+0x79/0xa0 [ 1543.019661] getname+0x92/0xe0 [ 1543.019890] do_sys_openat2+0xf9/0x4c0 [ 1543.020162] ? __pfx_do_sys_openat2+0x10/0x10 [ 1543.020482] __x64_sys_openat+0x143/0x200 [ 1543.020780] ? __pfx___x64_sys_openat+0x10/0x10 [ 1543.021116] ? ksys_write+0x1a7/0x260 [ 1543.021406] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1543.021802] do_syscall_64+0x3f/0x90 [ 1543.022088] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1543.022505] RIP: 0033:0x7f2c48fdcb19 19:37:39 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(0x0, 0xb) shmctl$SHM_LOCK(r0, 0xb) [ 1543.022773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1543.024119] RSP: 002b:00007f2c46552188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1543.024660] RAX: ffffffffffffffda RBX: 00007f2c490eff60 RCX: 00007f2c48fdcb19 [ 1543.025174] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1543.025681] RBP: 00007f2c465521d0 R08: 0000000000000000 R09: 0000000000000000 [ 1543.026203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1543.026703] R13: 00007ffdaa8dee9f R14: 00007f2c46552300 R15: 0000000000022000 [ 1543.027241] 19:37:39 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c000340", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1543.047908] loop5: detected capacity change from 0 to 96 19:37:39 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, 0x0, 0x10000, 0x100) 19:37:39 executing program 7: shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) (fail_nth: 1) 19:37:39 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 2) [ 1543.099940] loop3: detected capacity change from 0 to 96 19:37:39 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 6) 19:37:39 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 8) [ 1543.110542] FAULT_INJECTION: forcing a failure. [ 1543.110542] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1543.111339] CPU: 1 PID: 9217 Comm: syz-executor.7 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1543.111867] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1543.112399] Call Trace: [ 1543.112574] [ 1543.112732] dump_stack_lvl+0xc1/0xf0 [ 1543.113000] should_fail_ex+0x4b4/0x5b0 [ 1543.113289] _copy_to_user+0x2e/0x150 [ 1543.113550] simple_read_from_buffer+0xd0/0x170 [ 1543.113877] proc_fail_nth_read+0x19c/0x230 [ 1543.114183] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1543.114508] ? security_file_permission+0xb5/0xe0 [ 1543.114845] vfs_read+0x260/0x940 [ 1543.115097] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1543.115420] ? __pfx_vfs_read+0x10/0x10 [ 1543.115704] ? __fget_files+0x270/0x480 [ 1543.115992] ksys_read+0x12b/0x260 [ 1543.116245] ? __pfx_ksys_read+0x10/0x10 [ 1543.116521] ? __pfx___x64_sys_shmget+0x10/0x10 [ 1543.116841] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1543.117202] do_syscall_64+0x3f/0x90 [ 1543.117460] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1543.117808] RIP: 0033:0x7fec37d3569c [ 1543.118060] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1543.119230] RSP: 002b:00007fec352f8170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1543.119722] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007fec37d3569c [ 1543.120186] RDX: 000000000000000f RSI: 00007fec352f81e0 RDI: 0000000000000003 [ 1543.120645] RBP: 00007fec352f81d0 R08: 0000000000000000 R09: 0000000000000000 [ 1543.121102] R10: 0000000020ffb000 R11: 0000000000000246 R12: 0000000000000001 [ 1543.121562] R13: 00007fff059c547f R14: 00007fec352f8300 R15: 0000000000022000 [ 1543.122038] 19:37:39 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(0x0, 0xb) shmctl$SHM_LOCK(r0, 0xb) [ 1543.144452] loop6: detected capacity change from 0 to 24 [ 1543.148251] loop5: detected capacity change from 0 to 96 [ 1543.158315] FAULT_INJECTION: forcing a failure. [ 1543.158315] name failslab, interval 1, probability 0, space 0, times 0 [ 1543.159365] CPU: 0 PID: 9222 Comm: syz-executor.5 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1543.159933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1543.160480] Call Trace: [ 1543.160658] [ 1543.160814] dump_stack_lvl+0xc1/0xf0 [ 1543.161087] should_fail_ex+0x4b4/0x5b0 [ 1543.161372] should_failslab+0x9/0x20 [ 1543.161633] kmem_cache_alloc_lru+0x6b/0x600 [ 1543.161943] ? __d_alloc+0x31/0x9c0 [ 1543.162220] __d_alloc+0x31/0x9c0 [ 1543.162480] d_alloc_parallel+0x10e/0x1640 [ 1543.162775] ? __d_lookup+0x247/0x4a0 [ 1543.163048] ? lock_release+0x1e3/0x680 [ 1543.163336] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1543.163737] ? __pfx_d_alloc_parallel+0x10/0x10 [ 1543.164064] ? lock_is_held_type+0x9f/0x120 [ 1543.164376] ? __d_lookup+0x269/0x4a0 [ 1543.164648] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1543.165014] lookup_open.isra.0+0x912/0x1400 [ 1543.165317] ? find_held_lock+0x2c/0x110 [ 1543.165600] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 1543.165946] ? __pfx_lock_acquire+0x10/0x10 [ 1543.166273] ? lockref_get_not_dead+0x6a/0x80 [ 1543.166626] path_openat+0x97c/0x2750 [ 1543.166918] ? __pfx_path_openat+0x10/0x10 [ 1543.167229] ? __create_object+0x3ee/0xc90 [ 1543.167545] do_filp_open+0x1ba/0x410 [ 1543.167831] ? __pfx_do_filp_open+0x10/0x10 [ 1543.168147] ? expand_files+0x446/0x8e0 [ 1543.168442] ? find_held_lock+0x2c/0x110 [ 1543.168752] ? do_raw_spin_lock+0x125/0x270 [ 1543.169073] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1543.169417] ? _raw_spin_unlock+0x1e/0x40 [ 1543.169734] ? alloc_fd+0x2eb/0x760 [ 1543.170011] do_sys_openat2+0x171/0x4c0 [ 1543.170312] ? __pfx_do_sys_openat2+0x10/0x10 [ 1543.170651] __x64_sys_openat+0x143/0x200 [ 1543.170954] ? __pfx___x64_sys_openat+0x10/0x10 [ 1543.171294] ? ksys_write+0x1a7/0x260 [ 1543.171595] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1543.171984] do_syscall_64+0x3f/0x90 [ 1543.172274] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1543.172655] RIP: 0033:0x7fa75b2ecb19 [ 1543.172934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1543.174213] RSP: 002b:00007fa758862188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1543.174757] RAX: ffffffffffffffda RBX: 00007fa75b3fff60 RCX: 00007fa75b2ecb19 [ 1543.175277] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1543.175791] RBP: 00007fa7588621d0 R08: 0000000000000000 R09: 0000000000000000 [ 1543.176302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1543.176819] R13: 00007ffc07f9a1bf R14: 00007fa758862300 R15: 0000000000022000 [ 1543.177341] 19:37:51 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 9) 19:37:51 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r5 = mq_open(&(0x7f0000000000)='@\x00', 0xc1, 0xb2, &(0x7f0000000040)={0xa554, 0x7, 0x8001, 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r5, 0x5000943f, &(0x7f0000000500)={{}, r6, 0x12, @inherit={0xfffffffffffffe4c, &(0x7f0000002940)=ANY=[@ANYBLOB="010000000000000003000000000000000500000000000000ffffffff00000000285d5c0aad000000000000000000000000000000e400000000000000050000000000000009000000000000000100000000000000efbcfd130000000081000000"]}, @subvolid=0x80000000}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:37:51 executing program 7: shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) 19:37:51 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) 19:37:51 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3cffffe0", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:37:51 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, 0x0, 0x10000, 0x100) 19:37:51 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 3) 19:37:51 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 7) [ 1555.465712] loop3: detected capacity change from 0 to 96 [ 1555.467150] FAULT_INJECTION: forcing a failure. [ 1555.467150] name failslab, interval 1, probability 0, space 0, times 0 [ 1555.467945] CPU: 1 PID: 9243 Comm: syz-executor.0 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1555.468494] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1555.469052] Call Trace: [ 1555.469235] [ 1555.469396] dump_stack_lvl+0xc1/0xf0 [ 1555.469675] should_fail_ex+0x4b4/0x5b0 [ 1555.469974] should_failslab+0x9/0x20 [ 1555.470248] __kmem_cache_alloc_node+0x5b/0x310 [ 1555.470595] ? io_rsrc_data_alloc+0x5f/0x530 [ 1555.470905] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1555.471265] ? percpu_ref_init+0xdf/0x400 [ 1555.471542] loop5: detected capacity change from 0 to 96 [ 1555.471566] kmalloc_trace+0x26/0xc0 [ 1555.472529] io_rsrc_data_alloc+0x5f/0x530 [ 1555.472826] ? percpu_ref_init+0x286/0x400 [ 1555.473131] ? __pfx_io_rsrc_buf_put+0x10/0x10 [ 1555.473454] io_sqe_buffers_register+0x13c/0x9c0 [ 1555.473788] ? __do_sys_io_uring_register+0x199/0x2210 [ 1555.474157] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 1555.474571] ? __fget_files+0x270/0x480 [ 1555.474861] __do_sys_io_uring_register+0xfbd/0x2210 [ 1555.475229] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1555.475651] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1555.476062] ? fput+0x2f/0x1a0 [ 1555.476320] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 1555.476563] loop6: detected capacity change from 0 to 24 [ 1555.476710] ? ksys_write+0x1a7/0x260 [ 1555.476733] ? __pfx_ksys_write+0x10/0x10 [ 1555.477987] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1555.478376] do_syscall_64+0x3f/0x90 [ 1555.478656] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1555.479023] RIP: 0033:0x7f5ad5d87b19 [ 1555.479294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1555.480561] RSP: 002b:00007f5ad32fd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 1555.481109] RAX: ffffffffffffffda RBX: 00007f5ad5e9af60 RCX: 00007f5ad5d87b19 [ 1555.481615] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000003 [ 1555.482102] RBP: 00007f5ad32fd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1555.482624] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 1555.483096] R13: 00007ffc02a38a5f R14: 00007f5ad32fd300 R15: 0000000000022000 [ 1555.483611] [ 1555.506139] FAULT_INJECTION: forcing a failure. [ 1555.506139] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1555.507726] CPU: 0 PID: 9250 Comm: syz-executor.6 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1555.508782] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1555.509821] Call Trace: [ 1555.510175] [ 1555.510654] dump_stack_lvl+0xc1/0xf0 [ 1555.511182] should_fail_ex+0x4b4/0x5b0 [ 1555.511809] strncpy_from_user+0x38/0x3f0 [ 1555.512380] getname_flags.part.0+0x95/0x4f0 [ 1555.512986] ? rcu_read_lock_any_held+0x79/0xa0 [ 1555.513609] getname+0x92/0xe0 [ 1555.514060] do_sys_openat2+0xf9/0x4c0 [ 1555.514603] ? __pfx_do_sys_openat2+0x10/0x10 [ 1555.515207] ? xfd_validate_state+0x51/0x170 [ 1555.515843] __x64_sys_openat+0x143/0x200 [ 1555.516389] ? __pfx___x64_sys_openat+0x10/0x10 [ 1555.517012] ? ksys_write+0x1a7/0x260 [ 1555.517545] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 19:37:52 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3cfffff0", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1555.518265] do_syscall_64+0x3f/0x90 [ 1555.518827] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1555.519530] RIP: 0033:0x7f2c48fdcb19 [ 1555.520021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1555.522295] RSP: 002b:00007f2c46552188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1555.523294] RAX: ffffffffffffffda RBX: 00007f2c490eff60 RCX: 00007f2c48fdcb19 [ 1555.524224] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1555.525138] RBP: 00007f2c465521d0 R08: 0000000000000000 R09: 0000000000000000 [ 1555.526050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1555.526975] R13: 00007ffdaa8dee9f R14: 00007f2c46552300 R15: 0000000000022000 [ 1555.527926] [ 1566.789748] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:38:03 executing program 7: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0xc08c5332, &(0x7f0000000180)) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f0000000000)={0x0, 0x0, 0x0, 'queue0\x00'}) shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) 19:38:03 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 8) 19:38:03 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r5 = mq_open(&(0x7f0000000000)='@\x00', 0xc1, 0xb2, &(0x7f0000000040)={0xa554, 0x7, 0x8001, 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r5, 0x5000943f, &(0x7f0000000500)={{}, r6, 0x12, @inherit={0xfffffffffffffe4c, &(0x7f0000002940)=ANY=[@ANYBLOB="010000000000000003000000000000000500000000000000ffffffff00000000285d5c0aad000000000000000000000000000000e400000000000000050000000000000009000000000000000100000000000000efbcfd130000000081000000"]}, @subvolid=0x80000000}) dup2(r0, r1) 19:38:03 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 10) 19:38:03 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 4) 19:38:03 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:38:03 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x100) 19:38:03 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) (fail_nth: 1) [ 1566.812375] FAULT_INJECTION: forcing a failure. [ 1566.812375] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1566.813187] CPU: 1 PID: 9272 Comm: syz-executor.4 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1566.813740] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1566.813898] loop3: detected capacity change from 0 to 96 [ 1566.814288] Call Trace: [ 1566.814319] [ 1566.814326] dump_stack_lvl+0xc1/0xf0 [ 1566.814350] should_fail_ex+0x4b4/0x5b0 [ 1566.816044] _copy_to_user+0x2e/0x150 [ 1566.816323] simple_read_from_buffer+0xd0/0x170 [ 1566.816663] proc_fail_nth_read+0x19c/0x230 [ 1566.816972] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1566.817311] ? security_file_permission+0xb5/0xe0 [ 1566.817662] vfs_read+0x260/0x940 [ 1566.817922] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1566.818259] ? __pfx_vfs_read+0x10/0x10 [ 1566.818556] ? __fget_files+0x270/0x480 [ 1566.818852] ksys_read+0x12b/0x260 [ 1566.819109] ? __pfx_ksys_read+0x10/0x10 [ 1566.819405] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1566.819784] do_syscall_64+0x3f/0x90 [ 1566.820053] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1566.820417] RIP: 0033:0x7f4ee832169c [ 1566.820679] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1566.821890] RSP: 002b:00007f4ee58e4170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1566.822404] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4ee832169c [ 1566.822900] RDX: 000000000000000f RSI: 00007f4ee58e41e0 RDI: 0000000000000003 [ 1566.823379] RBP: 00007f4ee58e41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1566.823864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1566.824339] R13: 00007ffc8691138f R14: 00007f4ee58e4300 R15: 0000000000022000 [ 1566.824834] [ 1566.831874] loop5: detected capacity change from 0 to 96 [ 1566.841693] loop6: detected capacity change from 0 to 24 19:38:03 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 9) 19:38:03 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1566.874715] FAULT_INJECTION: forcing a failure. [ 1566.874715] name failslab, interval 1, probability 0, space 0, times 0 [ 1566.876174] CPU: 0 PID: 9277 Comm: syz-executor.6 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1566.877204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1566.878241] Call Trace: [ 1566.878592] [ 1566.878893] dump_stack_lvl+0xc1/0xf0 [ 1566.879399] should_fail_ex+0x4b4/0x5b0 [ 1566.879943] ? __alloc_file+0x21/0x240 [ 1566.879972] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1566.879992] should_failslab+0x9/0x20 [ 1566.880608] FAULT_INJECTION: forcing a failure. [ 1566.880608] name failslab, interval 1, probability 0, space 0, times 0 [ 1566.881325] kmem_cache_alloc+0x5a/0x390 [ 1566.883499] __alloc_file+0x21/0x240 [ 1566.884016] alloc_empty_file+0x71/0x190 [ 1566.884549] path_openat+0xd8/0x2750 [ 1566.885068] ? __pfx_path_openat+0x10/0x10 [ 1566.885617] ? __create_object+0x3ee/0xc90 [ 1566.886188] do_filp_open+0x1ba/0x410 [ 1566.886720] ? __pfx_do_filp_open+0x10/0x10 [ 1566.887288] ? expand_files+0x446/0x8e0 [ 1566.887812] ? find_held_lock+0x2c/0x110 [ 1566.888352] ? alloc_fd+0x2eb/0x760 [ 1566.888828] ? lock_release+0x1e3/0x680 [ 1566.889368] ? do_raw_spin_lock+0x125/0x270 [ 1566.889925] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1566.890547] ? _raw_spin_unlock+0x1e/0x40 [ 1566.891103] ? alloc_fd+0x2eb/0x760 [ 1566.891590] do_sys_openat2+0x171/0x4c0 [ 1566.892105] ? __pfx_do_sys_openat2+0x10/0x10 [ 1566.892712] __x64_sys_openat+0x143/0x200 [ 1566.893253] ? __pfx___x64_sys_openat+0x10/0x10 [ 1566.893855] ? ksys_write+0x1a7/0x260 [ 1566.894372] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1566.895079] do_syscall_64+0x3f/0x90 [ 1566.895584] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1566.896250] RIP: 0033:0x7f2c48fdcb19 [ 1566.896728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1566.899001] RSP: 002b:00007f2c46552188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1566.899965] RAX: ffffffffffffffda RBX: 00007f2c490eff60 RCX: 00007f2c48fdcb19 [ 1566.900856] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1566.901744] RBP: 00007f2c465521d0 R08: 0000000000000000 R09: 0000000000000000 [ 1566.902652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1566.903537] R13: 00007ffdaa8dee9f R14: 00007f2c46552300 R15: 0000000000022000 [ 1566.904449] [ 1566.904760] CPU: 1 PID: 9282 Comm: syz-executor.0 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1566.905336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1566.905891] Call Trace: [ 1566.906072] [ 1566.906238] dump_stack_lvl+0xc1/0xf0 [ 1566.906528] should_fail_ex+0x4b4/0x5b0 [ 1566.906826] should_failslab+0x9/0x20 [ 1566.907096] __kmem_cache_alloc_node+0x5b/0x310 [ 1566.907433] ? io_rsrc_data_alloc+0x98/0x530 [ 1566.907742] ? io_rsrc_data_alloc+0x5f/0x530 [ 1566.908054] ? io_rsrc_data_alloc+0x98/0x530 [ 1566.908364] __kmalloc+0x4a/0x160 [ 1566.908625] io_rsrc_data_alloc+0x98/0x530 [ 1566.908920] ? percpu_ref_init+0x286/0x400 [ 1566.909222] ? __pfx_io_rsrc_buf_put+0x10/0x10 [ 1566.909550] io_sqe_buffers_register+0x13c/0x9c0 [ 1566.909874] ? __do_sys_io_uring_register+0x199/0x2210 [ 1566.910246] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 1566.910604] ? __fget_files+0x270/0x480 [ 1566.910895] __do_sys_io_uring_register+0xfbd/0x2210 [ 1566.911249] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1566.911654] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1566.912053] ? fput+0x2f/0x1a0 [ 1566.912299] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 1566.912658] ? ksys_write+0x1a7/0x260 [ 1566.912936] ? __pfx_ksys_write+0x10/0x10 [ 1566.913221] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1566.913605] do_syscall_64+0x3f/0x90 [ 1566.913869] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1566.914231] RIP: 0033:0x7f5ad5d87b19 [ 1566.914491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1566.915707] RSP: 002b:00007f5ad32fd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 1566.916200] RAX: ffffffffffffffda RBX: 00007f5ad5e9af60 RCX: 00007f5ad5d87b19 [ 1566.916681] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000003 [ 1566.917160] RBP: 00007f5ad32fd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1566.917647] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 1566.918126] R13: 00007ffc02a38a5f R14: 00007f5ad32fd300 R15: 0000000000022000 [ 1566.918648] 19:38:03 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 11) 19:38:03 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r5 = mq_open(&(0x7f0000000000)='@\x00', 0xc1, 0xb2, &(0x7f0000000040)={0xa554, 0x7, 0x8001, 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000300)) dup2(r0, r1) 19:38:03 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1566.976256] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:38:03 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) 19:38:03 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) 19:38:03 executing program 7: mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0xed32e000) 19:38:03 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1567.027667] loop3: detected capacity change from 0 to 96 [ 1567.049939] loop5: detected capacity change from 0 to 96 19:38:03 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0x2) [ 1567.080103] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:38:03 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) mq_open(&(0x7f0000000000)='@\x00', 0xc1, 0xb2, &(0x7f0000000040)={0xa554, 0x7, 0x8001, 0x8}) dup2(r0, r1) 19:38:03 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 5) [ 1567.186158] loop6: detected capacity change from 0 to 24 19:38:14 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 10) 19:38:14 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 6) 19:38:14 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 1) 19:38:14 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 12) 19:38:14 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:38:14 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0x3) 19:38:14 executing program 7: ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000000)={0x1f, 0x5, 0x1}) r0 = shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) r2 = openat2(r1, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x90000, 0xb9, 0x12}, 0x18) r3 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) fsmount(r3, 0x0, 0x0) r4 = syz_open_dev$evdev(&(0x7f0000000100), 0xb8, 0x40000) fsync(r4) shmat(r0, &(0x7f0000ff9000/0x4000)=nil, 0x0) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0xa0000, 0x10) ioctl$FIONCLEX(r5, 0x5450) openat(r2, &(0x7f0000000140)='./file0\x00', 0x400, 0xa8) 19:38:14 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) dup2(r0, r1) [ 1578.208806] loop3: detected capacity change from 0 to 96 [ 1578.213281] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1578.225654] loop6: detected capacity change from 0 to 24 [ 1578.244579] FAULT_INJECTION: forcing a failure. [ 1578.244579] name failslab, interval 1, probability 0, space 0, times 0 [ 1578.245395] CPU: 1 PID: 9330 Comm: syz-executor.6 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1578.245919] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.246460] Call Trace: [ 1578.246648] [ 1578.246807] dump_stack_lvl+0xc1/0xf0 [ 1578.247088] should_fail_ex+0x4b4/0x5b0 [ 1578.247375] ? security_file_alloc+0x38/0x170 [ 1578.247687] should_failslab+0x9/0x20 [ 1578.247947] kmem_cache_alloc+0x5a/0x390 [ 1578.248244] security_file_alloc+0x38/0x170 [ 1578.248536] __alloc_file+0xb6/0x240 [ 1578.248806] alloc_empty_file+0x71/0x190 [ 1578.249086] path_openat+0xd8/0x2750 [ 1578.249216] loop5: detected capacity change from 0 to 96 [ 1578.249358] ? __pfx_path_openat+0x10/0x10 [ 1578.249377] ? __create_object+0x3ee/0xc90 [ 1578.250718] do_filp_open+0x1ba/0x410 [ 1578.250986] ? __pfx_do_filp_open+0x10/0x10 [ 1578.251286] ? expand_files+0x446/0x8e0 [ 1578.251559] ? find_held_lock+0x2c/0x110 [ 1578.251848] ? alloc_fd+0x2eb/0x760 [ 1578.252104] ? lock_release+0x1e3/0x680 [ 1578.252394] ? do_raw_spin_lock+0x125/0x270 [ 1578.252690] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1578.253015] ? _raw_spin_unlock+0x1e/0x40 [ 1578.253308] ? alloc_fd+0x2eb/0x760 [ 1578.253571] do_sys_openat2+0x171/0x4c0 [ 1578.253700] FAULT_INJECTION: forcing a failure. [ 1578.253700] name failslab, interval 1, probability 0, space 0, times 0 [ 1578.253848] ? __pfx_do_sys_openat2+0x10/0x10 [ 1578.255495] __x64_sys_openat+0x143/0x200 [ 1578.255793] ? __pfx___x64_sys_openat+0x10/0x10 [ 1578.256122] ? ksys_write+0x1a7/0x260 [ 1578.256402] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1578.256780] do_syscall_64+0x3f/0x90 [ 1578.257056] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1578.257420] RIP: 0033:0x7f2c48fdcb19 [ 1578.257685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1578.258900] RSP: 002b:00007f2c46552188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1578.259423] RAX: ffffffffffffffda RBX: 00007f2c490eff60 RCX: 00007f2c48fdcb19 [ 1578.259906] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1578.260389] RBP: 00007f2c465521d0 R08: 0000000000000000 R09: 0000000000000000 [ 1578.260876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1578.261368] R13: 00007ffdaa8dee9f R14: 00007f2c46552300 R15: 0000000000022000 [ 1578.261867] [ 1578.262035] CPU: 0 PID: 9324 Comm: syz-executor.3 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1578.263099] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.264127] Call Trace: [ 1578.264464] [ 1578.264767] dump_stack_lvl+0xc1/0xf0 [ 1578.265279] should_fail_ex+0x4b4/0x5b0 [ 1578.265824] ? getname_flags.part.0+0x50/0x4f0 [ 1578.266454] should_failslab+0x9/0x20 [ 1578.266982] kmem_cache_alloc+0x5a/0x390 [ 1578.267534] ? __pfx_lock_release+0x10/0x10 [ 1578.268127] getname_flags.part.0+0x50/0x4f0 [ 1578.268728] ? rcu_read_lock_any_held+0x79/0xa0 [ 1578.269357] getname+0x92/0xe0 [ 1578.269808] do_sys_openat2+0xf9/0x4c0 [ 1578.270327] ? __pfx_do_sys_openat2+0x10/0x10 [ 1578.270912] __x64_sys_openat+0x143/0x200 [ 1578.271469] ? __pfx___x64_sys_openat+0x10/0x10 [ 1578.272108] ? ksys_write+0x1a7/0x260 [ 1578.272628] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1578.273339] do_syscall_64+0x3f/0x90 [ 1578.273837] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1578.274513] RIP: 0033:0x7f9775e68b19 [ 1578.275023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1578.277299] RSP: 002b:00007f97733de188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1578.278277] RAX: ffffffffffffffda RBX: 00007f9775f7bf60 RCX: 00007f9775e68b19 [ 1578.279198] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1578.280119] RBP: 00007f97733de1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1578.281037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1578.281943] R13: 00007ffc3b84d30f R14: 00007f97733de300 R15: 0000000000022000 [ 1578.282888] [ 1578.313556] FAULT_INJECTION: forcing a failure. [ 1578.313556] name failslab, interval 1, probability 0, space 0, times 0 [ 1578.315056] CPU: 0 PID: 9334 Comm: syz-executor.5 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1578.316048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.317046] Call Trace: [ 1578.317376] [ 1578.317671] dump_stack_lvl+0xc1/0xf0 [ 1578.318170] should_fail_ex+0x4b4/0x5b0 [ 1578.318710] should_failslab+0x9/0x20 [ 1578.319196] kmem_cache_alloc_lru+0x6b/0x600 [ 1578.319780] ? fat_alloc_inode+0x27/0x1f0 [ 1578.320341] fat_alloc_inode+0x27/0x1f0 [ 1578.320868] ? __pfx_fat_alloc_inode+0x10/0x10 [ 1578.321452] alloc_inode+0x63/0x240 [ 1578.321939] new_inode+0x25/0x1f0 [ 1578.322398] fat_build_inode+0x14e/0x2e0 [ 1578.322973] vfat_lookup+0x31b/0x560 [ 1578.323459] ? __pfx_vfat_lookup+0x10/0x10 [ 1578.323988] ? lock_is_held_type+0x9f/0x120 [ 1578.324571] ? __d_lookup+0x269/0x4a0 [ 1578.325083] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1578.325785] lookup_open.isra.0+0x74e/0x1400 [ 1578.326374] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 1578.327018] ? __pfx_lock_acquire+0x10/0x10 [ 1578.327581] ? lockref_get_not_dead+0x6a/0x80 [ 1578.328212] path_openat+0x97c/0x2750 [ 1578.328729] ? __pfx_path_openat+0x10/0x10 [ 1578.329282] ? __create_object+0x3ee/0xc90 [ 1578.329851] do_filp_open+0x1ba/0x410 [ 1578.330355] ? __pfx_do_filp_open+0x10/0x10 [ 1578.330923] ? expand_files+0x446/0x8e0 [ 1578.331442] ? find_held_lock+0x2c/0x110 [ 1578.331990] ? do_raw_spin_lock+0x125/0x270 [ 1578.332539] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1578.333147] ? _raw_spin_unlock+0x1e/0x40 [ 1578.333692] ? alloc_fd+0x2eb/0x760 [ 1578.334172] do_sys_openat2+0x171/0x4c0 [ 1578.334708] ? __pfx_do_sys_openat2+0x10/0x10 [ 1578.335317] __x64_sys_openat+0x143/0x200 [ 1578.335847] ? __pfx___x64_sys_openat+0x10/0x10 [ 1578.336441] ? ksys_write+0x1a7/0x260 [ 1578.336952] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1578.337638] do_syscall_64+0x3f/0x90 [ 1578.338143] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1578.338806] RIP: 0033:0x7fa75b2ecb19 [ 1578.339280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1578.341459] RSP: 002b:00007fa758862188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1578.342382] RAX: ffffffffffffffda RBX: 00007fa75b3fff60 RCX: 00007fa75b2ecb19 [ 1578.343276] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1578.344154] RBP: 00007fa7588621d0 R08: 0000000000000000 R09: 0000000000000000 [ 1578.345030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1578.345905] R13: 00007ffc07f9a1bf R14: 00007fa758862300 R15: 0000000000022000 [ 1578.346800] 19:38:25 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 13) 19:38:25 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 11) 19:38:25 executing program 7: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r3, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="e2ff030000"], 0x100}}, 0x0) sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xec, r3, 0x200, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x4f}, @void, @val={0xc, 0x99, {0x0, 0x12}}}}, [@NL80211_ATTR_VENDOR_DATA={0xb9, 0xc5, "613a34432f71f2f687eb44ba605b60124f4058bfa92349ccc1ef8b99c4d1f5fa3270f36842af92975aefc22845f99082429064cc59a5e623ca78fd9becb619cb0e3aae772e524c46c53410a832653f1612643ced1812089681a976aab5f083b1d4e0289eecbc9c42f83b8711a4a578671c48d8428381730051650080b34aa5dd9707c748a8732e410da644a4955a130a91adafbd505a9b9089e70a14b079ddd1b974db7b13d627bef872fecea6a7d6678a4d8d335e"}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x1b5a}]}, 0xec}, 0x1, 0x0, 0x0, 0x48010}, 0x4040000) sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x58, r0, 0x100, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x6e}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x3a}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x18}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x7e}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x28}]}, 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x40) shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) 19:38:25 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:38:25 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xc) 19:38:25 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:38:25 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 2) 19:38:25 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 7) [ 1589.314721] loop6: detected capacity change from 0 to 24 [ 1589.318269] loop5: detected capacity change from 0 to 96 [ 1589.325741] netlink: 228 bytes leftover after parsing attributes in process `syz-executor.7'. [ 1589.330597] loop3: detected capacity change from 0 to 96 [ 1589.333671] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1589.336408] FAULT_INJECTION: forcing a failure. [ 1589.336408] name failslab, interval 1, probability 0, space 0, times 0 [ 1589.337915] CPU: 1 PID: 9354 Comm: syz-executor.0 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1589.338991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1589.340053] Call Trace: [ 1589.340407] [ 1589.340721] dump_stack_lvl+0xc1/0xf0 [ 1589.341245] should_fail_ex+0x4b4/0x5b0 [ 1589.341827] should_failslab+0x9/0x20 [ 1589.342344] __kmem_cache_alloc_node+0x5b/0x310 [ 1589.343005] ? io_rsrc_data_alloc+0xe6/0x530 [ 1589.343620] ? io_rsrc_data_alloc+0xe6/0x530 [ 1589.344225] __kmalloc+0x4a/0x160 [ 1589.344727] io_rsrc_data_alloc+0xe6/0x530 [ 1589.345307] ? __pfx_io_rsrc_buf_put+0x10/0x10 [ 1589.345951] io_sqe_buffers_register+0x13c/0x9c0 [ 1589.346594] ? __do_sys_io_uring_register+0x199/0x2210 [ 1589.347327] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 1589.348037] ? __fget_files+0x270/0x480 [ 1589.348615] __do_sys_io_uring_register+0xfbd/0x2210 [ 1589.349328] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1589.350151] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1589.350976] ? fput+0x2f/0x1a0 [ 1589.351466] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 1589.352221] ? ksys_write+0x1a7/0x260 [ 1589.352781] ? __pfx_ksys_write+0x10/0x10 [ 1589.353383] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1589.354143] do_syscall_64+0x3f/0x90 [ 1589.354677] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1589.355422] RIP: 0033:0x7f5ad5d87b19 [ 1589.355952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1589.358284] RSP: 002b:00007f5ad32fd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 1589.359338] RAX: ffffffffffffffda RBX: 00007f5ad5e9af60 RCX: 00007f5ad5d87b19 [ 1589.360312] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000003 [ 1589.361286] RBP: 00007f5ad32fd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1589.362252] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 1589.363233] R13: 00007ffc02a38a5f R14: 00007f5ad32fd300 R15: 0000000000022000 [ 1589.364236] [ 1589.387635] netlink: 228 bytes leftover after parsing attributes in process `syz-executor.7'. 19:38:25 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xd) 19:38:25 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 14) 19:38:25 executing program 7: shmget(0x3, 0x2000, 0x100, &(0x7f0000ffb000/0x2000)=nil) 19:38:25 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) dup2(r0, r1) 19:38:25 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:38:26 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 3) [ 1589.475676] loop5: detected capacity change from 0 to 96 [ 1589.490380] FAULT_INJECTION: forcing a failure. [ 1589.490380] name failslab, interval 1, probability 0, space 0, times 0 [ 1589.491191] CPU: 0 PID: 9364 Comm: syz-executor.5 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1589.491722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1589.492258] Call Trace: [ 1589.492439] [ 1589.492597] dump_stack_lvl+0xc1/0xf0 [ 1589.492872] should_fail_ex+0x4b4/0x5b0 [ 1589.493157] ? security_inode_alloc+0x38/0x160 [ 1589.493468] should_failslab+0x9/0x20 [ 1589.493728] kmem_cache_alloc+0x5a/0x390 [ 1589.494020] security_inode_alloc+0x38/0x160 [ 1589.494322] inode_init_always+0xbb2/0xea0 [ 1589.494608] ? __init_rwsem+0x12d/0x1b0 [ 1589.494900] alloc_inode+0x84/0x240 [ 1589.495156] new_inode+0x25/0x1f0 [ 1589.495399] fat_build_inode+0x14e/0x2e0 [ 1589.495688] vfat_lookup+0x31b/0x560 [ 1589.495947] ? __pfx_vfat_lookup+0x10/0x10 [ 1589.496236] ? lock_is_held_type+0x9f/0x120 [ 1589.496543] ? __d_lookup+0x269/0x4a0 [ 1589.496809] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1589.497175] lookup_open.isra.0+0x74e/0x1400 [ 1589.497483] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 1589.497808] ? __pfx_lock_acquire+0x10/0x10 [ 1589.498105] ? lockref_get_not_dead+0x6a/0x80 [ 1589.498433] path_openat+0x97c/0x2750 [ 1589.498704] ? __pfx_path_openat+0x10/0x10 [ 1589.499010] ? __create_object+0x3ee/0xc90 [ 1589.499317] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1589.499728] do_filp_open+0x1ba/0x410 [ 1589.500006] ? __pfx_do_filp_open+0x10/0x10 [ 1589.500313] ? expand_files+0x446/0x8e0 [ 1589.500600] ? find_held_lock+0x2c/0x110 [ 1589.500916] ? _raw_spin_unlock+0x1e/0x40 [ 1589.501222] ? alloc_fd+0x2eb/0x760 [ 1589.501496] do_sys_openat2+0x171/0x4c0 [ 1589.501780] ? __pfx_do_sys_openat2+0x10/0x10 [ 1589.502109] __x64_sys_openat+0x143/0x200 [ 1589.502405] ? __pfx___x64_sys_openat+0x10/0x10 [ 1589.502745] ? ksys_write+0x1a7/0x260 [ 1589.503051] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1589.503436] do_syscall_64+0x3f/0x90 [ 1589.503715] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1589.504082] RIP: 0033:0x7fa75b2ecb19 [ 1589.504346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1589.505598] RSP: 002b:00007fa758862188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1589.506132] RAX: ffffffffffffffda RBX: 00007fa75b3fff60 RCX: 00007fa75b2ecb19 [ 1589.506634] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1589.507129] RBP: 00007fa7588621d0 R08: 0000000000000000 R09: 0000000000000000 [ 1589.507619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1589.508107] R13: 00007ffc07f9a1bf R14: 00007fa758862300 R15: 0000000000022000 [ 1589.508619] [ 1589.525787] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:38:26 executing program 7: shmget(0x1, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) 19:38:26 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 8) [ 1589.573669] loop3: detected capacity change from 0 to 96 19:38:26 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xe) 19:38:26 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 12) [ 1589.588555] loop6: detected capacity change from 0 to 24 [ 1589.595442] FAULT_INJECTION: forcing a failure. [ 1589.595442] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1589.597113] CPU: 1 PID: 9377 Comm: syz-executor.3 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1589.598096] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1589.599079] Call Trace: [ 1589.599400] [ 1589.599688] dump_stack_lvl+0xc1/0xf0 [ 1589.600181] should_fail_ex+0x4b4/0x5b0 [ 1589.600706] strncpy_from_user+0x38/0x3f0 [ 1589.601245] getname_flags.part.0+0x95/0x4f0 [ 1589.601824] ? rcu_read_lock_any_held+0x79/0xa0 [ 1589.602458] getname+0x92/0xe0 [ 1589.602903] do_sys_openat2+0xf9/0x4c0 [ 1589.603408] ? __pfx_do_sys_openat2+0x10/0x10 [ 1589.603988] __x64_sys_openat+0x143/0x200 [ 1589.604515] ? __pfx___x64_sys_openat+0x10/0x10 [ 1589.605111] ? ksys_write+0x1a7/0x260 [ 1589.605618] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1589.606304] do_syscall_64+0x3f/0x90 [ 1589.606795] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1589.607457] RIP: 0033:0x7f9775e68b19 [ 1589.607926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1589.610191] RSP: 002b:00007f97733de188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1589.611142] RAX: ffffffffffffffda RBX: 00007f9775f7bf60 RCX: 00007f9775e68b19 [ 1589.612025] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1589.612927] RBP: 00007f97733de1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1589.613793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1589.614649] R13: 00007ffc3b84d30f R14: 00007f97733de300 R15: 0000000000022000 [ 1589.615585] [ 1589.637713] FAULT_INJECTION: forcing a failure. [ 1589.637713] name failslab, interval 1, probability 0, space 0, times 0 [ 1589.639196] CPU: 1 PID: 9379 Comm: syz-executor.6 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1589.640190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1589.641188] Call Trace: [ 1589.641518] [ 1589.641823] dump_stack_lvl+0xc1/0xf0 [ 1589.642319] should_fail_ex+0x4b4/0x5b0 [ 1589.642905] should_failslab+0x9/0x20 [ 1589.643403] kmem_cache_alloc_lru+0x6b/0x600 [ 1589.643994] ? __d_alloc+0x31/0x9c0 [ 1589.644496] __d_alloc+0x31/0x9c0 [ 1589.644973] d_alloc_parallel+0x10e/0x1640 [ 1589.645521] ? __d_lookup+0x247/0x4a0 [ 1589.646037] ? lock_release+0x1e3/0x680 [ 1589.646568] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1589.647328] ? __pfx_d_alloc_parallel+0x10/0x10 [ 1589.647942] ? lock_is_held_type+0x9f/0x120 [ 1589.648510] ? __d_lookup+0x269/0x4a0 [ 1589.649008] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1589.649696] lookup_open.isra.0+0x912/0x1400 [ 1589.650259] ? find_held_lock+0x2c/0x110 [ 1589.650795] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 1589.651408] ? __pfx_lock_acquire+0x10/0x10 [ 1589.651952] ? lockref_get_not_dead+0x6a/0x80 [ 1589.652552] path_openat+0x97c/0x2750 [ 1589.653053] ? __pfx_path_openat+0x10/0x10 [ 1589.653580] ? __create_object+0x3ee/0xc90 [ 1589.654123] do_filp_open+0x1ba/0x410 [ 1589.654602] ? __pfx_do_filp_open+0x10/0x10 [ 1589.655152] ? expand_files+0x446/0x8e0 [ 1589.655648] ? find_held_lock+0x2c/0x110 [ 1589.656170] ? do_raw_spin_lock+0x125/0x270 [ 1589.656701] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1589.657286] ? _raw_spin_unlock+0x1e/0x40 [ 1589.657809] ? alloc_fd+0x2eb/0x760 [ 1589.658275] do_sys_openat2+0x171/0x4c0 [ 1589.658792] ? __pfx_do_sys_openat2+0x10/0x10 [ 1589.659370] __x64_sys_openat+0x143/0x200 [ 1589.659884] ? __pfx___x64_sys_openat+0x10/0x10 [ 1589.660461] ? ksys_write+0x1a7/0x260 [ 1589.660957] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1589.661621] do_syscall_64+0x3f/0x90 [ 1589.662094] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1589.662728] RIP: 0033:0x7f2c48fdcb19 [ 1589.663197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1589.665342] RSP: 002b:00007f2c46552188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1589.666262] RAX: ffffffffffffffda RBX: 00007f2c490eff60 RCX: 00007f2c48fdcb19 [ 1589.667127] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1589.667982] RBP: 00007f2c465521d0 R08: 0000000000000000 R09: 0000000000000000 [ 1589.668836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1589.669687] R13: 00007ffdaa8dee9f R14: 00007f2c46552300 R15: 0000000000022000 [ 1589.670563] 19:38:40 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 9) 19:38:40 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:38:40 executing program 7: r0 = open$dir(&(0x7f0000000380)='./file0\x00', 0x2600, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000400)={{0x1, 0x1, 0x18, r0, {0x200}}, './file0\x00'}) execveat(r1, &(0x7f0000000440)='./file0/file0\x00', &(0x7f0000000680)=[&(0x7f0000000480)='@-$,a\x00', &(0x7f00000004c0)='veth0_virt_wifi\x00', &(0x7f0000000500)='!-,{$#-\\\x00', &(0x7f0000000540)='veth0_virt_wifi\x00', &(0x7f0000000580)='\x00', &(0x7f00000005c0)='!\x00', &(0x7f0000000600)='/\x00', &(0x7f0000000640)='/\\^\x00'], &(0x7f0000000780)=[&(0x7f00000006c0)='\x9e\x00', &(0x7f0000000700)='\xff\xff\xff\xff\xff\xff', &(0x7f0000000740)='\xff\xff\xff\xff\xff\xff'], 0x400) mknodat$loop(r0, &(0x7f00000003c0)='./file0\x00', 0x100, 0x0) sendmsg$IPCTNL_MSG_CT_GET_DYING(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x6, 0x1, 0x5, 0x0, 0x0, {0x5}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x44010}, 0x4000) shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmget(0x1, 0x2000, 0x200, &(0x7f0000ffc000/0x2000)=nil) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3f}}, './file0\x00'}) r3 = socket$packet(0x11, 0x3, 0x300) r4 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r4, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r4, 0xb) readv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) ioctl$AUTOFS_IOC_CATATONIC(0xffffffffffffffff, 0x9362, 0x0) shmctl$IPC_RMID(r4, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) ioctl$F2FS_IOC_PRECACHE_EXTENTS(r3, 0xf50f, 0x0) setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000080)={r5, 0x1, 0x4, @broadcast}, 0x10) sendmsg$ETHTOOL_MSG_EEE_SET(r2, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f00000007c0)={0x154, 0x0, 0x200, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_EEE_ENABLED={0x5, 0x5, 0x1}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5, 0x6, 0x1}, @ETHTOOL_A_EEE_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @ETHTOOL_A_EEE_MODES_OURS={0xf0, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4c, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '-\x00'}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x69}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '[\'\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x200}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '%\x00'}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0x9b, 0x4, "86224e71f7ede092253be6627972df4cde997e75037736b90c6b915ab159575784adcc2f652e231c84b024083de79dcbf1901fd98e2c5835312706bbfe8039b84b979510f64330dd54012bc5e3cfe83c1ecf91577d788fa28e3b7d59d6cb5690bace8bfe31173e4ae18a714d10c3b83d35c3625d05f6ce531c40532669030a047d53d3c42a663e911a38af360e8d0d4e99fc4172ce145d"}]}, @ETHTOOL_A_EEE_ENABLED={0x5, 0x5, 0x1}, @ETHTOOL_A_EEE_ENABLED={0x5}, @ETHTOOL_A_EEE_ENABLED={0x5}]}, 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x24008845) shmget(0x2, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil) 19:38:40 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 13) 19:38:40 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) dup2(r0, r1) 19:38:40 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 15) 19:38:40 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 4) [ 1604.417903] loop3: detected capacity change from 0 to 96 [ 1604.425181] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:38:40 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xf) [ 1604.444366] loop5: detected capacity change from 0 to 96 [ 1604.449817] FAULT_INJECTION: forcing a failure. [ 1604.449817] name failslab, interval 1, probability 0, space 0, times 0 [ 1604.451303] CPU: 0 PID: 9396 Comm: syz-executor.3 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1604.451402] loop6: detected capacity change from 0 to 24 [ 1604.452320] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1604.452341] Call Trace: [ 1604.452351] [ 1604.454401] dump_stack_lvl+0xc1/0xf0 [ 1604.454916] should_fail_ex+0x4b4/0x5b0 [ 1604.455473] ? __alloc_file+0x21/0x240 [ 1604.456002] should_failslab+0x9/0x20 [ 1604.456509] kmem_cache_alloc+0x5a/0x390 [ 1604.457063] __alloc_file+0x21/0x240 [ 1604.457572] alloc_empty_file+0x71/0x190 [ 1604.458112] path_openat+0xd8/0x2750 [ 1604.458618] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 1604.459351] ? __pfx_path_openat+0x10/0x10 [ 1604.459902] ? __create_object+0x3ee/0xc90 [ 1604.460465] do_filp_open+0x1ba/0x410 [ 1604.460966] ? __pfx_do_filp_open+0x10/0x10 [ 1604.461529] ? expand_files+0x446/0x8e0 [ 1604.462049] ? find_held_lock+0x2c/0x110 [ 1604.462580] ? alloc_fd+0x2eb/0x760 [ 1604.463073] ? lock_release+0x1e3/0x680 [ 1604.463613] ? do_raw_spin_lock+0x125/0x270 [ 1604.464174] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1604.464784] ? _raw_spin_unlock+0x1e/0x40 [ 1604.465340] ? alloc_fd+0x2eb/0x760 [ 1604.465841] do_sys_openat2+0x171/0x4c0 [ 1604.466360] ? __pfx_do_sys_openat2+0x10/0x10 [ 1604.466978] __x64_sys_openat+0x143/0x200 [ 1604.467519] ? __pfx___x64_sys_openat+0x10/0x10 [ 1604.468127] ? ksys_write+0x1a7/0x260 [ 1604.468638] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1604.469337] do_syscall_64+0x3f/0x90 [ 1604.469826] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1604.470500] RIP: 0033:0x7f9775e68b19 [ 1604.471007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1604.473239] RSP: 002b:00007f97733de188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1604.474197] RAX: ffffffffffffffda RBX: 00007f9775f7bf60 RCX: 00007f9775e68b19 [ 1604.475135] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1604.476021] RBP: 00007f97733de1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1604.476910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1604.477792] R13: 00007ffc3b84d30f R14: 00007f97733de300 R15: 0000000000022000 [ 1604.478709] 19:38:41 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) dup2(r0, r1) [ 1604.495902] FAULT_INJECTION: forcing a failure. [ 1604.495902] name failslab, interval 1, probability 0, space 0, times 0 [ 1604.496786] CPU: 1 PID: 9408 Comm: syz-executor.0 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1604.497368] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1604.497938] Call Trace: [ 1604.498122] [ 1604.498292] dump_stack_lvl+0xc1/0xf0 [ 1604.498578] should_fail_ex+0x4b4/0x5b0 [ 1604.498885] should_failslab+0x9/0x20 [ 1604.499172] __kmem_cache_alloc_node+0x5b/0x310 [ 1604.499532] ? io_sqe_buffers_register+0x1bf/0x9c0 [ 1604.499884] ? io_rsrc_data_alloc+0x384/0x530 [ 1604.500220] ? io_sqe_buffers_register+0x1bf/0x9c0 [ 1604.500525] sit0: entered promiscuous mode [ 1604.500858] __kmalloc+0x4a/0x160 [ 1604.501136] io_sqe_buffers_register+0x1bf/0x9c0 [ 1604.501479] sit0: left promiscuous mode [ 1604.501488] ? __do_sys_io_uring_register+0x199/0x2210 [ 1604.501782] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 1604.502835] __do_sys_io_uring_register+0xfbd/0x2210 [ 1604.503213] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1604.503640] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1604.504053] ? fput+0x2f/0x1a0 [ 1604.504305] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 1604.504693] ? ksys_write+0x1a7/0x260 [ 1604.504976] ? __pfx_ksys_write+0x10/0x10 [ 1604.505284] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1604.505680] do_syscall_64+0x3f/0x90 [ 1604.505955] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1604.506327] RIP: 0033:0x7f5ad5d87b19 [ 1604.506593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1604.507858] RSP: 002b:00007f5ad32fd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 1604.508389] RAX: ffffffffffffffda RBX: 00007f5ad5e9af60 RCX: 00007f5ad5d87b19 [ 1604.508892] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000003 [ 1604.509386] RBP: 00007f5ad32fd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1604.509892] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 1604.510387] R13: 00007ffc02a38a5f R14: 00007f5ad32fd300 R15: 0000000000022000 [ 1604.510899] 19:38:41 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1604.528471] sit0: entered promiscuous mode [ 1604.535130] sit0: left promiscuous mode 19:38:41 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 10) [ 1604.554819] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1604.583529] loop6: detected capacity change from 0 to 24 [ 1604.594581] FAULT_INJECTION: forcing a failure. [ 1604.594581] name failslab, interval 1, probability 0, space 0, times 0 [ 1604.595485] CPU: 1 PID: 9418 Comm: syz-executor.6 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1604.596064] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1604.596630] Call Trace: [ 1604.596817] [ 1604.596985] dump_stack_lvl+0xc1/0xf0 [ 1604.597281] should_fail_ex+0x4b4/0x5b0 [ 1604.597583] ? fat_parse_long.constprop.0+0x8e9/0xb50 [ 1604.597961] should_failslab+0x9/0x20 19:38:41 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) [ 1604.598246] kmem_cache_alloc+0x5a/0x390 [ 1604.598757] ? __lock_acquire+0x1936/0x63b0 [ 1604.599083] fat_parse_long.constprop.0+0x8e9/0xb50 [ 1604.599426] ? lock_acquire+0x19a/0x4c0 19:38:41 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:38:41 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 16) [ 1604.599718] fat_search_long+0x384/0xdb0 [ 1604.600134] ? __pfx_fat_search_long+0x10/0x10 [ 1604.600455] ? __mutex_lock+0x12a1/0x1a30 [ 1604.600760] ? lock_release+0x1e3/0x680 [ 1604.601042] ? vfat_lookup+0xef/0x560 [ 1604.601324] ? d_alloc_parallel+0x7bc/0x1640 [ 1604.601646] vfat_lookup+0x245/0x560 [ 1604.601914] ? __pfx_vfat_lookup+0x10/0x10 [ 1604.602203] ? lock_is_held_type+0x9f/0x120 [ 1604.602515] ? __d_lookup+0x269/0x4a0 [ 1604.602788] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1604.603163] lookup_open.isra.0+0x74e/0x1400 [ 1604.603475] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 1604.603808] ? __pfx_lock_acquire+0x10/0x10 [ 1604.604127] ? lockref_get_not_dead+0x6a/0x80 [ 1604.604484] path_openat+0x97c/0x2750 [ 1604.604779] ? __pfx_path_openat+0x10/0x10 [ 1604.605085] ? __create_object+0x3ee/0xc90 [ 1604.605401] do_filp_open+0x1ba/0x410 [ 1604.605680] ? __pfx_do_filp_open+0x10/0x10 [ 1604.605984] ? expand_files+0x446/0x8e0 [ 1604.606277] ? find_held_lock+0x2c/0x110 [ 1604.606571] ? do_raw_spin_lock+0x125/0x270 [ 1604.606878] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1604.607211] ? _raw_spin_unlock+0x1e/0x40 [ 1604.607510] ? alloc_fd+0x2eb/0x760 [ 1604.607780] do_sys_openat2+0x171/0x4c0 [ 1604.608070] ? __pfx_do_sys_openat2+0x10/0x10 [ 1604.608404] __x64_sys_openat+0x143/0x200 [ 1604.608709] ? __pfx___x64_sys_openat+0x10/0x10 [ 1604.609047] ? ksys_write+0x1a7/0x260 [ 1604.609337] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1604.609723] do_syscall_64+0x3f/0x90 [ 1604.609997] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1604.610376] RIP: 0033:0x7f2c48fdcb19 [ 1604.610634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1604.611907] RSP: 002b:00007f2c46552188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1604.612426] RAX: ffffffffffffffda RBX: 00007f2c490eff60 RCX: 00007f2c48fdcb19 [ 1604.612899] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1604.613370] RBP: 00007f2c465521d0 R08: 0000000000000000 R09: 0000000000000000 [ 1604.613853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1604.614334] R13: 00007ffdaa8dee9f R14: 00007f2c46552300 R15: 0000000000022000 [ 1604.614829] 19:38:41 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 5) 19:38:41 executing program 7: shmget(0x1, 0x3000, 0x54000a06, &(0x7f0000ffb000/0x3000)=nil) shmget(0x2, 0xa000, 0x40, &(0x7f0000ff5000/0xa000)=nil) shmget(0x1, 0x2000, 0x1, &(0x7f0000ffc000/0x2000)=nil) [ 1604.647771] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1604.652744] loop3: detected capacity change from 0 to 96 19:38:41 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 14) 19:38:41 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\b', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:38:41 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 6) 19:38:41 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 15) [ 1604.738899] loop3: detected capacity change from 0 to 96 [ 1604.749751] FAULT_INJECTION: forcing a failure. [ 1604.749751] name failslab, interval 1, probability 0, space 0, times 0 [ 1604.750514] CPU: 1 PID: 9435 Comm: syz-executor.3 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1604.751056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1604.751592] Call Trace: [ 1604.751777] [ 1604.751937] dump_stack_lvl+0xc1/0xf0 [ 1604.752204] should_fail_ex+0x4b4/0x5b0 [ 1604.752487] ? security_file_alloc+0x38/0x170 [ 1604.752795] should_failslab+0x9/0x20 [ 1604.753059] kmem_cache_alloc+0x5a/0x390 [ 1604.753353] security_file_alloc+0x38/0x170 [ 1604.753647] __alloc_file+0xb6/0x240 [ 1604.753919] alloc_empty_file+0x71/0x190 [ 1604.754202] path_openat+0xd8/0x2750 [ 1604.754471] ? __pfx_path_openat+0x10/0x10 [ 1604.754764] ? __create_object+0x3ee/0xc90 [ 1604.755081] do_filp_open+0x1ba/0x410 [ 1604.755352] ? __pfx_do_filp_open+0x10/0x10 [ 1604.755647] ? expand_files+0x446/0x8e0 [ 1604.755918] ? find_held_lock+0x2c/0x110 [ 1604.756197] ? alloc_fd+0x2eb/0x760 [ 1604.756447] ? lock_release+0x1e3/0x680 [ 1604.756732] ? do_raw_spin_lock+0x125/0x270 [ 1604.757025] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1604.757345] ? _raw_spin_unlock+0x1e/0x40 [ 1604.757636] ? alloc_fd+0x2eb/0x760 [ 1604.757896] do_sys_openat2+0x171/0x4c0 [ 1604.758171] ? __pfx_do_sys_openat2+0x10/0x10 [ 1604.758492] __x64_sys_openat+0x143/0x200 [ 1604.758773] ? __pfx___x64_sys_openat+0x10/0x10 [ 1604.759096] ? ksys_write+0x1a7/0x260 [ 1604.759366] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1604.759727] do_syscall_64+0x3f/0x90 [ 1604.759995] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1604.760344] RIP: 0033:0x7f9775e68b19 [ 1604.760595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1604.761760] RSP: 002b:00007f97733de188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1604.762259] RAX: ffffffffffffffda RBX: 00007f9775f7bf60 RCX: 00007f9775e68b19 [ 1604.762721] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1604.763195] RBP: 00007f97733de1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1604.763659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1604.764115] loop5: detected capacity change from 0 to 96 [ 1604.764123] R13: 00007ffc3b84d30f R14: 00007f97733de300 R15: 0000000000022000 [ 1604.764152] [ 1604.768039] FAULT_INJECTION: forcing a failure. [ 1604.768039] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1604.768817] CPU: 1 PID: 9437 Comm: syz-executor.0 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1604.769394] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1604.769969] Call Trace: [ 1604.770166] [ 1604.770339] dump_stack_lvl+0xc1/0xf0 [ 1604.770625] should_fail_ex+0x4b4/0x5b0 [ 1604.770928] _copy_from_user+0x2e/0x180 [ 1604.771232] io_copy_iov+0xbf/0x1c0 [ 1604.771501] ? __pfx_io_copy_iov+0x10/0x10 [ 1604.771812] ? kasan_set_track+0x25/0x30 [ 1604.772109] ? __kasan_kmalloc+0x7f/0x90 [ 1604.772408] io_sqe_buffers_register+0x23c/0x9c0 [ 1604.772755] ? __do_sys_io_uring_register+0x199/0x2210 [ 1604.773145] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 1604.773517] __do_sys_io_uring_register+0xfbd/0x2210 [ 1604.773884] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1604.774305] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1604.774727] ? fput+0x2f/0x1a0 [ 1604.774987] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 1604.775377] ? ksys_write+0x1a7/0x260 [ 1604.775659] ? __pfx_ksys_write+0x10/0x10 [ 1604.775963] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1604.776354] do_syscall_64+0x3f/0x90 [ 1604.776632] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1604.777003] RIP: 0033:0x7f5ad5d87b19 [ 1604.777272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1604.778528] RSP: 002b:00007f5ad32fd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 1604.779080] RAX: ffffffffffffffda RBX: 00007f5ad5e9af60 RCX: 00007f5ad5d87b19 [ 1604.779575] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000003 [ 1604.780075] RBP: 00007f5ad32fd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1604.780571] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 1604.781066] R13: 00007ffc02a38a5f R14: 00007f5ad32fd300 R15: 0000000000022000 [ 1604.781586] 19:38:54 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 11) 19:38:54 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 17) 19:38:54 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c000001", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1617.732785] loop5: detected capacity change from 0 to 96 19:38:54 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:38:54 executing program 7: read$eventfd(0xffffffffffffffff, &(0x7f0000000000), 0x8) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x0) r1 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) r3 = openat(r2, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r3, 0x5) readv(r3, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) r4 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) openat(r5, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) io_submit(0x0, 0x2, &(0x7f0000000180)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0xe370, r0, &(0x7f0000000040)="488ad0d62061d5a4d437b8be8663df56d7c37c7d0dd37c01727d54f8", 0x1c, 0x40, 0x0, 0x1}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xc, 0x5, r3, &(0x7f00000000c0)="ed1c4fe564383711c20f0c28e635bb8778d92d1eb7c13f3feb0e1d409396d5e2d6b78e996e817c24e322aa47950c3629544e8f4ff4f50889a648780abe11c2fcdcf2436c0bc67305abfe944ed94c", 0x4e, 0xffff, 0x0, 0x0, r5}]) shmget(0x3, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) 19:38:54 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x78000000, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x40}) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffc000/0x3000)=nil, 0x0) 19:38:54 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 7) 19:38:54 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 16) [ 1617.783114] loop3: detected capacity change from 0 to 96 [ 1617.784301] FAULT_INJECTION: forcing a failure. [ 1617.784301] name failslab, interval 1, probability 0, space 0, times 0 [ 1617.785123] CPU: 0 PID: 9459 Comm: syz-executor.0 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1617.785668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1617.786205] Call Trace: [ 1617.786397] [ 1617.786554] dump_stack_lvl+0xc1/0xf0 [ 1617.786828] should_fail_ex+0x4b4/0x5b0 [ 1617.787116] should_failslab+0x9/0x20 [ 1617.787386] __kmem_cache_alloc_node+0x5b/0x310 [ 1617.787712] ? kvmalloc_node+0xaa/0x200 [ 1617.787992] ? __kasan_kmalloc+0x7f/0x90 [ 1617.788274] ? __kmalloc+0x5a/0x160 [ 1617.788545] ? kvmalloc_node+0xaa/0x200 [ 1617.788844] __kmalloc_node+0x4d/0x160 [ 1617.788944] loop6: detected capacity change from 0 to 24 [ 1617.789123] kvmalloc_node+0xaa/0x200 [ 1617.789152] io_pin_pages+0x78/0x4c0 [ 1617.790335] ? lock_release+0x1e3/0x680 [ 1617.790623] ? __pfx_lock_release+0x10/0x10 [ 1617.790927] io_sqe_buffer_register+0x151/0x1660 [ 1617.791277] ? _copy_from_user+0xff/0x180 [ 1617.791564] ? io_copy_iov+0xdf/0x1c0 [ 1617.791834] ? __pfx_io_sqe_buffer_register+0x10/0x10 [ 1617.792188] ? kasan_set_track+0x25/0x30 [ 1617.792471] ? __kasan_kmalloc+0x7f/0x90 [ 1617.792769] io_sqe_buffers_register+0x2ec/0x9c0 [ 1617.793107] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 1617.793480] __do_sys_io_uring_register+0xfbd/0x2210 [ 1617.793832] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1617.794199] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 1617.794584] do_syscall_64+0x3f/0x90 [ 1617.794844] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1617.795221] RIP: 0033:0x7f5ad5d87b19 [ 1617.795478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1617.796736] RSP: 002b:00007f5ad32fd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 1617.797271] RAX: ffffffffffffffda RBX: 00007f5ad5e9af60 RCX: 00007f5ad5d87b19 [ 1617.797777] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000003 [ 1617.798273] RBP: 00007f5ad32fd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1617.798768] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 1617.799277] R13: 00007ffc02a38a5f R14: 00007f5ad32fd300 R15: 0000000000022000 [ 1617.799801] 19:38:54 executing program 7: shmget(0x0, 0x4000, 0x1000, &(0x7f0000ffc000/0x4000)=nil) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0xfd) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) mmap$perf(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000008, 0x50, r1, 0xff) 19:38:54 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 18) 19:38:54 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) [ 1617.854670] loop5: detected capacity change from 0 to 96 19:38:54 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:38:54 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 12) [ 1617.936387] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1617.965488] loop6: detected capacity change from 0 to 24 [ 1617.972879] FAULT_INJECTION: forcing a failure. [ 1617.972879] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1617.974326] CPU: 1 PID: 9477 Comm: syz-executor.6 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1617.975313] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1617.976245] Call Trace: [ 1617.976563] [ 1617.976848] dump_stack_lvl+0xc1/0xf0 [ 1617.977331] should_fail_ex+0x4b4/0x5b0 [ 1617.977830] _copy_to_user+0x2e/0x150 [ 1617.978282] simple_read_from_buffer+0xd0/0x170 [ 1617.978844] proc_fail_nth_read+0x19c/0x230 [ 1617.979363] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1617.979927] ? security_file_permission+0xb5/0xe0 [ 1617.980503] vfs_read+0x260/0x940 [ 1617.980930] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1617.981495] ? __pfx_vfs_read+0x10/0x10 [ 1617.981981] ? __fget_files+0x270/0x480 [ 1617.982473] ksys_read+0x12b/0x260 [ 1617.982911] ? __pfx_ksys_read+0x10/0x10 [ 1617.983416] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1617.984053] do_syscall_64+0x3f/0x90 [ 1617.984519] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1617.985159] RIP: 0033:0x7f2c48f8f69c [ 1617.985619] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1617.987799] RSP: 002b:00007f2c46552170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1617.988692] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007f2c48f8f69c [ 1617.989538] RDX: 000000000000000f RSI: 00007f2c465521e0 RDI: 0000000000000003 [ 1617.990404] RBP: 00007f2c465521d0 R08: 0000000000000000 R09: 0000000000000000 [ 1617.991253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1617.992096] R13: 00007ffdaa8dee9f R14: 00007f2c46552300 R15: 0000000000022000 [ 1617.992974] 19:39:07 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 8) 19:39:07 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 17) 19:39:07 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) 19:39:07 executing program 4: shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) r0 = shmget(0x3, 0x1000, 0x8, &(0x7f0000fff000/0x1000)=nil) shmget$private(0x0, 0x2000, 0x1000, &(0x7f0000ffe000/0x2000)=nil) shmget(0x3, 0x4000, 0x1000, &(0x7f0000ffc000/0x4000)=nil) shmget(0x1, 0x4000, 0x10, &(0x7f0000ffc000/0x4000)=nil) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r2, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r2, 0xb) shmget$private(0x0, 0x3000, 0x100, &(0x7f0000ffd000/0x3000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) 19:39:07 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 19) 19:39:07 executing program 7: r0 = shmget(0x1, 0x1000, 0x10, &(0x7f0000ff8000/0x1000)=nil) shmat(r0, &(0x7f0000ff8000/0x4000)=nil, 0x2000) 19:39:07 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:39:07 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1630.784903] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1630.807792] loop5: detected capacity change from 0 to 96 [ 1630.811095] loop6: detected capacity change from 0 to 24 [ 1630.817538] loop3: detected capacity change from 0 to 96 19:39:07 executing program 7: getdents64(0xffffffffffffff9c, &(0x7f0000000000)=""/11, 0xb) shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) 19:39:07 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:39:07 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 18) 19:39:07 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:39:07 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x0) 19:39:07 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 9) 19:39:07 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 20) [ 1630.957677] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1630.980347] FAULT_INJECTION: forcing a failure. [ 1630.980347] name failslab, interval 1, probability 0, space 0, times 0 [ 1630.981274] CPU: 1 PID: 9510 Comm: syz-executor.0 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1630.981854] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1630.982447] Call Trace: [ 1630.982649] [ 1630.982855] dump_stack_lvl+0xc1/0xf0 [ 1630.983210] should_fail_ex+0x4b4/0x5b0 [ 1630.983613] should_failslab+0x9/0x20 [ 1630.983966] __kmem_cache_alloc_node+0x5b/0x310 [ 1630.984409] ? kvmalloc_node+0xaa/0x200 [ 1630.984792] ? kvmalloc_node+0xaa/0x200 [ 1630.985169] __kmalloc_node+0x4d/0x160 [ 1630.985545] kvmalloc_node+0xaa/0x200 [ 1630.985914] io_pin_pages+0x9c/0x4c0 [ 1630.986211] ? __pfx_lock_release+0x10/0x10 [ 1630.986546] io_sqe_buffer_register+0x151/0x1660 [ 1630.986930] ? _copy_from_user+0xff/0x180 [ 1630.987251] ? io_copy_iov+0xdf/0x1c0 [ 1630.987534] ? __pfx_io_sqe_buffer_register+0x10/0x10 [ 1630.987927] ? kasan_set_track+0x25/0x30 [ 1630.988230] ? __kasan_kmalloc+0x7f/0x90 [ 1630.988540] io_sqe_buffers_register+0x2ec/0x9c0 [ 1630.988907] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 1630.989312] __do_sys_io_uring_register+0xfbd/0x2210 [ 1630.989690] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1630.990123] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1630.990551] ? fput+0x2f/0x1a0 [ 1630.990804] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 1630.991261] ? ksys_write+0x1a7/0x260 [ 1630.991567] ? __pfx_ksys_write+0x10/0x10 [ 1630.991887] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1630.992284] do_syscall_64+0x3f/0x90 [ 1630.992564] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1630.992953] RIP: 0033:0x7f5ad5d87b19 [ 1630.993233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1630.994535] RSP: 002b:00007f5ad32fd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 1630.995091] RAX: ffffffffffffffda RBX: 00007f5ad5e9af60 RCX: 00007f5ad5d87b19 [ 1630.995616] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000003 [ 1630.996134] RBP: 00007f5ad32fd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1630.996642] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 1630.997150] R13: 00007ffc02a38a5f R14: 00007f5ad32fd300 R15: 0000000000022000 [ 1630.997684] [ 1631.001241] loop3: detected capacity change from 0 to 96 [ 1631.006057] loop6: detected capacity change from 0 to 24 [ 1631.012541] loop5: detected capacity change from 0 to 96 19:39:20 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 19) 19:39:20 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:39:20 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x3, 0x0) 19:39:20 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:39:20 executing program 7: r0 = shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffc000/0x1000)=nil, 0x4000) shmat(r0, &(0x7f0000ffb000/0x2000)=nil, 0x4000) 19:39:20 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) shmctl$IPC_RMID(r1, 0x0) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) 19:39:20 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 21) 19:39:20 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 10) [ 1644.061838] loop5: detected capacity change from 0 to 96 [ 1644.063505] loop6: detected capacity change from 0 to 24 [ 1644.070366] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1644.105442] loop3: detected capacity change from 0 to 96 19:39:20 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:39:20 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x4, 0x0) 19:39:20 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 22) [ 1644.137661] FAULT_INJECTION: forcing a failure. [ 1644.137661] name failslab, interval 1, probability 0, space 0, times 0 [ 1644.139599] CPU: 0 PID: 9542 Comm: syz-executor.3 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1644.140791] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1644.141984] Call Trace: [ 1644.142380] [ 1644.142730] dump_stack_lvl+0xc1/0xf0 [ 1644.143321] should_fail_ex+0x4b4/0x5b0 [ 1644.143978] ? fat_parse_long.constprop.0+0x8e9/0xb50 [ 1644.144753] should_failslab+0x9/0x20 [ 1644.145337] kmem_cache_alloc+0x5a/0x390 [ 1644.145972] ? __lock_acquire+0x1936/0x63b0 [ 1644.146672] fat_parse_long.constprop.0+0x8e9/0xb50 [ 1644.147445] ? lock_acquire+0x19a/0x4c0 [ 1644.148132] fat_search_long+0x384/0xdb0 [ 1644.148674] ? __pfx_fat_search_long+0x10/0x10 [ 1644.149256] ? __mutex_lock+0x12a1/0x1a30 [ 1644.149802] ? lock_release+0x1e3/0x680 [ 1644.150323] ? vfat_lookup+0xef/0x560 [ 1644.150823] ? d_alloc_parallel+0x7bc/0x1640 [ 1644.151408] vfat_lookup+0x245/0x560 [ 1644.151903] ? __pfx_vfat_lookup+0x10/0x10 [ 1644.152433] ? lock_is_held_type+0x9f/0x120 [ 1644.152991] ? __d_lookup+0x269/0x4a0 [ 1644.153492] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1644.154154] lookup_open.isra.0+0x74e/0x1400 [ 1644.154713] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 1644.155320] ? __pfx_lock_acquire+0x10/0x10 [ 1644.155882] ? lockref_get_not_dead+0x6a/0x80 [ 1644.156496] path_openat+0x97c/0x2750 [ 1644.156992] ? __pfx_path_openat+0x10/0x10 [ 1644.157516] ? __create_object+0x3ee/0xc90 [ 1644.158063] do_filp_open+0x1ba/0x410 [ 1644.158547] ? __pfx_do_filp_open+0x10/0x10 [ 1644.159086] ? expand_files+0x446/0x8e0 [ 1644.159600] ? find_held_lock+0x2c/0x110 [ 1644.160125] ? do_raw_spin_lock+0x125/0x270 [ 1644.160654] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1644.161240] ? _raw_spin_unlock+0x1e/0x40 [ 1644.161763] ? alloc_fd+0x2eb/0x760 [ 1644.162237] do_sys_openat2+0x171/0x4c0 [ 1644.162736] ? __pfx_do_sys_openat2+0x10/0x10 [ 1644.163315] __x64_sys_openat+0x143/0x200 [ 1644.163837] ? __pfx___x64_sys_openat+0x10/0x10 [ 1644.164420] ? ksys_write+0x1a7/0x260 [ 1644.164912] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1644.165570] do_syscall_64+0x3f/0x90 [ 1644.166037] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1644.166675] RIP: 0033:0x7f9775e68b19 [ 1644.167135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1644.168262] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1644.169280] RSP: 002b:00007f97733de188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1644.169316] RAX: ffffffffffffffda RBX: 00007f9775f7bf60 RCX: 00007f9775e68b19 [ 1644.171587] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1644.171882] loop6: detected capacity change from 0 to 24 [ 1644.172435] RBP: 00007f97733de1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1644.172456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1644.174447] R13: 00007ffc3b84d30f R14: 00007f97733de300 R15: 0000000000022000 [ 1644.175325] [ 1644.185561] loop5: detected capacity change from 0 to 96 19:39:20 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:39:20 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:39:20 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x0) 19:39:20 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 20) 19:39:20 executing program 7: shmget(0x1, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmget(0x0, 0xb000, 0x10, &(0x7f0000ff3000/0xb000)=nil) r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) fsmount(r2, 0x0, 0x71) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x80011, r1, 0x0) [ 1644.278397] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1644.287525] loop6: detected capacity change from 0 to 24 [ 1644.295627] FAULT_INJECTION: forcing a failure. [ 1644.295627] name failslab, interval 1, probability 0, space 0, times 0 [ 1644.297055] CPU: 0 PID: 9564 Comm: syz-executor.0 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1644.298024] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1644.298992] Call Trace: [ 1644.299317] [ 1644.299621] dump_stack_lvl+0xc1/0xf0 [ 1644.300108] should_fail_ex+0x4b4/0x5b0 [ 1644.300633] should_failslab+0x9/0x20 [ 1644.301111] __kmem_cache_alloc_node+0x5b/0x310 [ 1644.301713] ? kvmalloc_node+0xaa/0x200 [ 1644.302228] ? __kmem_cache_free+0xd1/0x2f0 [ 1644.302788] ? kvmalloc_node+0xaa/0x200 [ 1644.303294] __kmalloc_node+0x4d/0x160 [ 1644.303817] kvmalloc_node+0xaa/0x200 [ 1644.304328] io_sqe_buffer_register+0x20d/0x1660 [ 1644.304940] ? _copy_from_user+0xff/0x180 [ 1644.305453] ? __pfx_io_sqe_buffer_register+0x10/0x10 [ 1644.306090] ? kasan_set_track+0x25/0x30 [ 1644.306596] ? __kasan_kmalloc+0x7f/0x90 [ 1644.307113] io_sqe_buffers_register+0x2ec/0x9c0 [ 1644.307738] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 1644.308408] __do_sys_io_uring_register+0xfbd/0x2210 [ 1644.309036] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1644.309742] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1644.310451] ? fput+0x2f/0x1a0 [ 1644.310883] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 1644.311554] ? ksys_write+0x1a7/0x260 [ 1644.312039] ? __pfx_ksys_write+0x10/0x10 [ 1644.312566] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1644.313225] do_syscall_64+0x3f/0x90 [ 1644.313693] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1644.314324] RIP: 0033:0x7f5ad5d87b19 [ 1644.314782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1644.316898] RSP: 002b:00007f5ad32fd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 1644.317804] RAX: ffffffffffffffda RBX: 00007f5ad5e9af60 RCX: 00007f5ad5d87b19 [ 1644.318648] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000003 [ 1644.319517] RBP: 00007f5ad32fd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1644.320367] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 1644.321228] R13: 00007ffc02a38a5f R14: 00007f5ad32fd300 R15: 0000000000022000 [ 1644.322098] [ 1656.006395] loop5: detected capacity change from 0 to 96 19:39:32 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 23) 19:39:32 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 11) 19:39:32 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x8) r0 = shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmat(r0, &(0x7f0000ffc000/0x1000)=nil, 0x2000) 19:39:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3cffffff", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:39:32 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:39:32 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 21) [ 1656.020702] loop6: detected capacity change from 0 to 24 [ 1656.023301] loop3: detected capacity change from 0 to 96 19:39:32 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x10, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x3000) shmctl$SHM_LOCK(r1, 0xb) shmctl$SHM_INFO(r1, 0xe, &(0x7f0000000000)=""/4096) shmctl$SHM_LOCK(0x0, 0xb) shmget$private(0x0, 0x1000, 0x400, &(0x7f0000ffe000/0x1000)=nil) shmget$private(0x0, 0x2000, 0x4, &(0x7f0000ffe000/0x2000)=nil) 19:39:32 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xf, 0x0) 19:39:32 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 12) 19:39:32 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x13, 0x0) 19:39:32 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 24) 19:39:32 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x1, &(0x7f0000ffe000/0x2000)=nil) shmget$private(0x0, 0x2000, 0x1000, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) 19:39:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3cffffff", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:39:32 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:39:32 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 22) [ 1656.152498] loop5: detected capacity change from 0 to 96 [ 1656.155459] loop6: detected capacity change from 0 to 24 [ 1656.159821] loop3: detected capacity change from 0 to 96 [ 1656.203205] FAULT_INJECTION: forcing a failure. [ 1656.203205] name failslab, interval 1, probability 0, space 0, times 0 [ 1656.204820] CPU: 0 PID: 9598 Comm: syz-executor.3 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1656.205942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1656.207068] Call Trace: [ 1656.207439] [ 1656.207799] dump_stack_lvl+0xc1/0xf0 [ 1656.208364] should_fail_ex+0x4b4/0x5b0 [ 1656.208961] should_failslab+0x9/0x20 [ 1656.209501] kmem_cache_alloc_lru+0x6b/0x600 [ 1656.210145] ? fat_alloc_inode+0x27/0x1f0 [ 1656.210758] fat_alloc_inode+0x27/0x1f0 [ 1656.211340] ? __pfx_fat_alloc_inode+0x10/0x10 [ 1656.212028] alloc_inode+0x63/0x240 [ 1656.212559] new_inode+0x25/0x1f0 [ 1656.213073] fat_build_inode+0x14e/0x2e0 [ 1656.213676] vfat_lookup+0x31b/0x560 [ 1656.214223] ? __pfx_vfat_lookup+0x10/0x10 [ 1656.214820] ? lock_is_held_type+0x9f/0x120 [ 1656.215458] ? __d_lookup+0x269/0x4a0 [ 1656.216053] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1656.216817] lookup_open.isra.0+0x74e/0x1400 [ 1656.217458] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 1656.218147] ? __pfx_lock_acquire+0x10/0x10 [ 1656.218771] ? lockref_get_not_dead+0x6a/0x80 [ 1656.219453] path_openat+0x97c/0x2750 [ 1656.220039] ? __pfx_path_openat+0x10/0x10 [ 1656.220635] ? __create_object+0x3ee/0xc90 [ 1656.221249] do_filp_open+0x1ba/0x410 [ 1656.221795] ? __pfx_do_filp_open+0x10/0x10 [ 1656.222404] ? expand_files+0x446/0x8e0 [ 1656.222960] ? find_held_lock+0x2c/0x110 [ 1656.223551] ? do_raw_spin_lock+0x125/0x270 [ 1656.224188] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1656.224860] ? _raw_spin_unlock+0x1e/0x40 [ 1656.225454] ? alloc_fd+0x2eb/0x760 [ 1656.225987] do_sys_openat2+0x171/0x4c0 [ 1656.226553] ? __pfx_do_sys_openat2+0x10/0x10 [ 1656.227205] __x64_sys_openat+0x143/0x200 [ 1656.227816] ? __pfx___x64_sys_openat+0x10/0x10 [ 1656.228466] ? ksys_write+0x1a7/0x260 [ 1656.229028] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1656.229779] do_syscall_64+0x3f/0x90 [ 1656.230313] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1656.231026] RIP: 0033:0x7f9775e68b19 [ 1656.231546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1656.233998] RSP: 002b:00007f97733de188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1656.235038] RAX: ffffffffffffffda RBX: 00007f9775f7bf60 RCX: 00007f9775e68b19 [ 1656.236037] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1656.237006] RBP: 00007f97733de1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1656.237974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1656.238944] R13: 00007ffc3b84d30f R14: 00007f97733de300 R15: 0000000000022000 [ 1656.239975] 19:39:32 executing program 7: shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) r1 = shmget(0x1, 0x3000, 0x40, &(0x7f0000ffb000/0x3000)=nil) shmctl$IPC_RMID(r1, 0x0) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x8, 0x0, 0x0, 0xffffffffffffffff}) shmat(r0, &(0x7f0000ffc000/0x3000)=nil, 0x2000) shmctl$SHM_LOCK(r0, 0xb) shmat(r0, &(0x7f0000ffb000/0x3000)=nil, 0x4000) 19:39:32 executing program 4: r0 = shmget$private(0x0, 0x3000, 0x40, &(0x7f0000ffd000/0x3000)=nil) shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil) shmget$private(0x0, 0x1000, 0x100, &(0x7f0000fff000/0x1000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) r1 = shmget(0x3, 0x3000, 0x100, &(0x7f0000ffd000/0x3000)=nil) shmat(r1, &(0x7f0000ffd000/0x2000)=nil, 0x2000) 19:39:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c00e0ff", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1656.313370] FAULT_INJECTION: forcing a failure. [ 1656.313370] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1656.315155] CPU: 0 PID: 9609 Comm: syz-executor.0 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1656.316405] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1656.317615] Call Trace: [ 1656.318022] [ 1656.318383] dump_stack_lvl+0xc1/0xf0 [ 1656.318986] should_fail_ex+0x4b4/0x5b0 [ 1656.319650] _copy_from_user+0x2e/0x180 [ 1656.320272] io_copy_iov+0xbf/0x1c0 [ 1656.320848] ? __pfx_io_copy_iov+0x10/0x10 [ 1656.321504] ? kasan_set_track+0x25/0x30 [ 1656.322127] ? __kasan_kmalloc+0x7f/0x90 [ 1656.322768] io_sqe_buffers_register+0x23c/0x9c0 [ 1656.323520] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 1656.324386] __do_sys_io_uring_register+0xfbd/0x2210 [ 1656.325176] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1656.326062] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1656.326945] ? fput+0x2f/0x1a0 [ 1656.327475] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 1656.328313] ? ksys_write+0x1a7/0x260 [ 1656.328912] ? __pfx_ksys_write+0x10/0x10 [ 1656.329565] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1656.330392] do_syscall_64+0x3f/0x90 [ 1656.330976] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1656.331775] RIP: 0033:0x7f5ad5d87b19 [ 1656.332340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1656.334971] RSP: 002b:00007f5ad32fd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 1656.336115] RAX: ffffffffffffffda RBX: 00007f5ad5e9af60 RCX: 00007f5ad5d87b19 [ 1656.337173] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000003 [ 1656.338219] RBP: 00007f5ad32fd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1656.339264] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 1656.340325] R13: 00007ffc02a38a5f R14: 00007f5ad32fd300 R15: 0000000000022000 [ 1656.341400] 19:39:44 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 25) 19:39:44 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x18, 0x0) 19:39:44 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c00f0ff", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:39:44 executing program 4: ioctl$EXT4_IOC_GETSTATE(0xffffffffffffffff, 0x40046629, &(0x7f0000000000)) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) shmctl$SHM_LOCK(0x0, 0xb) 19:39:44 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:39:44 executing program 7: preadv2(0xffffffffffffffff, &(0x7f00000014c0)=[{&(0x7f0000000000)=""/206, 0xce}, {&(0x7f0000000100)=""/4096, 0x1000}, {&(0x7f0000001100)=""/22, 0x16}, {&(0x7f0000001140)=""/159, 0x9f}, {&(0x7f0000001200)=""/114, 0x72}, {&(0x7f0000001280)=""/240, 0xf0}, {&(0x7f0000001380)=""/32, 0x20}, {&(0x7f00000013c0)=""/172, 0xac}, {&(0x7f0000001480)=""/47, 0x2f}], 0x9, 0x1, 0x7, 0x19) shmget(0x2, 0xa000, 0x400, &(0x7f0000ff6000/0xa000)=nil) 19:39:44 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 23) 19:39:44 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 13) [ 1668.256930] loop6: detected capacity change from 0 to 24 [ 1668.270424] loop3: detected capacity change from 0 to 96 [ 1668.300151] FAULT_INJECTION: forcing a failure. [ 1668.300151] name failslab, interval 1, probability 0, space 0, times 0 [ 1668.300977] CPU: 1 PID: 9642 Comm: syz-executor.0 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1668.301521] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1668.302054] Call Trace: [ 1668.302229] [ 1668.302388] dump_stack_lvl+0xc1/0xf0 [ 1668.302655] should_fail_ex+0x4b4/0x5b0 [ 1668.302947] should_failslab+0x9/0x20 [ 1668.303209] __kmem_cache_alloc_node+0x5b/0x310 [ 1668.303537] ? kvmalloc_node+0xaa/0x200 [ 1668.303830] ? kvmalloc_node+0xaa/0x200 [ 1668.304109] __kmalloc_node+0x4d/0x160 [ 1668.304384] kvmalloc_node+0xaa/0x200 [ 1668.304654] io_pin_pages+0x78/0x4c0 [ 1668.304912] ? lock_release+0x1e3/0x680 [ 1668.305196] ? __pfx_lock_release+0x10/0x10 [ 1668.305499] io_sqe_buffer_register+0x151/0x1660 [ 1668.305836] ? _copy_from_user+0xff/0x180 [ 1668.306119] ? io_copy_iov+0xdf/0x1c0 [ 1668.306383] ? __pfx_io_sqe_buffer_register+0x10/0x10 [ 1668.306734] ? kasan_set_track+0x25/0x30 [ 1668.307011] ? __kasan_kmalloc+0x7f/0x90 [ 1668.307291] io_sqe_buffers_register+0x2ec/0x9c0 [ 1668.307454] loop5: detected capacity change from 0 to 96 [ 1668.307616] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 1668.308731] __do_sys_io_uring_register+0xfbd/0x2210 [ 1668.309076] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1668.309464] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1668.309869] ? fput+0x2f/0x1a0 [ 1668.310121] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 1668.310504] ? ksys_write+0x1a7/0x260 [ 1668.310782] ? __pfx_ksys_write+0x10/0x10 [ 1668.311092] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1668.311466] do_syscall_64+0x3f/0x90 [ 1668.311734] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1668.312106] RIP: 0033:0x7f5ad5d87b19 [ 1668.312367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1668.313589] RSP: 002b:00007f5ad32fd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 1668.314112] RAX: ffffffffffffffda RBX: 00007f5ad5e9af60 RCX: 00007f5ad5d87b19 [ 1668.314596] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000003 [ 1668.315091] RBP: 00007f5ad32fd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1668.315576] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 1668.316072] R13: 00007ffc02a38a5f R14: 00007f5ad32fd300 R15: 0000000000022000 [ 1668.316572] 19:39:44 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c7fffff", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:39:44 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xcb, 0x0) [ 1668.364886] loop6: detected capacity change from 0 to 24 19:39:44 executing program 7: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) copy_file_range(r0, &(0x7f0000000000), r1, &(0x7f0000000040)=0x1, 0x4, 0x0) fsmount(r0, 0x1, 0x8c) shmget(0x1, 0x1000, 0x1, &(0x7f0000ffe000/0x1000)=nil) 19:39:44 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:39:44 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 14) [ 1668.412672] loop3: detected capacity change from 0 to 96 19:39:44 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 24) [ 1668.470906] FAULT_INJECTION: forcing a failure. [ 1668.470906] name failslab, interval 1, probability 0, space 0, times 0 [ 1668.472602] CPU: 0 PID: 9651 Comm: syz-executor.3 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1668.473744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1668.474902] Call Trace: [ 1668.475294] [ 1668.475645] dump_stack_lvl+0xc1/0xf0 [ 1668.476272] should_fail_ex+0x4b4/0x5b0 [ 1668.476895] ? security_inode_alloc+0x38/0x160 [ 1668.477566] should_failslab+0x9/0x20 [ 1668.478130] kmem_cache_alloc+0x5a/0x390 [ 1668.478755] security_inode_alloc+0x38/0x160 [ 1668.479404] inode_init_always+0xbb2/0xea0 [ 1668.480041] ? __init_rwsem+0x12d/0x1b0 [ 1668.480647] alloc_inode+0x84/0x240 [ 1668.481211] new_inode+0x25/0x1f0 [ 1668.481790] fat_build_inode+0x14e/0x2e0 [ 1668.482477] vfat_lookup+0x31b/0x560 [ 1668.483100] ? __pfx_vfat_lookup+0x10/0x10 [ 1668.483774] ? lock_is_held_type+0x9f/0x120 [ 1668.484509] ? __d_lookup+0x269/0x4a0 [ 1668.485130] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1668.486004] lookup_open.isra.0+0x74e/0x1400 [ 1668.486737] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 1668.487540] ? __pfx_lock_acquire+0x10/0x10 [ 1668.488242] ? lockref_get_not_dead+0x6a/0x80 [ 1668.489013] path_openat+0x97c/0x2750 [ 1668.489668] ? __pfx_path_openat+0x10/0x10 [ 1668.490335] ? __create_object+0x3ee/0xc90 [ 1668.491023] do_filp_open+0x1ba/0x410 [ 1668.491634] ? __pfx_do_filp_open+0x10/0x10 [ 1668.492346] ? expand_files+0x446/0x8e0 [ 1668.492984] ? find_held_lock+0x2c/0x110 [ 1668.493651] ? do_raw_spin_lock+0x125/0x270 [ 1668.494322] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1668.495064] ? _raw_spin_unlock+0x1e/0x40 [ 1668.495718] ? alloc_fd+0x2eb/0x760 [ 1668.496343] do_sys_openat2+0x171/0x4c0 [ 1668.496991] ? __pfx_do_sys_openat2+0x10/0x10 [ 1668.497731] __x64_sys_openat+0x143/0x200 [ 1668.498379] ? __pfx___x64_sys_openat+0x10/0x10 [ 1668.499106] ? ksys_write+0x1a7/0x260 [ 1668.499740] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1668.500596] do_syscall_64+0x3f/0x90 [ 1668.501179] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1668.501984] RIP: 0033:0x7f9775e68b19 [ 1668.502584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1668.505294] RSP: 002b:00007f97733de188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1668.506438] RAX: ffffffffffffffda RBX: 00007f9775f7bf60 RCX: 00007f9775e68b19 [ 1668.507521] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1668.508603] RBP: 00007f97733de1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1668.509675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1668.510737] R13: 00007ffc3b84d30f R14: 00007f97733de300 R15: 0000000000022000 [ 1668.511855] 19:39:56 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 25) 19:39:56 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c9effff", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:39:56 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 15) 19:39:56 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xf0, 0x0) 19:39:56 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 26) 19:39:56 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000200)={0x0, @loopback, @private}, &(0x7f0000000240)=0xc) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000000080)={'sit0\x00', &(0x7f0000000000)={'syztnl1\x00', r1, 0x2f, 0x4, 0x4, 0x3, 0x20, @local, @remote, 0x7800, 0x7, 0x3800000}}) r3 = open_tree(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x801) sendmsg$MPTCP_PM_CMD_SET_LIMITS(r3, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0xa4, 0x0, 0x8, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}, @MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010102}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r1}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x49}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}]}, 0xa4}, 0x1, 0x0, 0x0, 0x24004084}, 0x240000c0) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, &(0x7f0000000140)={'syztnl1\x00', &(0x7f00000000c0)={'ip6gre0\x00', r2, 0x2f, 0xfc, 0x6, 0x0, 0x0, @empty, @private2, 0x8, 0x1, 0x6, 0x4}}) r4 = shmget$private(0x0, 0x1000, 0x54000004, &(0x7f0000ffd000/0x1000)=nil) shmat(r4, &(0x7f0000ffd000/0x2000)=nil, 0x5000) shmctl$SHM_LOCK(r4, 0xb) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x80, 0x2, 0x0, 0x2, 0x4c, 0x8000}, 0x20) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000480)={@mcast2, 0x63476e71, 0x2, 0x3, 0x2, 0x6, 0x32e8}, 0x20) setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000080)={r6, 0x1, 0x4, @broadcast}, 0x10) r7 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) setsockopt$packet_add_memb(r7, 0x107, 0x1, &(0x7f0000000080)={r8, 0x1, 0x4, @broadcast}, 0x10) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000180)={@private0, @empty, @mcast1, 0x1, 0xe5a, 0x1000, 0x500, 0x9, 0x88500148, r6}) shmctl$SHM_LOCK(0x0, 0xb) 19:39:56 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, 0xffffffffffffffff) 19:39:56 executing program 7: shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) mincore(&(0x7f0000ff0000/0xa000)=nil, 0xa000, &(0x7f0000000000)=""/27) shmget(0x1, 0x4000, 0x200, &(0x7f0000ff8000/0x4000)=nil) [ 1679.582913] loop3: detected capacity change from 0 to 96 [ 1679.583959] loop5: detected capacity change from 0 to 96 [ 1679.591532] loop6: detected capacity change from 0 to 24 [ 1679.610633] FAULT_INJECTION: forcing a failure. [ 1679.610633] name failslab, interval 1, probability 0, space 0, times 0 [ 1679.612141] CPU: 1 PID: 9675 Comm: syz-executor.0 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1679.613188] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1679.614220] Call Trace: [ 1679.614564] [ 1679.614867] dump_stack_lvl+0xc1/0xf0 [ 1679.615377] should_fail_ex+0x4b4/0x5b0 [ 1679.615951] should_failslab+0x9/0x20 [ 1679.616463] __kmem_cache_alloc_node+0x5b/0x310 [ 1679.617100] ? kvmalloc_node+0xaa/0x200 [ 1679.617648] ? kvmalloc_node+0xaa/0x200 [ 1679.618192] __kmalloc_node+0x4d/0x160 [ 1679.618729] kvmalloc_node+0xaa/0x200 [ 1679.619267] io_pin_pages+0x9c/0x4c0 [ 1679.619780] ? __pfx_lock_release+0x10/0x10 [ 1679.620400] io_sqe_buffer_register+0x151/0x1660 [ 1679.621074] ? _copy_from_user+0xff/0x180 [ 1679.621641] ? io_copy_iov+0xdf/0x1c0 [ 1679.622164] ? __pfx_io_sqe_buffer_register+0x10/0x10 [ 1679.622864] ? kasan_set_track+0x25/0x30 [ 1679.623420] ? __kasan_kmalloc+0x7f/0x90 [ 1679.623987] io_sqe_buffers_register+0x2ec/0x9c0 [ 1679.624658] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 1679.625407] __do_sys_io_uring_register+0xfbd/0x2210 [ 1679.626103] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1679.626883] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1679.627665] ? fput+0x2f/0x1a0 [ 1679.628147] ? __pfx___do_sys_io_uring_register+0x10/0x10 19:39:56 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 16) [ 1679.628885] ? ksys_write+0x1a7/0x260 [ 1679.629573] ? __pfx_ksys_write+0x10/0x10 19:39:56 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 27) [ 1679.630159] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1679.630936] do_syscall_64+0x3f/0x90 19:39:56 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x207, 0x0) [ 1679.631459] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1679.632230] RIP: 0033:0x7f5ad5d87b19 [ 1679.632739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1679.635063] RSP: 002b:00007f5ad32fd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 1679.636069] RAX: ffffffffffffffda RBX: 00007f5ad5e9af60 RCX: 00007f5ad5d87b19 [ 1679.636997] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000003 [ 1679.637924] RBP: 00007f5ad32fd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1679.638855] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 1679.639785] R13: 00007ffc02a38a5f R14: 00007f5ad32fd300 R15: 0000000000022000 [ 1679.640766] [ 1679.688997] loop6: detected capacity change from 0 to 24 [ 1679.691228] loop5: detected capacity change from 0 to 96 [ 1679.722637] loop3: detected capacity change from 0 to 96 [ 1679.748155] sit0: entered promiscuous mode 19:39:56 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, 0xffffffffffffffff) 19:39:56 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x4c, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @rand_addr=' \x01\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20040010}, 0x51) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r1) sendmsg$IEEE802154_ASSOCIATE_RESP(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000600)={0x14, r2, 0x1}, 0x14}}, 0x0) shmget(0x3, 0x3000, 0x800, &(0x7f0000ff9000/0x3000)=nil) 19:39:56 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3cf0ffff", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1679.852499] sit0: left promiscuous mode [ 1679.863824] sit0: entered promiscuous mode [ 1679.864964] sit0: left promiscuous mode 19:40:08 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 26) 19:40:08 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x300, 0x0) 19:40:08 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(0x0, 0xb) shmat(0x0, &(0x7f0000ffd000/0x3000)=nil, 0x1000) shmctl$SHM_LOCK(0x0, 0xb) shmat(r0, &(0x7f0000ffc000/0x1000)=nil, 0x2000) shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000380)=""/4096) 19:40:08 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 28) 19:40:08 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 17) 19:40:08 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, 0xffffffffffffffff) 19:40:08 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:40:08 executing program 7: sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, 0x0, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x28}}, 0x40810) shmget(0x2, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000000)="9698a52c8d", 0x5}, 0x68) shmat(r0, &(0x7f0000ffb000/0x3000)=nil, 0x5000) [ 1692.146348] loop3: detected capacity change from 0 to 96 [ 1692.179796] loop5: detected capacity change from 0 to 96 [ 1692.185687] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1692.196221] loop6: detected capacity change from 0 to 24 19:40:08 executing program 7: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x1, 0x0) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r4, 0x5) readv(r4, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) fsmount(r4, 0x0, 0x3) r5 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r5, 0x5) readv(r5, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_GET_SURVEY(r5, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, 0x0, 0x100, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x9, 0x21}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x44084}, 0x1) shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) 19:40:08 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:40:08 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 29) 19:40:08 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 18) 19:40:08 executing program 2: r0 = epoll_create(0x4) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, r0) 19:40:08 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 27) 19:40:08 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x702, 0x0) [ 1692.294513] loop5: detected capacity change from 0 to 96 [ 1692.297198] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1692.323490] loop3: detected capacity change from 0 to 96 19:40:08 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1692.367511] FAULT_INJECTION: forcing a failure. [ 1692.367511] name failslab, interval 1, probability 0, space 0, times 0 [ 1692.368388] CPU: 0 PID: 9748 Comm: syz-executor.0 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1692.368881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1692.369378] Call Trace: [ 1692.369543] [ 1692.369691] dump_stack_lvl+0xc1/0xf0 [ 1692.369943] should_fail_ex+0x4b4/0x5b0 [ 1692.370214] should_failslab+0x9/0x20 [ 1692.370461] __kmem_cache_alloc_node+0x5b/0x310 [ 1692.370771] ? kvmalloc_node+0xaa/0x200 [ 1692.371033] ? __kmem_cache_free+0xd1/0x2f0 [ 1692.371317] ? kvmalloc_node+0xaa/0x200 [ 1692.371579] __kmalloc_node+0x4d/0x160 [ 1692.371842] kvmalloc_node+0xaa/0x200 [ 1692.372100] io_sqe_buffer_register+0x20d/0x1660 [ 1692.372443] ? _copy_from_user+0xff/0x180 [ 1692.372714] ? __pfx_io_sqe_buffer_register+0x10/0x10 [ 1692.373040] ? kasan_set_track+0x25/0x30 [ 1692.373301] ? __kasan_kmalloc+0x7f/0x90 [ 1692.373568] io_sqe_buffers_register+0x2ec/0x9c0 [ 1692.373878] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 1692.374222] __do_sys_io_uring_register+0xfbd/0x2210 [ 1692.374545] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1692.374912] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1692.375280] ? fput+0x2f/0x1a0 [ 1692.375510] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 1692.375853] ? ksys_write+0x1a7/0x260 [ 1692.376103] ? __pfx_ksys_write+0x10/0x10 [ 1692.376386] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1692.376733] do_syscall_64+0x3f/0x90 [ 1692.376978] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1692.377306] RIP: 0033:0x7f5ad5d87b19 [ 1692.377542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1692.378624] RSP: 002b:00007f5ad32fd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 1692.379089] RAX: ffffffffffffffda RBX: 00007f5ad5e9af60 RCX: 00007f5ad5d87b19 [ 1692.379520] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000003 [ 1692.379953] RBP: 00007f5ad32fd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1692.380394] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 1692.380825] R13: 00007ffc02a38a5f R14: 00007f5ad32fd300 R15: 0000000000022000 [ 1692.381273] [ 1692.386208] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1692.399551] loop6: detected capacity change from 0 to 24 19:40:20 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xf00, 0x0) 19:40:20 executing program 2: r0 = epoll_create(0x4) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, r0) 19:40:20 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 28) 19:40:20 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 19) [ 1704.280493] loop6: detected capacity change from 0 to 24 19:40:20 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) r2 = getgid() setresgid(0xffffffffffffffff, r2, 0x0) r3 = getgid() setresgid(0xffffffffffffffff, r3, 0x0) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2, 0x0, r3, 0xffffffffffffffff, r2, 0x0, 0x8}, 0x0, 0x6, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) r4 = getgid() r5 = getgid() setresgid(0xffffffffffffffff, r5, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r6, 0x0) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002c00)=[{{&(0x7f0000000040)=@abs, 0x6e, &(0x7f0000000540)=[{&(0x7f00000000c0)}, {&(0x7f0000000100)=""/34, 0x22}, {&(0x7f0000000140)=""/76, 0x4c}, {&(0x7f00000001c0)=""/63, 0x3f}, {&(0x7f0000000200)=""/54, 0x36}, {&(0x7f0000000240)=""/172, 0xac}, {&(0x7f0000000380)=""/63, 0x3f}, {&(0x7f00000003c0)=""/237, 0xed}, {&(0x7f00000004c0)=""/120, 0x78}], 0x9, &(0x7f0000000600)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x60}}, {{&(0x7f0000000680)=@abs, 0x6e, &(0x7f0000000980)=[{&(0x7f0000000700)=""/111, 0x6f}, {&(0x7f0000000780)=""/149, 0x95}, {&(0x7f0000000840)=""/12, 0xc}, {&(0x7f0000000880)=""/213, 0xd5}], 0x4, &(0x7f00000009c0)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x40}}, {{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000a00)=""/143, 0x8f}], 0x1, &(0x7f0000000b00)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x138}}, {{&(0x7f0000000c40)=@abs, 0x6e, &(0x7f00000010c0)=[{&(0x7f0000000cc0)=""/217, 0xd9}, {&(0x7f0000000dc0)=""/132, 0x84}, {&(0x7f0000000e80)=""/105, 0x69}, {&(0x7f0000000f00)=""/245, 0xf5}, {&(0x7f0000001000)=""/154, 0x9a}], 0x5, &(0x7f0000001140)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @cred={{0x1c}}], 0x98}}, {{&(0x7f0000001200), 0x6e, &(0x7f0000001440)=[{&(0x7f0000001280)=""/212, 0xd4}, {&(0x7f0000001380)=""/190, 0xbe}], 0x2}}, {{&(0x7f0000001480)=@abs, 0x6e, &(0x7f0000002a40)=[{&(0x7f0000001500)=""/4096, 0x1000}, {&(0x7f0000002500)=""/47, 0x2f}, {&(0x7f0000002540)=""/39, 0x27}, {&(0x7f0000002580)=""/169, 0xa9}, {&(0x7f0000002640)=""/50, 0x32}, {&(0x7f0000002680)=""/218, 0xda}, {&(0x7f0000002780)=""/104, 0x68}, {&(0x7f0000002800)=""/218, 0xda}, {&(0x7f0000002900)=""/8, 0x8}, {&(0x7f0000002940)=""/194, 0xc2}], 0xa, &(0x7f0000002b00)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000002b40)=@abs, 0x6e, &(0x7f0000002bc0)}}], 0x7, 0x0, 0x0) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000002dc0)={{0x3, 0x0, r5, r6, r7, 0x3}, 0x7, 0x7f, 0x4eaa, 0x8, 0x0, 0x0, 0x3ff}) setresgid(0xffffffffffffffff, r4, 0x0) setresgid(r4, r3, 0xee00) shmat(r1, &(0x7f0000fff000/0x1000)=nil, 0x5000) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) 19:40:20 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:40:20 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 30) 19:40:20 executing program 7: shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) mmap$perf(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2, 0x4010, 0xffffffffffffffff, 0x1) r0 = getpgid(0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x46, 0x70, 0x4, 0x4, 0x0, 0x3f, 0x40000, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xffffffff, 0x0, @perf_bp, 0x14515, 0xffff, 0xff, 0x5, 0x1, 0x4, 0xc, 0x0, 0x8000, 0x0, 0x3f}, r0, 0xb, 0xffffffffffffffff, 0x1) [ 1704.307827] loop3: detected capacity change from 0 to 96 19:40:20 executing program 2: r0 = epoll_create(0x4) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, r0) 19:40:20 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x1300, 0x0) [ 1704.351468] loop5: detected capacity change from 0 to 96 [ 1704.354788] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:40:20 executing program 4: r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) 19:40:20 executing program 7: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) ftruncate(r2, 0x5) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) [ 1704.395232] loop6: detected capacity change from 0 to 24 19:40:20 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) (fail_nth: 29) 19:40:20 executing program 2: r0 = syz_io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:40:20 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 20) 19:40:20 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 31) 19:40:20 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x1800, 0x0) [ 1704.466075] FAULT_INJECTION: forcing a failure. 19:40:21 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3cffffff", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1704.466075] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1704.467864] CPU: 0 PID: 9789 Comm: syz-executor.0 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1704.468956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1704.470038] Call Trace: [ 1704.470393] [ 1704.470707] dump_stack_lvl+0xc1/0xf0 [ 1704.471244] should_fail_ex+0x4b4/0x5b0 [ 1704.471829] _copy_to_user+0x2e/0x150 [ 1704.472367] simple_read_from_buffer+0xd0/0x170 [ 1704.473021] proc_fail_nth_read+0x19c/0x230 [ 1704.473627] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1704.474285] ? security_file_permission+0xb5/0xe0 [ 1704.474965] vfs_read+0x260/0x940 [ 1704.475464] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1704.476122] ? __pfx_vfs_read+0x10/0x10 [ 1704.476709] ? __fget_files+0x270/0x480 [ 1704.477283] ksys_read+0x12b/0x260 [ 1704.477789] ? __pfx_ksys_read+0x10/0x10 [ 1704.478369] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1704.479102] do_syscall_64+0x3f/0x90 [ 1704.479630] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1704.480340] RIP: 0033:0x7f5ad5d3a69c [ 1704.480845] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1704.483203] RSP: 002b:00007f5ad32fd170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1704.484207] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5ad5d3a69c [ 1704.485156] RDX: 000000000000000f RSI: 00007f5ad32fd1e0 RDI: 0000000000000004 [ 1704.486092] RBP: 00007f5ad32fd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1704.487038] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 1704.487973] R13: 00007ffc02a38a5f R14: 00007f5ad32fd300 R15: 0000000000022000 [ 1704.488955] [ 1704.495326] loop3: detected capacity change from 0 to 96 [ 1704.510851] loop6: detected capacity change from 0 to 24 19:40:21 executing program 2: r0 = syz_io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:40:21 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 21) 19:40:21 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x2000, 0x0) [ 1704.585174] loop5: detected capacity change from 0 to 96 19:40:21 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0xa000)=nil, 0x4000) shmctl$SHM_LOCK(0x0, 0xb) shmget(0x1, 0x3000, 0x1000, &(0x7f0000ff9000/0x3000)=nil) [ 1704.603787] loop3: detected capacity change from 0 to 96 19:40:21 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:40:21 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x3f00, 0x0) 19:40:21 executing program 2: r0 = syz_io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:40:21 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) r1 = shmget$private(0x0, 0x1000, 0x78000000, &(0x7f0000ffe000/0x1000)=nil) shmctl$IPC_RMID(r1, 0x0) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) 19:40:21 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 32) 19:40:21 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 22) [ 1704.700178] loop6: detected capacity change from 0 to 24 [ 1704.719689] loop3: detected capacity change from 0 to 96 [ 1704.720124] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1704.761526] loop5: detected capacity change from 0 to 96 19:40:35 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:40:35 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 33) 19:40:35 executing program 2: r0 = syz_io_uring_setup(0x650f, 0x0, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) [ 1719.408929] loop5: detected capacity change from 0 to 96 19:40:35 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xcb00, 0x0) 19:40:35 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmget$private(0x0, 0x1000, 0x200, &(0x7f0000ffe000/0x1000)=nil) shmctl$SHM_LOCK(r0, 0xb) 19:40:35 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 23) 19:40:35 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:40:35 executing program 7: shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmget(0x3, 0x4000, 0x40, &(0x7f0000ffa000/0x4000)=nil) shmctl$SHM_LOCK(r1, 0xb) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080)=0x0) r3 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x3]}, 0x8) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x7f, 0x32, 0x0, 0x0, 0x0, 0x9, 0x2100, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x5, 0x2, @perf_config_ext={0x5}, 0x15, 0x7, 0x5, 0x1, 0x6, 0x4000000, 0x6, 0x0, 0x5, 0x0, 0x9}, r2, 0x9, r3, 0xb) shmctl$SHM_LOCK(r1, 0xb) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmat(r0, &(0x7f0000ffb000/0x4000)=nil, 0x4000) [ 1719.429627] loop6: detected capacity change from 0 to 24 [ 1719.440650] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1719.444831] loop3: detected capacity change from 0 to 96 19:40:36 executing program 2: r0 = syz_io_uring_setup(0x650f, 0x0, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:40:36 executing program 4: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/block', 0x40007dd693414ef4, 0x1) r1 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) r3 = openat(r2, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r3, 0x5) readv(r3, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={r3, 0x9, 0xfffffffffffff801, 0x80}) r4 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r4, 0xb) ioctl$SNDRV_TIMER_IOCTL_STOP(r3, 0x54a1) fsmount(r1, 0x0, 0x79) shmctl$SHM_LOCK(0x0, 0xb) 19:40:36 executing program 7: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x1, 0xa) r1 = fsmount(r0, 0x0, 0x0) r2 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r2, 0x5) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) recvfrom(r2, &(0x7f0000000000)=""/206, 0xce, 0x40000120, &(0x7f0000000100)=@hci={0x1f, 0x2, 0x1}, 0x80) sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f00000012c0)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001280)={&(0x7f0000001180)={0xe0, 0x0, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x60, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x12bd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3f1}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xd28}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}]}]}, @TIPC_NLA_BEARER={0x3c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @empty}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x3f, @mcast2}}}}]}, @TIPC_NLA_MEDIA={0x30, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x401}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}]}]}]}, 0xe0}, 0x1, 0x0, 0x0, 0x20004410}, 0x40054) 19:40:36 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:40:36 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 34) [ 1719.614400] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1719.643973] loop5: detected capacity change from 0 to 96 [ 1732.473460] loop3: detected capacity change from 0 to 96 19:40:48 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) 19:40:48 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:40:48 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x2, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:40:48 executing program 7: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)={0x158, r0, 0x620, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x27e}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xd81}]}, @TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffff334}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x2}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xdce}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x42b}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfdf1}]}, @TIPC_NLA_MEDIA={0xac, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x69fb6baf}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x30}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x40}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x101000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffff80}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffff71}]}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x36}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1ff}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x81}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x96}]}]}, 0x158}}, 0x10) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="43349c1d71d3a5e07cd6df2b7fccde4871057c6efb3e23a8583f8b06e8a78c4a087c445e03eccb926280eabb02de9e68526480a10b8249db57f0cafe358b3b346d5d5cc9b044f755cbcfc1de92fc23d86527c1afe7c5e2198bbb2a17c83d2b4425c862f62443d2aa65339b07f5305df22b0d841455ea60948561e067b18b42f6b16c731929240955283fc7683cbf313a585f7f92dd4ba6c8cc22c0be348c7017af87caa4953c477c2220c1122d2626e3727993334cc11a6e97686003bd602501a6e426c3", 0xc4}], 0x1, 0x0) shmget(0x1, 0x2000, 0x20, &(0x7f0000ffb000/0x2000)=nil) 19:40:48 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 24) 19:40:48 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xf000, 0x0) 19:40:48 executing program 2: r0 = syz_io_uring_setup(0x650f, 0x0, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:40:48 executing program 4: r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) [ 1732.489924] loop6: detected capacity change from 0 to 24 [ 1732.499319] loop5: detected capacity change from 0 to 96 19:40:49 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x3, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) [ 1732.509891] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:40:49 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 25) 19:40:49 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10040, 0x0) 19:40:49 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x2, 0x0) [ 1732.607458] loop3: detected capacity change from 0 to 96 19:40:49 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:40:49 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:40:49 executing program 4: shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) r0 = shmget(0x3, 0x4000, 0x200, &(0x7f0000ffc000/0x4000)=nil) shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x6000) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) [ 1732.631340] loop6: detected capacity change from 0 to 24 19:40:49 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x4, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) [ 1732.652713] loop5: detected capacity change from 0 to 96 19:40:49 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 26) [ 1732.682350] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:40:49 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x80000, 0x0) [ 1732.735889] loop3: detected capacity change from 0 to 96 [ 1732.752536] loop6: detected capacity change from 0 to 24 19:41:03 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) r1 = shmget$private(0x0, 0x4000, 0x20, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ff6000/0xa000)=nil, 0x3000) 19:41:03 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x3, 0x0) 19:41:03 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 27) 19:41:03 executing program 7: shmget(0x1, 0x3000, 0x4, &(0x7f0000a4c000/0x3000)=nil) mremap(&(0x7f0000a4e000/0x4000)=nil, 0x4000, 0x3000, 0x6, &(0x7f0000a4e000/0x3000)=nil) r0 = shmget(0x2, 0x4000, 0x1, &(0x7f0000a4d000/0x4000)=nil) shmat(r0, &(0x7f0000a51000/0x1000)=nil, 0x0) shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) 19:41:03 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x5, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:41:03 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x0, &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:41:03 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:41:03 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xf0ffff, 0x0) [ 1746.611963] loop3: detected capacity change from 0 to 96 [ 1746.617598] loop5: detected capacity change from 0 to 96 [ 1746.617674] loop6: detected capacity change from 0 to 24 [ 1746.622089] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:41:03 executing program 7: r0 = shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$IPC_INFO(r0, 0x3, &(0x7f0000000000)=""/88) 19:41:03 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x1000000, 0x0) [ 1746.722819] loop6: detected capacity change from 0 to 24 [ 1760.880210] loop6: detected capacity change from 0 to 24 [ 1760.887378] loop5: detected capacity change from 0 to 96 [ 1760.902922] loop3: detected capacity change from 0 to 96 19:41:17 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x2000000, 0x0) 19:41:17 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x4, 0x0) 19:41:17 executing program 7: msync(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x7) madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb) 19:41:17 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x6, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:41:17 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x0, &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:41:17 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:41:17 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r1, 0xb) shmctl$IPC_INFO(r1, 0x3, &(0x7f0000000000)=""/7) shmat(r0, &(0x7f0000fff000/0x1000)=nil, 0x4000) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r2, 0xb) shmctl$SHM_LOCK(r2, 0xb) shmctl$SHM_LOCK(0x0, 0xb) r3 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r3, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r3, 0xb) shmat(r3, &(0x7f0000ffd000/0x3000)=nil, 0x4000) 19:41:17 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 28) [ 1760.908616] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:41:30 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 29) 19:41:30 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:41:30 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) r1 = shmget$private(0x0, 0x2000, 0x80, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_STAT_ANY(r1, 0xf, &(0x7f0000000000)=""/118) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) 19:41:30 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x3000000, 0x0) 19:41:30 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x7, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:41:30 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x0, &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:41:30 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x5, 0x0) 19:41:30 executing program 7: recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002ac0)=[{{&(0x7f0000000000), 0x6e, &(0x7f00000005c0)=[{&(0x7f0000000080)=""/84, 0x54}, {&(0x7f0000000100)=""/230, 0xe6}, {&(0x7f0000000200)=""/158, 0x9e}, {&(0x7f00000002c0)=""/166, 0xa6}, {&(0x7f0000000380)}, {&(0x7f00000003c0)=""/86, 0x56}, {&(0x7f0000000440)=""/110, 0x6e}, {&(0x7f00000004c0)=""/200, 0xc8}], 0x8, &(0x7f0000000640)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000000680), 0x6e, &(0x7f0000001b40)=[{&(0x7f0000000700)=""/4096, 0x1000}, {&(0x7f0000001700)=""/84, 0x54}, {&(0x7f0000001780)=""/99, 0x63}, {&(0x7f0000001800)=""/63, 0x3f}, {&(0x7f0000001840)=""/197, 0xc5}, {&(0x7f0000001940)=""/115, 0x73}, {&(0x7f00000019c0)=""/21, 0x15}, {&(0x7f0000001a00)=""/132, 0x84}, {&(0x7f0000001ac0)=""/64, 0x40}, {&(0x7f0000001b00)=""/39, 0x27}], 0xa, &(0x7f0000005080)=ANY=[@ANYBLOB="1c0000000000000001000000020000006768fcfb5a285b0dfce071690bd3506c702ee2a75f06346f5a88c8b1f0c51ff7a2943a9e89c9789c1fd53385aaac0a3276fd6e4ce60be5f583c950f237e901cd86690462ba16aea4a88134c21e70f18372ddc69b1cf4fc48c89f8d4b2c0fdf8e5cfd7e89aa175e3d1301256b352a4dce86fc8684f60b25a3f80e5b685602a4294dbbe44b6ef7dd80f660a21914e0c511bce950c790f4910843d21c5f1ae9d926f03996e386213e07", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x78}}, {{&(0x7f0000001c80), 0x6e, &(0x7f0000001e80)=[{&(0x7f0000001d00)=""/10, 0xa}, {&(0x7f0000001d40)=""/140, 0x8c}, {&(0x7f0000001e00)=""/85, 0x55}], 0x3, &(0x7f0000001ec0)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xf0}}, {{0x0, 0x0, &(0x7f00000020c0)=[{&(0x7f0000001fc0)=""/115, 0x73}, {&(0x7f0000002040)=""/76, 0x4c}], 0x2, &(0x7f00000051c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000044a187fda1f12744f516196bfec8084e09492222be22040a7e0a8d7bddd840024d2759f8dbe22d9e0b4d8f8ced5e2038015d24a99ff8046080727e2ae76c599e37aa355876c1188e9b21edc0d7d0f5f2802309a94d5e6c853d84bbb503fa88a18d2a8a7a31127809b174e9530584b5cdf07850bdd21036640d6844bd39dd34219362b25e03f2022bea68e63d84f078ed640b1b83eb3fd03da4541f6b7a755e2f0b78ec9bd8c5eeedde1d0087d79f0467b3e5fea5592bb7f53bc061da8fdee7ebf49add244c41c1b45a7522cd92cb5eacf8b73c1d61809e2e1d1e442346e33d2999e84463851783436db5abff361ce53f45c3e786e828bb9152009e77e6405262def2d0909a237665611a92002e9d336afe0747161c4beeec7c699905fe17eea10388fb394c22f7d7f03290549bb0e9d1b0a8c9d0ed93c3b0b43117c0d8ad0fd6e7a8f50c932126adb17b354e4f67afa10e05c006d1be1d2638261e31e8e8d134e183eadd6eef1dc208644db3a71d5bbba18475fbccf1009fe4aa92bd876e3d33f739194bb431fbb5a5478cf50df4290f60d9dac728502e290a8e25539c8fdbd3cd74b15ec8e0388fbdf544eefb4fe0ac724584cf2061db8c4c6ee385f9ea7d352d847ba5c4c495a68d8c9475cf9f42bd334527383cbdea87c8a7759744874a70602c8a1a9ccdcd5d417b3d9a0db098af6451c96a3c30f541418938541f4fddeacce5df"], 0x50}}, {{&(0x7f0000002180), 0x6e, &(0x7f0000002200), 0x0, &(0x7f0000002240)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xf0}}, {{0x0, 0x0, &(0x7f0000002380)=[{&(0x7f0000002340)=""/6, 0x6}], 0x1, &(0x7f00000023c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x78}}, {{&(0x7f0000002440), 0x6e, &(0x7f0000002940)=[{&(0x7f00000024c0)=""/137, 0x89}, {&(0x7f0000002580)=""/21, 0x15}, {&(0x7f00000025c0)=""/143, 0x8f}, {&(0x7f0000002680)=""/127, 0x7f}, {&(0x7f0000002700)=""/166, 0xa6}, {&(0x7f00000027c0)=""/57, 0x39}, {&(0x7f0000002800)=""/238, 0xee}, {&(0x7f0000002900)}], 0x8, &(0x7f00000029c0)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd0}}], 0x7, 0x0, &(0x7f0000002c80)={0x77359400}) fchown(0xffffffffffffffff, r3, 0x0) r8 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0) r9 = fsmount(r8, 0x0, 0x0) openat(r9, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) r10 = socket$inet6(0xa, 0x3, 0x0) r11 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r11, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0) r12 = openat(r5, &(0x7f0000001c00)='./file1\x00', 0x1, 0x2) r13 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r13, 0x6, 0x0, 0x0, 0x0) r14 = fsmount(r13, 0x0, 0x0) openat(r14, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) sendmsg$GTP_CMD_DELPDP(r12, &(0x7f0000005440)={&(0x7f0000001c40)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000002140)={&(0x7f0000002100)={0x34, 0x0, 0x8, 0x70bd27, 0x25dfdbfe, {}, [@GTPA_VERSION={0x8}, @GTPA_PEER_ADDRESS={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @GTPA_NET_NS_FD={0x8, 0x7, r14}, @GTPA_MS_ADDRESS={0x8, 0x5, @broadcast}]}, 0x34}, 0x1, 0x0, 0x0, 0x20044010}, 0x4000004) fsmount(r11, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) sendmmsg$unix(r9, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000004040)=[{&(0x7f0000002cc0)="60018c0320ddfc6d3dab662d17b78db18260a8178d667ebe1c2191d4b75369e685c4def1a4fd14cf65a3fdc9ceb630a8b4601802f95a1312a1ce256af64957db7601f4800b20f176c4e3e62b23226bcc11854478e1f67705ff4acfd3d436908f36f16e17997b", 0x66}, {&(0x7f0000002d40)="2d3b7f48342b1a0096c078feb251aa19f7a3627d5c468e78c69de97fc445d69a00ec7c3c2815711d9bf8d72618e9652c0a2fed3cf14694bb371493f62cd84c7f466b19a6568cbd11f1c4083da85c1de76456489fe47d5b4d3de1e943fce249b3bb00ee4024063c0bc555c3c0c9f69217eafdc9a51186baa582b96beaf5b32558", 0x80}, {&(0x7f0000002dc0)="9ffcb87d02dc5bb74b00ee423709a2b9337f25a704c39a4e5e6cb791a078874de92edd1b121040a0fc6e253cfe27fbb9a6e51bbee04f307ef0b7d5ab2035b228b4314c214a1090017b688d2514374c5e8d425147818887fb5f52a67a3f6f8d3b79bcca7a0a16b088fed5a8f649539268b664bf492d5b2c41c54a7b430f7612fbab73a49617a699105cb3d3b98ea84b214f18cb2cb7c204bddb822648b1ff299ce029dfb2d0a4b5245637351fe2d4177985ec4a", 0xb3}, {&(0x7f0000002e80)="faf9ee43fb4562edef06e2a81aa0296df145018af070fcb744deeb2310a1a2cd87457f4d6e09ea79b2679b90e2d1e1569c3ac1f00b39d9681756f80e8fe67181d463e8b39186e6d97ecfa53595f56d872a041e3193a74f693e3ebf5e65093eb01c232e3839b6436de856c3a5a0141502de756daf4da91f59ce5e3f7e29f613b9c991894fac312b28dadf4d3134eec4781f4e78bbecefd1b7cc2ee8ce6ac922ecbfb2634a2906261dd71e204d32b4581d1b9a88489f7d3cdab512e246232a7c9619d166fb43e6a2b080a91f431541a9d572baa844099765a04bc94f14592a5bf5983e0e7183385c8c711ad87fc0808ccfc4fd18ee94c717d76a20e5370455b3c524c04548adf902c9ff3a9bf0b85c67b2cfdcf06548fb8f32c0c43d7238519297848ac0c6fd709e38368c12173d1137634586f7d0f787018ddc30c4e11e5b987f3f1cfe06c6a539c6e4547f0d80ad826959fb7cd119be9016c7bac1ebca512c811a2131f77e13eeba83e5944b1c77fa02b85acc8a55201b99b5883b4001ed51f6ec21724ff900651f480f8345bb34bc687d895a7fe2c41c28f280f0d3ecd9707ee309432ce04421976b6c2aa14c6da67ea30bb3528c6010c9d60b9e46f53678f36b7a0640d93ff5c3289f41c062363bbd37163f8b37410d9e6a278f3b01f691da5463717df02acc17c9fffb9b35a33aebf613a69b969770a8ebff5d2ac6420914cb2450be68d337a412e3dcb0b20f6c644e2295ed3ef74d9431b69e5a3ae6b794f394266ba95871a22d6b37e2094ff72ca7e03e947f8b18e95a85a5de43f5d33c2121091d19a9872a29bc59a393efff4da496543426a97a503f6a40c9efed037c62473e77177bab801da962db8cf3be1ec61bab21677aca33996f08a5ecbf44824737a73a94409acd0151181e12e344ee30ae117d88d3687c75401e122b2cb591cc653cec06c89d9af898b586c859609b82023bd7d430ae60d52acb8fab8a1dc3a1d243ed08cfcef81f99b13f5a0a395668d92a53e9f899c422671e6ab676ef044ec066ecbd636ae87eb759c429c66eb028cd1f5d6cc1e19945b2ce6565588ffa9e5a5ecfa1bdb548c70b4d8fde1f5f24ae546cf03ba4aeedb7f42affda2fa58636b41ed9d4e1a7cd3e50f9b49ce3bc2a4e9cd930030ef9bc6c7c80910c6445906ab551c1cddc1889043304665fd0c5983a390f9de53080f24a0ff35df947b4230eeade012d28727a8bdb5bf925579fd25952ad8672a7ae6c455a1c9b2d1f8a42a987e2a89105b301c0ac8646b624238a093f089fc295ce76fec5323779aa62830b2fb5d823c2994dd1f44e9ebfae960f8c493756aa96df6454b9847fd7f5db7abcb3f9b9eac2eb32466a76e706a58cd61d6d5c990e236984805adab22cac012678db2823544e18e2d3a5adda9e73df6d8ea94048b0d98b5d686f8a459d9a4451b96cf900a28e584d056f531ad30bd6330551adea30b2868b53665142c65712cb9eb59446303068d78cf8b58c3516ecdc9d7640561ae27f12f5cd8bfbaa2ebd108ebf19c95acf25c3bc6718b53446503ca41051e8583d850389625dcba868e491bd8bf878711cd592d527bfa66d65ac0346a4d81df97abda3302a3595e0ddeb93677fbe56dfe44adcd87d3c26eb254b3222e71c6234aaef0d86668ac93c8a6144ab125d21484ac0f8335769c62679f707195f63db819d13d9b712be3d8cc32bf856cac04fd15617fc0eb79511729513a29667d46134b5f684a14e0f62a64b28d40ec5a8f1d9a8f16ad59978ec96719a32d48a58b1f6bccb8d23f1b7d9075404abd2cb9546114e7484f51ef5539ffe35c653f543cd3051ee2e77d0fffea4f0ce7805493fb5b9ffaaa62504a5ab4d00ae7ba4c9087e3fcaf48a3faa626c02251b3b9d0362feb984cafdc94e92b4c119dee5ddad1d868a3c686b758acd7d0ec440ef9702e0f3a50e854c0ed6f23ceb088d92e52a7b331c1f098c8700269ad513ebe2b7657dacfea148fbf32aded2789c08392f40b0c164d8a0b658580e488b31b5b5e774a9e93e4d34f4408bcce99a01229b7ebbaf4252c93c0a0726b5620dda9d06f1f7619103f4189eb4130ce4942b96844b035133f680c25c562b53c230fdd8bc2a79106667e7b6b6302795c687c9d5311316656b87a81ff03007d0f297f9f4a6628a627b74900a9d82719077879d6390f50a213fddf1b3c93d7a9dcd497b79f17a4dae2e901c833598edb706a431c7ece662e24dd922832b0000b7d2574f262756cdec5dcd57acc82fec8401dfe292a9e4de4c13d845e2336c5494304e056a9852d7adbf14e3896edbc9a4a088e5f7464144ec11a52c99d9b26018b993fed32c477970ac6485f795853c8d5cb1c2ef8859f8bb978e7eb33ec97f25890036ac97f949090a908a9c5d1d710e438fdc6e59c6395d0227c350bd579d5775527f92e0267733215e285c1231c7cd22c7badde4aaca145b0cc09749c9eaa8ecc17fbffd0409593017415c9bd993523ee77b2ffba446db451156f53d1dbbf1d150e90e80437038aeb647a0524799cef66c8f000e06c565e4198769c1af41af1c3bb396ba5bb55af396f5edc181d28b10635d1d10584faee3e386a12583a8505e51cd05d5b18f53bcf6cb8d59c479ec4d43f281fbb1ae7fe31a99e4cfbae7c58b56e38d657479255e614cc9d75162a8342e83ccbe8d95a4de110311003edbc84991575dfd8f80faa61150d2bfdd580b66b9427978f550f7af76590f3640e8a89081ccfd8d8cbcf6751c597b7d8c5b34e7a2df1c8a4516cf9446f9f612e7eaee1c07d0cb055ba62c0210ad105e9349da427ddf12780aa2aa504168b5e3135861a235b39d9549277613fc55bc8b73a8bc2188cab9ee3eb4cbbe09b8f7b5f3e8dcdd709c31166f4d301992454b36c8eaa58cd373848d3bf3b28b77f352a779fcfbdbd10995f205675769d831261dd5bb254448d137e1bdace95173595244edd494bc0d3b1a478969b515cb9a3dd24d196ed82826fe18eb16fbda6415bbbd61946c84473799e385142af373243667414a5f4d28ba74837096b9034f14160651ef30f2afa875460b3cc434fb9538aaeef6e16d7a5843445f72cdd4c8957cd3bf952a63b5df69d046e1aec50622223e22c4ea88721476e26cd9cfcebafe8ce8d1218b82ed0d776e61f3d6e478d067d1dc8c8a7702ff160c4a47b8d22faa86c3bfac026e40510b5af17a4e0fd538fe3a20a0b51265253cf68e05bf0591b093850a9931bc583561b23747bf5c49a6151426012b6cb9def5f750cc4f57dde303a2d41f5ff70b6653ab046e1411b3d305846f461fc395afed3fbc1ac2642a707bf0077da7e7c407cf3ceb17dd0192cff42cd83f137c383c36bf8e64aec66cc0d75a8d3eeabec136a7428924c4b122056803562f8bd81347459fa9eaf8437bdce5e5a8f0669a00be74cf38ca8950f83dd697d9ddff934fcdb9cd95ba1fa7ba9cbabc533e54333a7f2df4d3b32fc3a056ee404dace36d5636db1b7fc5c5c85eebf2dc26e850416b0079ea5c9137301b84d6dd4b7a55ba06b9cb050406d2e7e789d0a6aca4d51bce60fca68d45edc9220169641bca13bcb0baca00abe92ac569e46e3e23c93036df62b3c8b2857adc5e0d2d20e13f81d49c74c0a7c906dc06553fb8fdff141e323c85e3519e7ccf5f04ed4296ecae62ddd61dde5d4eafbf567968b718ddd0e9557732453767332ebfb9e6fbef98c49f30b27df50df1b6d6e7b98985e714b41d83186953a60cbe7e410cb8f79f4432cabe3246c3e2353caf3ca474ace200520b5ce2a83a4b070054d075a2fabaa1ce34af6c38a0327c221bfda94a82c46b6e990dce6a1542374bd0ea42f76e07d5c1177c593998190bce8e94d95c134fd5b9312aa5ef1a602fa9b938ec94533327853679fbe083ea8116948745318b28cc7b6c05637bffd742c93acd7c2034bf9c8e12507311a45c185b19b65e9fd529f9452ec99c1a8a10e259ae30e88b2391030d51a34b55451fa2825435dbeaf6ff416dc16ee114e3219a9feb54d6bd11948a898b213253922e98564ffe098ab00143ef1ca22fe277d0d89dbe948e78a3d7b992e34f7ab329d33c2738bf6f4d6c0689c981f76513302d55b0131f8dcf9dabe93f21d7610e60a3735c155b240f5bcbbfa42ad52485f2c8514a4d630faaf91b291f16a00bcfe8f766ca647e41f092023848b5f8b63b758c495a23adcd9d775a047fead14a0529a3a7e5123dab1952fc46c080d8b3017b223dd080b099425f6a7f60924472eb8fc34b27ec3415d27afc248e20373870b0bcb40a668dc41cc96406cc0fbcd21c4995916170f56937dd87fef0c14dd0a106770f471fb90c4de022d6dcb385ff773609d5a7210c1cda68497a534ebda3c540a1b0d9b36fb9b2c7417a9628c827ad19e8286c87d2dea763be3960a55a812ef91f738620720073eecccb56abcd5cf9e222b902622779fdb6c6a0eac9c3b12d7cdc58b70396cc9d6d4e450a9e1d6c25bbf93432b6685f46cd9cc008725e5c455fff2042bc1a4966a6477a218101f303e2407710a0c7cbc7c3d6ec12748ed35107502a94891e653ddf2bc6d8796776ac4966431f41dd3652848b0f2102023b9dab366126271ef5a2b8962f107fb21e77e4b05eed0c252546245fbd8abd74edac3696c49ff861d7108d1bca583d8c70d8a22cded0070fd747e035d2a0d9de26e85f80e0624cb3edd83eb349156d1b8669ba11469ddbf816209cb5dc070658741ad765b28fe00ea16f0e8fcfb1cd4a9d26afc1b74561f8a144da94bde79c8b4427845cb1623904f31266004d4cb1196b258a127a8c3d7e11d59de812fa1f47e8e709c57b68334bb39c8fbad3f18d1418f74d1e5eacecdf81c29daebb07787f31504755981f868d2671da58264b29a4b1ee73f8556f41c6a5f967e93796c3b0e36ad3bbde36a52f3f6e9e7c68d062ef41fc2444776354f96bd14469f547d0de7ba6d99f17563fcfadd4fd6ecb31f964109c411f9276824b2e506e783a59e6a338103f35fbac501ccf1e624d7ed32ac944d5a49d60291e3a526a12c5648051f3c8e565eb87027dd5ac4fa1e4b4bd7223e34f8b0766f29ff7cc3fd48474c9ed201c028bf7e1c74d753b758a1b166e4c784304dd228d9fc4f6e01b6c321defe805ba4ee364cc1ed226146aa9e160cca36fa88ebc16bd2258a33bd19a64f10f9981ba719d9a5a99464acbf1f773c4c57f1fbe1ef0df6d9d7550251be60a0d22af30d95998fdf8111ca69148041744e4d0a02d4b386fc220f264348a3013b9cca6aad3ab0ee67f75e1413a94c5333fe36420aac68d8dbd415e1e2cf6353f663194141dbed87dfb7bfa2197d8208a7393643d04379f0dd1cebf9f157a71bd763d8f55a9709b61614f91cbb2d498e899bc5bd9a71b51b6469c731be393f44e60f361fe1a4b25ce32ea4783773295d89edde7c79f124ca80bc8dfb42731dab106b6bfadc18f85ec2d8d11949a85d60495f37c0c9700b3eae4eeec72bb60d447a5d4e339257a9aa1c285019b066d36368b5b7c58dd5c7bc134d42daa6df59f7c813aaaca57080e9d780ad5457c7984e3795e2b20ea7582e43736925c6a68a7d47bcb1ef4399683a36e4eab16c034aab6bbda6c4c57881a5043590abdea6cddc1fee07015c7b1a7ead2fc24e5779a8b7d606ae511cf5ebe8973bcf4f217d77cd72e5f2a4c07b48c09f5f18c11bbbcb00931f445ac0b6add372ae85a7be43486dc92ec13958d4b8c382d575be511efd397099fe241441c68f1d0a31536c519bdd07e5d6d3e447ad62f", 0x1000}, {&(0x7f0000003e80)="b38a820f5c1fc2e2a3fb3f909d3286e3b355bb9b8a1f6ebb636e79b163fe4b978c88259fa5e2ff1bd04a02ae1863afd93fe508fd105e7c97b41dd636ae96350abc911dad531bd09d270fc918facae1c0540618339ab6dc4e443e424802c3b1a9daf90fd95339f35d8e19e20f75901802a18451fef8ad677f4822766c64ab85abced2f484be42c74362f817b9104232448c312c66c8a5a3df279b3aede66e157f1f28944d3d8ea14f18a384c8650c2aa05fb612fe7c8cf9eba0836df81823ba06c0e30e4b409dae7ee96af8", 0xcb}, {&(0x7f0000003f80)="6b41b22da1c6be2be0241f06a468d548468eebc4e84bcbc0628d40e0c6bb4f581fbc8f7041038c64af49b5ed5303e767b2e550ca8b4dfdb3e37d1705d20793704b0af8a9bfc2768eb3d6ff62d4bc8b182ca77b8b76450f1e84acbf9a0d868231bdebad07fae315e37155c441e5631068f47b8b147ef096cdb9563ecf6f8d7d4a0950ee4f856c0e477dcfb87334984ae4126537869bf1d1789ea4ee568aeb54caa366d10bd3c0df", 0xa7}], 0x6, &(0x7f0000000380)=[@rights={{0x14, 0x1, 0x1, [r4]}}, @cred={{0x1c, 0x1, 0x2, {r0, r2, r1}}}], 0x38, 0x24000880}}, {{&(0x7f00000040c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000004740)=[{&(0x7f0000004140)="396ba721b122416fe26f1cd93bf578dab819d6150651304eb61670298be3c60cbca3b87fee9b0247538101e6d7578199982d7ba820f5ab2f53047958a1aa49ac307755f288b18d4b7d053429fbbf63f649c11913abdc77a45ca4fc2746637b5cde2f85cc91dbfd84fd5cc5b45ac8f36bd360e2693f0be7", 0x77}, {&(0x7f00000041c0)="8baf1252d7fc3119390b2746b3da8ca3fc9dda92ecb4c6b399e1a9d734b47d2a40a5d24e6ff33af79ab8a59e7a6915bddb715fe28bd12921cbf703d1cad0c8c5baf3222611403402126708ede99f6230eff6aa79a3de25c9eb21cdb833eddce192a5246bb31082de91ed7f83f6865d538983dcfa58fb304e1032f58d835d5798d4632d0319ce72663a00cc18bfd36476b9fced1b49c2d5c785893127b2597284f46dd833a2df5900", 0xa8}, {&(0x7f0000004280)="6afcb6fa84e865ae49258e501e9bcf39ffde348bdfb32d4da0fd2578bfc8b6950764c0ae722c0da5df38ebfc491ad9bbedbeb7ebddbc4628774c5de1ea44860cc30031aa1d880b72870029dbc79a7d5f8a8268c6af89677b18f4d48ff26686d115542e025d6c74fade123a8971fa00c6769fd3971c143da066f69cfe7ca0ede5913e", 0x82}, {&(0x7f0000004340)="f5cbf3cf01527152fd6dc0390fc5740e679b33d6703fa829839fb48feaf77843513038324595ecf39c20ee8b1fa78a0f37e9d9c05d1533ea0bd085de20276968f51095ba386c66c0ad007bfdce00d74ca30fefea42d6cae8c245ca3f7296c28e1f6f55ff7bb77260bcc4ec20e3633935818dbccd254263f4e625596e2a54060fab4fc26c1fcb53704910acd4bd94ae60b38fa2d9db4c90b9fb2f88b5962303d6d91b903fc31f213644deb2b6c300809b86f41e74567157a36accfbfc5da02708b7f73ca1520476b7004ad73c12", 0xcd}, {&(0x7f0000002200)="4614ee3993bccc9447891961d1d5eac79661bffdb18d020b9b877b", 0x1b}, {&(0x7f0000004440)="327cb60d1e448a42b2de6483b153c21cd8cc4610fd045c3f5e17904bca5c359a8b96f53b2e6e2ce082f71e8e48bebe0d223ac2c1642741449f8a93c3ab9b035c9f04f26482102e76af26ffc466a265ac4b87ad117bc67523c8cdcbb4a7b9929e52a90ec85f05ae73640179539ff567e3bdb3bd02f27bbc6bf895dfc61795103b5c7d814196663fafb985c8c5b2d6c04593282c2c0760ac4b0c4e15b3de8c5c073599b4cfba767c", 0xa7}, {&(0x7f0000004500)="5dc894a25b1be838e48f8afad40b9aa0ecf1bc0c12edbbd73a061fa90d35855b3710f7728927763997730f67372c39dd2d9bf3ae56cf241b758f2bde80ac04b20483b5d3f20c3b3080f55d14c8e4db68638189f8965db59df5e301bd222a4ccac2308fdf3ef3195f8a5bec562f878bcdb81f706f0baef994126e8749623e2aa29d9c0fca8de0b714a168c32f9808a71d747e18cb2684bcaca23eda58fbd037061064d8ffc906ba0b78ed42954bb7e8aa26c53b0576fdc85fc44e787163749f68bab046e6a02c6c47740197615720c5616e3a8dafbbdcf2254ef0d862bb64957c35935501", 0xe4}, {&(0x7f0000004600)="aeaeba73dbfb2ca356a5b750d27d4b55cb1106ed6475e035171f9a91feb4c56f2ba94a8af3e3e26357e4d8c662a333678b48d47accd19ff35de6b6302fa3d57cda478f059a61809642202331dad5c25df8c6544134a99a211f03860a1e025ddecf6a38fc4baad31c4dc3b0577368a16deec022ce3860589dd797ec36201b", 0x7e}, {&(0x7f0000004680)="b98522c5dc436191a974e652dfbe8ea053a8d043c8872af69ab41bce1033b6b18c4f10da4dd9f62aed75d92181d5fbfe2890a156ec659cefa78ee0eaa1104c520d623b8be5fddcd28d8ce21da7fc8270189631cdd7fd964c2dd819fd224ec90e70c152d5b1c18b2fb4850c7b812cc26183a36fc441da17e4f0b7f84bbcdd16b4e6b21719a75bee283fe02e595d2b", 0x8e}, {&(0x7f0000002900)="31caa252aa53a21b0c5ab67ec9d202dc8ccc", 0x12}], 0xa, 0x0, 0x0, 0x80}}, {{&(0x7f0000004800)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000004ec0)=[{&(0x7f0000004880)="4661e6248d3a503638c935d323fe4b406aff52fd1cddf5454a1b065f07d3f9f11f69eb8925cdb4ed80b6e836d2e1", 0x2e}, {&(0x7f00000048c0)="37f6939f25ae79ed54b87a165853b28e50da517d4b1da244fbf989c854f9490dd7716f95d8", 0x25}, {&(0x7f0000004900)="629f98a1a0e6707a56f82614620f076f016458918e62729e344f2c40b72d9086518bfaada249cc2ebc067cf386a46a3ac7cd00703087774856ae42350f1f5db632c89e021d6c2010c15b0dcc05ed615463ca4e6b9e4825ac1ce3dc7df70bb414db6429ccc34f9a5c384164ca46d208cce9f88c6209821fd0788ab9f3c10b13eade61ff8d18e0f85f1836045e55c616593a547a685611d0b34729965055fe30d628a768b212adf551094ee47f8b69a7592ca952173832890a38863515659d0b9bcd456a6778ffd7c9e8ae00b78fb9f172ed71ab1658a5773c7534fd8f12322acdb6cd07d164e0c72c9563a0dd2918915b50ac9c53dcbaf7e6f5db23", 0xfb}, {&(0x7f0000004a00)="ee423858e040f8849c1e8ab2b8fe9b7290b192a4bfbcd37a", 0x18}, {&(0x7f0000004a40)="4ebf7a5597b9a1902167de9bac64d07c04ba643d02d864a39e4fab0515b16e9caac79fc1bf05c3d89e65eca750a3117ce567c758d5fca017c37112e96f4cdf9e61aeb59c48b5e87f596502876c585962cd6f2b8dd2588d0a05529fa5e5d06f57376af46b9dbf6d69d89f1b43f324301dcb981b2e4cf110c7b1ef8c6f3588f4e2884f9b90229e13f08781528253331e7c559958a32aaff262585bedbf8e2e21146bd287ef50ab8170119a090f83ef6721ed6de82c7f44668af5844b95d15d03555ac03182310b9bc5908cb7700e24410e7811895c75bb69", 0xd7}, {&(0x7f0000004b40)="ce26897dcd9c1257a82c627fd9402e5720210a0158cc1a695d762e50b8770b7bde8c39ee9c7187ce96f4e1bdabb7f1ac92b6c49a251e61738d2f42176f8ac7f448f102d19cc610a3df13b6f02c1c1db5a7ffb7a40148ed2812bc640301bc6167bae5f05e7a82eb7a3ff688d05e40b06512f959e9a2d7c57511c4a4b8b74dd7eaf365fa0a8da88f0e27591e58a91905b3f5e872148d75d42af099", 0x9a}, {&(0x7f0000004c00)="3b6949cfa2ba3c7ade5f01a83b8b0223d965b30cf98f45494fef545488f27601de3ef31f9ba8004f0259d39163583f8a568c241f3d59ea67637835185af71d9479fc74a38b2e5468f1dae02ef43f6923c789829d2c8e3176395ab915f8988b46f03ff9e3c940c16b6aa5c966888c4ce310e469ac7c1bda871c8092e312d3bcab8392458f53ab", 0x86}, {&(0x7f0000004cc0)="022fcffa81c91efde272f4de6402d74a713f5e4fe653ab1d620704382d0110591bf186c05a10ce3d92995828b82f66ff66edcdf8a51241d8b9709262f69e9add6b14202baba63c599da2603e810ee82c3aea15b2873a6203ff6c388db58cc1f19740caa87e4649d8b4b6869fc9ca879163f34b293183fb4869b1b80b99e0b0383c73ecaf9e99b025a156f02046cbb85f4627597d372c1ae74b789c7c456ee4aafea4f19d3edbf65b43417a8cf301621d71846163bce64990a92bca050ec8429ecd6da1b51965866d1818b797b05e71338af60f7be55031d4b716f1d2b48213", 0xdf}, {&(0x7f0000004dc0)="493896ac7bcd72927b36fd5f3ec104fe6c91377fae3c6cd2293baa3deff2ee088133be552dbc1e9b5413421236274cea5c4e3fe75314822e08c63b6758310aa3c2905b82193baa1a78125c6f10886aa54efb7bc38b85d761bfe2a686cc79570f1930777f526f2fd9929c644f6ab446c98a4f7c631d48d57b2e992d1d7f70fbd0dff66f32f154af9222fd28daaa2265246f0dc0eed011cdfda88970659197354207011a5d9f19fd10b070af9b299e614f3051b39f56128c5c3be07fc04ea4d9851ee24e966dca4c5d72f665e846a9200f699555f628cd4636a6759780a9f22b99de7fbc65ff4f449e133c199b3e16c9be06778da0a0", 0xf5}], 0x9, &(0x7f0000004f80)=[@rights={{0x18, 0x1, 0x1, [r10, r11]}}], 0x18, 0x48004}}], 0x3, 0x84) [ 1773.790414] loop5: detected capacity change from 0 to 96 [ 1773.818965] loop6: detected capacity change from 0 to 24 [ 1773.834085] loop3: detected capacity change from 0 to 96 19:41:30 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x8, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:41:30 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x6, 0x0) [ 1773.849997] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:41:30 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), 0x0) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:41:30 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x9, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) [ 1773.909659] loop5: detected capacity change from 0 to 96 19:41:30 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) r1 = shmget$private(0x0, 0x3000, 0x20, &(0x7f0000ffd000/0x3000)=nil) shmat(r1, &(0x7f0000ff8000/0x8000)=nil, 0x7000) 19:41:30 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 30) 19:41:30 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x4000000, 0x0) 19:41:30 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), 0x0) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:41:30 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x0) 19:41:30 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1774.042136] loop5: detected capacity change from 0 to 96 [ 1774.045273] loop6: detected capacity change from 0 to 24 [ 1774.081644] loop3: detected capacity change from 0 to 96 [ 1774.082169] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:41:41 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:41:41 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), 0x0) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:41:41 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 31) 19:41:42 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x7020000, 0x0) 19:41:42 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0xa, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:41:42 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x9, 0x0) 19:41:42 executing program 7: shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r0, 0xb) shmat(r0, &(0x7f0000ffa000/0x2000)=nil, 0x4000) 19:41:42 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x400, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) [ 1785.486683] loop5: detected capacity change from 0 to 96 [ 1785.488344] loop6: detected capacity change from 0 to 24 [ 1785.497046] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1785.502209] loop3: detected capacity change from 0 to 96 19:41:42 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0xb, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:41:42 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xa, 0x0) 19:41:42 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xf000000, 0x0) 19:41:42 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:41:42 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:41:42 executing program 7: r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x40) shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) symlinkat(&(0x7f0000000040)='./file1\x00', r0, &(0x7f0000000080)='./file0\x00') 19:41:42 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x40, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) shmctl$SHM_LOCK(0x0, 0xb) shmat(r0, &(0x7f0000ffa000/0x2000)=nil, 0x1000) shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x2000) 19:41:42 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 32) [ 1785.629921] loop5: detected capacity change from 0 to 96 [ 1785.631735] loop3: detected capacity change from 0 to 96 [ 1785.632529] loop6: detected capacity change from 0 to 24 [ 1785.650661] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:41:53 executing program 7: ioctl$BTRFS_IOC_INO_PATHS(0xffffffffffffffff, 0xc0389423, &(0x7f0000000040)={0x5, 0x0, [0x9, 0xc, 0x7, 0x2]}) shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) 19:41:53 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0xc, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:41:53 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 33) 19:41:53 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:41:53 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x13000000, 0x0) 19:41:53 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xc, 0x0) 19:41:53 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmat(r0, &(0x7f0000fff000/0x1000)=nil, 0x5000) shmctl$SHM_LOCK(0x0, 0xb) 19:41:53 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1797.154748] loop6: detected capacity change from 0 to 24 [ 1797.160482] loop5: detected capacity change from 0 to 96 [ 1797.160597] loop3: detected capacity change from 0 to 96 [ 1797.166915] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:41:53 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0xd, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:41:53 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xd, 0x0) 19:41:53 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x18000000, 0x0) 19:41:53 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:41:53 executing program 7: setxattr$trusted_overlay_nlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140)={'U+', 0x8000000000005}, 0x16, 0x1) futex(&(0x7f0000000000), 0xd, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0x1, 0x0) shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) 19:41:53 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:41:53 executing program 4: r0 = shmget$private(0x0, 0x1000, 0x400, &(0x7f0000ffe000/0x1000)=nil) mlock2(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0) shmctl$SHM_LOCK(r0, 0xb) 19:41:53 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 34) [ 1797.286362] loop5: detected capacity change from 0 to 96 [ 1797.290565] loop6: detected capacity change from 0 to 24 [ 1797.291786] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:41:53 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x20000000, 0x0) 19:41:53 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:41:53 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xe, 0x0) [ 1797.377670] loop3: detected capacity change from 0 to 96 19:41:53 executing program 7: getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x7, &(0x7f0000000000), &(0x7f0000000040)=0x4) shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) [ 1797.396687] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:41:53 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0xe, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) [ 1797.401922] loop5: detected capacity change from 0 to 96 [ 1797.402302] loop6: detected capacity change from 0 to 24 19:41:53 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:41:53 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xf, 0x0) [ 1797.481410] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:42:06 executing program 7: shmget(0x0, 0x2000, 0x54000402, &(0x7f0000ffb000/0x2000)=nil) 19:42:06 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:42:06 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) r2 = clone3(&(0x7f00000001c0)={0x1a3363500, &(0x7f0000000180), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = getpgid(r2) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r4, &(0x7f0000000200)='E', 0x140000) perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x1f, 0x2, 0x4, 0x3, 0x0, 0x7, 0x40000, 0x6, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffa, 0x5, @perf_config_ext={0x8, 0x100000000}, 0x10, 0x744e47c4, 0x1, 0x17, 0x8001, 0x6, 0xe79, 0x0, 0x401, 0x0, 0x100000000}, r3, 0xc, r4, 0x8) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x4, 0x0, 0x0, 0xffffffffffffffff, r3}) r5 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r5, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r5, 0xb) shmat(r5, &(0x7f0000ffb000/0x2000)=nil, 0x6000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000fff000/0x1000)=nil, 0x5000) shmctl$SHM_LOCK(0x0, 0xb) 19:42:06 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x3f000000, 0x0) 19:42:06 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 35) 19:42:06 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0xf, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:42:06 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x10, 0x0) [ 1810.192109] loop6: detected capacity change from 0 to 24 [ 1810.194706] loop3: detected capacity change from 0 to 96 [ 1810.213591] loop5: detected capacity change from 0 to 96 19:42:06 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:42:06 executing program 7: shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0xca, 0x20, 0x81, 0x4, 0x0, 0x6, 0x0, 0x6, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1ff, 0x0, @perf_bp={&(0x7f0000000000), 0xc}, 0x400, 0x2, 0x800, 0x6, 0x5, 0x185, 0xf000, 0x0, 0x5, 0x0, 0x7}, 0x0, 0xd, 0xffffffffffffffff, 0x3) 19:42:06 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) [ 1810.248353] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:42:06 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x10, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:42:21 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x11, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:42:21 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:42:21 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x11, 0x0) 19:42:21 executing program 7: shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) mremap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x3000, 0x0, &(0x7f0000ffc000/0x3000)=nil) 19:42:21 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x40000100, 0x0) 19:42:21 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x100, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) 19:42:21 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 36) [ 1824.517596] loop5: detected capacity change from 0 to 96 19:42:21 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1824.554942] loop6: detected capacity change from 0 to 24 [ 1824.574240] loop3: detected capacity change from 0 to 96 [ 1824.581264] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:42:21 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x12, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:42:21 executing program 7: r0 = shmget(0x1, 0x1000, 0x4, &(0x7f0000ffb000/0x1000)=nil) shmctl$IPC_RMID(r0, 0x0) 19:42:21 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:42:21 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x12, 0x0) 19:42:21 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xcb000000, 0x0) 19:42:21 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:42:21 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 37) 19:42:21 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_SET(r2, 0x1, &(0x7f0000000300)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(r2, 0xb) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x0) shmctl$SHM_LOCK(r1, 0xb) shmctl$IPC_RMID(r1, 0x0) shmctl$SHM_LOCK(0x0, 0xb) [ 1824.772983] loop6: detected capacity change from 0 to 24 [ 1824.784816] loop5: detected capacity change from 0 to 96 [ 1824.793514] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:42:21 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x13, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) [ 1824.825854] loop3: detected capacity change from 0 to 96 19:42:21 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:42:21 executing program 7: shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000080)={{0x2, 0x0, 0x0, 0xee01}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) shmctl$SHM_LOCK(0x0, 0xb) shmat(0x0, &(0x7f0000ffb000/0x2000)=nil, 0x0) 19:42:21 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xe5ffffff, 0x0) 19:42:21 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:42:21 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x1000) [ 1824.989563] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1824.994809] loop6: detected capacity change from 0 to 24 19:42:33 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) 19:42:33 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x13, 0x0) 19:42:33 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x1804, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$SHM_LOCK(0x0, 0xb) 19:42:33 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:42:33 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 38) 19:42:33 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x14, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:42:33 executing program 7: r0 = shmget(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000ffb000/0x2000)=nil, 0x6000) shmget$private(0x0, 0x1000, 0x2, &(0x7f0000ffc000/0x1000)=nil) 19:42:33 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xf6ffffff, 0x0) [ 1837.044329] loop3: detected capacity change from 0 to 96 [ 1837.067454] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1837.076233] loop6: detected capacity change from 0 to 24 [ 1837.078325] loop5: detected capacity change from 0 to 96 19:42:33 executing program 7: llistxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=""/19, 0x13) r0 = shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmat(r0, &(0x7f0000ffb000/0x2000)=nil, 0x1000) 19:42:45 executing program 7: shmget(0x1, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil) shmget(0x3, 0x4000, 0x8, &(0x7f0000ffb000/0x4000)=nil) 19:42:45 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x15, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:42:45 executing program 4: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) r1 = shmget(0x1, 0x3000, 0x2, &(0x7f0000ffd000/0x3000)=nil) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x6000) shmctl$SHM_LOCK(0x0, 0xb) [ 1848.813207] loop6: detected capacity change from 0 to 24 19:42:45 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x18, 0x0) 19:42:45 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 39) 19:42:45 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xfffff000, 0x0) 19:42:45 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:42:45 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1848.836864] loop5: detected capacity change from 0 to 96 19:42:45 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) [ 1848.868362] loop3: detected capacity change from 0 to 96 19:42:45 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f", 0x2c, 0x1800}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xffffffe5, 0x0) [ 1848.886366] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 19:42:45 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x16, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) 19:42:45 executing program 4: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ftruncate(r2, 0x5) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1) sendmsg$NL80211_CMD_SET_MCAST_RATE(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x20, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7, 0x5}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x21c}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x5a}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x400c010) r3 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r3, 0xb) shmctl$SHM_LOCK(0x0, 0xb) 19:42:45 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (fail_nth: 40) [ 1848.944874] loop6: detected capacity change from 0 to 24 19:42:45 executing program 7: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat(r1, &(0x7f0000000100)='./file1\x00', 0x42, 0x345) ioctl$SCSI_IOCTL_DOORUNLOCK(r1, 0x5381) 19:42:45 executing program 2: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) r1 = epoll_create(0x4) openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/vmstat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000140)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:42:45 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736698fa1b00080801000240004000f801", 0x17}, {&(0x7f0000010100)="f8ffff00f0ff", 0x6, 0x800}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100010e770325132510000e770325103", 0x5b, 0x1800}, {&(0x7f0000010500)="2e20202020202020202020100010e770325132510000e77032510300000000002e2e20202020202020202010", 0x2c, 0x6000}], 0x0, &(0x7f0000010d00)) openat(r0, &(0x7f0000000040)='./file0\x00', 0xf0, 0x0) 19:42:45 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c00f0ff", @ANYRES16=r1, @ANYBLOB="050000000000ffdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB='\n\x004'], 0x3c}}, 0x0) [ 1848.982270] loop3: detected capacity change from 0 to 96 19:42:45 executing program 0: r0 = syz_io_uring_setup(0x650f, &(0x7f00000001c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x17, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/111, 0x6f}, {&(0x7f0000000340)=""/108, 0x6c}], 0x2) [ 1849.017822] ------------[ cut here ]------------ [ 1849.018570] WARNING: CPU: 0 PID: 10294 at lib/iov_iter.c:465 copy_page_to_iter+0x18f/0x1e0 [ 1849.019701] Modules linked in: [ 1849.020194] CPU: 0 PID: 10294 Comm: syz-executor.4 Not tainted 6.3.0-rc3-next-20230327 #1 [ 1849.021288] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1849.022403] RIP: 0010:copy_page_to_iter+0x18f/0x1e0 [ 1849.023107] Code: 48 89 ee e8 b3 8a 36 ff 48 81 fd 00 10 00 00 0f 85 5e ff ff ff e8 d1 8e 36 ff 49 83 c5 40 31 ed e9 4e ff ff ff e8 c1 8e 36 ff <0f> 0b 45 31 f6 e8 b7 8e 36 ff 4c 89 f0 48 83 c4 10 5b 5d 41 5c 41 [ 1849.025411] RSP: 0018:ffff888043b87930 EFLAGS: 00010212 [ 1849.026129] RAX: 0000000000000165 RBX: 0000000000000080 RCX: ffffc900045e6000 [ 1849.027071] RDX: 0000000000040000 RSI: ffffffff8214fa1f RDI: 0000000000000001 [ 1849.027981] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 1849.028937] R10: 0000000000000080 R11: 0000000000000001 R12: 0000000000000005 [ 1849.029887] R13: ffffea0001124880 R14: 0000000000000000 R15: ffff888043b87d58 [ 1849.030859] FS: 00007f4ee58e4700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 1849.031630] loop5: detected capacity change from 0 to 96 [ 1849.031925] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1849.033113] CR2: 00007f1a7101e3a4 CR3: 000000004302e000 CR4: 0000000000350ef0 [ 1849.037173] Call Trace: [ 1849.037531] [ 1849.037845] ? folio_mark_accessed+0x67/0x5e0 [ 1849.038519] filemap_read+0x60e/0xb90 [ 1849.039095] ? __pfx_filemap_read+0x10/0x10 [ 1849.039682] ? __switch_to+0x5c6/0xeb0 [ 1849.040251] ? __pfx___lock_acquire+0x10/0x10 [ 1849.040884] ? __pfx_mark_lock.part.0+0x10/0x10 [ 1849.041573] ? __schedule+0x995/0x2a00 [ 1849.042171] generic_file_read_iter+0x35c/0x550 [ 1849.042847] do_iter_readv_writev+0x2f0/0x3c0 [ 1849.043506] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1849.044224] ? security_file_permission+0xb5/0xe0 [ 1849.044898] do_iter_read+0x2fb/0x750 [ 1849.045475] ? import_iovec+0x87/0xb0 [ 1849.046037] vfs_readv+0xe5/0x160 [ 1849.046543] ? __pfx_vfs_readv+0x10/0x10 [ 1849.047135] ? __mutex_lock+0x12a1/0x1a30 [ 1849.047731] ? __pfx_lock_release+0x10/0x10 [ 1849.048360] ? kmem_cache_free+0xff/0x4a0 [ 1849.048948] ? __fdget_pos+0xeb/0x110 [ 1849.049504] ? __pfx___mutex_lock+0x10/0x10 [ 1849.050130] ? do_futex+0x13a/0x380 [ 1849.050689] ? __fget_files+0x270/0x480 [ 1849.051298] do_readv+0x133/0x300 [ 1849.051794] ? __pfx_do_readv+0x10/0x10 [ 1849.052384] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1849.053144] do_syscall_64+0x3f/0x90 [ 1849.053668] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1849.054396] RIP: 0033:0x7f4ee836eb19 [ 1849.054909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1849.057263] RSP: 002b:00007f4ee58e4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 1849.058302] RAX: ffffffffffffffda RBX: 00007f4ee8481f60 RCX: 00007f4ee836eb19 [ 1849.059266] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000005 [ 1849.060230] RBP: 00007f4ee83c8f6d R08: 0000000000000000 R09: 0000000000000000 [ 1849.061196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1849.062160] R13: 00007ffc8691138f R14: 00007f4ee58e4300 R15: 0000000000022000 [ 1849.063175] [ 1849.063503] irq event stamp: 1741 [ 1849.063968] hardirqs last enabled at (1751): [] __up_console_sem+0x78/0x80 [ 1849.065158] hardirqs last disabled at (1764): [] __up_console_sem+0x5d/0x80 [ 1849.066332] softirqs last enabled at (1422): [] __irq_exit_rcu+0xcc/0x110 [ 1849.067503] softirqs last disabled at (1417): [] __irq_exit_rcu+0xcc/0x110 [ 1849.068668] ---[ end trace 0000000000000000 ]--- VM DIAGNOSIS: 19:42:45 Registers: info registers vcpu 0 RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff824f8615 RDI=ffffffff87f0bdc0 RBP=ffffffff87f0bd80 RSP=ffff888043b87328 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000035 R11=0000000000000001 R12=0000000000000035 R13=ffffffff87f0bd80 R14=0000000000000010 R15=ffffffff824f8600 RIP=ffffffff824f866d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f4ee58e4700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f1a7101e3a4 CR3=000000004302e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f4ee84557c000007f4ee84557c8 XMM02=00007f4ee84557e000007f4ee84557c0 XMM03=00007f4ee84557c800007f4ee84557c0 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000000 RCX=0000000000000000 RDX=0000000000000000 RSI=0000000000000000 RDI=ffff88800f19fab8 RBP=ffff8880193c7000 RSP=ffff88800f19fa20 R8 =0000000000000005 R9 =ffff88800f19fa70 R10=0000000000000000 R11=0000000000000001 R12=00000000ffffffa1 R13=ffff88801bf47000 R14=ffff8880444cfdb8 R15=ffff88800f19fa70 RIP=ffffffff8447148f RFL=00000216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa758862700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f463865e7c0 CR3=000000001bb38000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00007fa75b3d37e000007fa75b3d37c0 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=20202020202030454c4946ffffffff00 XMM06=00ffffffffffffffffffff0000fc000f XMM07=00300065006c00690066410000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000